ocsp.pki.goog/s/gts1d4/8rsQqDVBdis
472 B URL ocsp.pki.goog/s/gts1d4/8rsQqDVBdis
IP
Hash a418602032812528f221ee24f8106d69
332d139b3147c5a50ab5177981ff0eefbbbaa427
f7fa9b04684193a84c67854d4d172b98a6ddc0a3e922b6c7155d40e1b7175bde
POST /s/gts1d4/8rsQqDVBdis HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.confessionsstories.com/
200 OK 38 kB URL GET HTTP/2 www.confessionsstories.com/
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967)
Hash 403699874e742783dad74f9fa8037554
6c043715a04ce6c9a03c9ad6f3356b7651b90d01
0fb01a0d2f16f5397f550aa993510b030ad5f55100786cf1eb89ebddb14505ef
GET / HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 22:14:55 GMT
date: Sat, 23 Sep 2023 22:14:55 GMT
cache-control: private, max-age=0
last-modified: Thu, 21 Sep 2023 00:47:38 GMT
etag: W/"7510eba6c89b5dfcd8fc1f4e668725c2d8decc7bcba5d3538c876eb3b75c3c74"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 38255
server: GSE
X-Firefox-Spdy: h2
www.confessionsstories.com/js/cookienotice.js
200 OK 2.0 kB URL GET HTTP/2 www.confessionsstories.com/js/cookienotice.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 23 Sep 2023 22:14:56 GMT
expires: Sat, 30 Sep 2023 22:14:56 GMT
cache-control: public, max-age=604800
last-modified: Sat, 23 Sep 2023 20:50:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
200 OK 7.8 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (35959)
Hash 1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 20:27:35 GMT
expires: Tue, 17 Sep 2024 20:27:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 14:53:49 GMT
content-type: text/css
vary: Accept-Encoding
age: 438441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 7.4 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 05/01/2023 15:40:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b9f68144baab9564a7e8739a4135280d
cdn-cache: HIT
cf-cache-status: HIT
age: 5765294
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80b624b89ce5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL GET HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 13:51:49 GMT
expires: Sat, 30 Sep 2023 13:51:49 GMT
cache-control: public, max-age=604800
last-modified: Sat, 23 Sep 2023 06:53:52 GMT
content-type: image/gif
age: 30187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
200 OK 34 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (32341)
Hash 8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 16:36:53 GMT
expires: Tue, 17 Sep 2024 16:36:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 452283
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/562952797-widgets.js
200 OK 160 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/562952797-widgets.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2215)
Size 160 kB (160393 bytes)
Hash 0804e4c7fd72aea2ce34a04d9ec9686c
9f46bef1076230a1271d151a506fd1d91ae7df93
5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c
GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 160393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:50 GMT
expires: Thu, 19 Sep 2024 02:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 330786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl18548636.highcpmrevenuenetwork.com/e2/2f/e2/e22fe2138e3f63642753547dd0d1eb45.js
200 OK 17 kB URL GET HTTP/1.1 pl18548636.highcpmrevenuenetwork.com/e2/2f/e2/e22fe2138e3f63642753547dd0d1eb45.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
FingerprintDE:6B:FD:8F:4F:66:E5:C6:1D:0F:7F:FA:0D:2B:29:84:C2:D0:A7:9C
ValiditySun, 20 Aug 2023 06:36:17 GMT - Sat, 18 Nov 2023 06:36:16 GMT
File type ASCII text, with very long lines (42704), with no line terminators
Hash 50137df50b46e0fab393104aaa1de9ac
271ab55a876a7428bb4d4464ee2bf2d80431bf93
a2cf6af3868b126044c81f2b15847502f2c6ca23b0bab172c2da51f21ab009e5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /e2/2f/e2/e22fe2138e3f63642753547dd0d1eb45.js HTTP/1.1
Host: pl18548636.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:14:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1d61c614e7814b26d2afb44638acd53c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl18548748.highcpmrevenuenetwork.com/ce/02/7b/ce027b1d785710849ef059d7d384704a.js
200 OK 13 kB URL GET HTTP/1.1 pl18548748.highcpmrevenuenetwork.com/ce/02/7b/ce027b1d785710849ef059d7d384704a.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
FingerprintDE:6B:FD:8F:4F:66:E5:C6:1D:0F:7F:FA:0D:2B:29:84:C2:D0:A7:9C
ValiditySun, 20 Aug 2023 06:36:17 GMT - Sat, 18 Nov 2023 06:36:16 GMT
File type ASCII text, with very long lines (37138), with no line terminators
Hash ba67d927db8f7003a9cfa7457ff2b2f6
362a957ad710968d743f3fc23f85a9e1b1abcc2f
44a161130179304f6843c3ec5e3f80973598e018a9eeb93a26722070cafa0977
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ce/02/7b/ce027b1d785710849ef059d7d384704a.js HTTP/1.1
Host: pl18548748.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 23 Sep 2023 22:14:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 450cb1e546ee523805d1b2aaebd29367
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 6c9e8534605c94d44deb96ea6eec0d5f
4fe4efa9b812f4c6aaf42589ce475ab379db6f39
da753b7746d232637f22c241c8a32db3b35c68ce66bdece0b651f66b8671e1ad
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 23 Sep 2023 22:14:56 GMT
Last-Modified: Sat, 23 Sep 2023 20:29:10 GMT
Server: ECAcc (ska/F78B)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4DH63q3imeOq2SQsd3lVheWZxDCHkWNhN7pAVYzt8R5valmulMea5g==
Age: 6346
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 6c9e8534605c94d44deb96ea6eec0d5f
4fe4efa9b812f4c6aaf42589ce475ab379db6f39
da753b7746d232637f22c241c8a32db3b35c68ce66bdece0b651f66b8671e1ad
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 23 Sep 2023 22:14:56 GMT
Last-Modified: Sat, 23 Sep 2023 20:29:12 GMT
Server: ECAcc (ska/F7B4)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ROK39pRPdw1T4c2M1wYJF17ZC1Is6TkQPVMYM671XZBM3eLwVRd1xg==
Age: 6344
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 23 Sep 2023 22:14:56 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 06/15/2023 15:40:53
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f77510404dcb25a88d8ca278532f1027
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80b624bdafb1b4f4-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:25:53 GMT
expires: Fri, 20 Sep 2024 15:25:53 GMT
cache-control: public, max-age=31536000
age: 197343
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1e1eae6d3cd584f6ae2d0d980bd1510a
a9141c17555960f2208291b3d9c87d13c3ff3b37
0726bb30957803804ce7568b22fd4c8da6340f719ba8ad9bec2c8a617f43b265
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.confessionsstories.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; expires=Tue, 20 Sep 2033 22:14:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 04:50:55 GMT
expires: Fri, 20 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 235441
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b1abc8a7d42f0fdbda09daf6a023a193
6888469000db31d96583886803afa8baa0d244f5
cf05c82cfe67416752ef62eba22313746e4cd22e0e4106643580a78ac5198f10
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.confessionsstories.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7:2:1; expires=Tue, 20 Sep 2033 22:14:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Trs8PnU-6HM/YXzqef83WaI/AAAAAAAABHI/z_SrEnf0lfU8MyC3SakDK_LL5nEIB01uwCLcBGAsYHQ/s1600/logoblogger.png
200 OK 385 kB URL GET HTTP/2 1.bp.blogspot.com/-Trs8PnU-6HM/YXzqef83WaI/AAAAAAAABHI/z_SrEnf0lfU8MyC3SakDK_LL5nEIB01uwCLcBGAsYHQ/s1600/logoblogger.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 1600 x 1148, 8-bit/color RGBA, non-interlaced\012- data
Size 385 kB (384699 bytes)
Hash 5e0844be698268e1143769795b382955
efdca6836c60907a00f476c53896e388cb8dc1d1
572ebb9dd92332d08bccea0d47a1afbc01c8b6e2e4e897d34edddb059d47346b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Trs8PnU-6HM/YXzqef83WaI/AAAAAAAABHI/z_SrEnf0lfU8MyC3SakDK_LL5nEIB01uwCLcBGAsYHQ/s1600/logoblogger.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v474"
expires: Sun, 24 Sep 2023 22:14:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logoblogger.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:14:57 GMT
server: fife
content-length: 384699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 17d4dac18fa2e921b6142e9a6e7638e9
3e4d5337720590d6a2b8941baf90fa8dfd9d752b
f367bf987bcfb690ef53baf4cca8970b83fe522c820de2babb8cb3c943fa84c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reptileineffectivebackup.com/pixel/purst?dl=0&th=0&sc=0&rs=1559&rd=1559&fd=861&bv=23.9.v.3&tmpl=70
200 OK 0 B URL GET HTTP/1.1 reptileineffectivebackup.com/pixel/purst?dl=0&th=0&sc=0&rs=1559&rd=1559&fd=861&bv=23.9.v.3&tmpl=70
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectreptileineffectivebackup.com
FingerprintE2:D7:D6:C1:49:87:5C:D7:0B:60:0B:69:E4:9F:AE:80:1C:3B:9A:DE
ValidityTue, 19 Sep 2023 07:06:44 GMT - Mon, 18 Dec 2023 07:06:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1559&rd=1559&fd=861&bv=23.9.v.3&tmpl=70 HTTP/1.1
Host: reptileineffectivebackup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 23 Sep 2023 22:14:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
massivebelieved.com/08ca4d32b35eab29744397f013c4d616/invoke.js
200 OK 11 kB URL GET HTTP/1.1 massivebelieved.com/08ca4d32b35eab29744397f013c4d616/invoke.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectmassivebelieved.com
Fingerprint03:F3:6E:5E:5A:95:B3:21:0B:2E:C7:FF:15:04:03:B6:CE:E0:86:63
ValiditySun, 27 Aug 2023 07:51:06 GMT - Sat, 25 Nov 2023 07:51:05 GMT
File type exported SGML document, ASCII text, with very long lines (29598), with no line terminators
Hash de548b98a75893bd3d1ab8a2c2694dc7
0bd471fd16e67b687b5e640aaf8b191164732872
5f75a1c558d7337a3e872b667cbab4a517326e68d8129a3de1ff92642749ee09
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /08ca4d32b35eab29744397f013c4d616/invoke.js HTTP/1.1
Host: massivebelieved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:14:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb1c1f3231593a5f544a4ed76f03bc6b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 10:05:24 GMT
expires: Sat, 21 Sep 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 130173
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
200 OK 17 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 10:40:56 GMT
expires: Sun, 22 Sep 2024 10:40:56 GMT
cache-control: public, max-age=31536000
age: 41641
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
seemreflexdisable.com/sbar.json?key=ce027b1d785710849ef059d7d384704a&uuid=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d%3A2%3A1
200 OK 4.2 kB URL GET HTTP/1.1 seemreflexdisable.com/sbar.json?key=ce027b1d785710849ef059d7d384704a&uuid=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d%3A2%3A1
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6257), with no line terminators
Hash 0a7cc7442d5a30ee5a49103f22619c26
58152067c32cbb65bf68c56372720561a820e404
8cb67069047ac55704ab4823771d1f5960a26a33bd971fe8fd925722e167acb1
GET /sbar.json?key=ce027b1d785710849ef059d7d384704a&uuid=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d%3A2%3A1 HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:14:57 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.confessionsstories.com
Access-Control-Allow-Origin: https://www.confessionsstories.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18448249; expires=Sun, 24 Sep 2023 22:14:57 GMT; secure; SameSite=None
uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; expires=Sat, 30 Sep 2023 22:14:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 24 Sep 2023 22:14:57 GMT; secure; SameSite=None
uncs=1; expires=Sun, 24 Sep 2023 22:14:57 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 24 Sep 2023 22:14:57 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 24 Sep 2023 22:14:57 GMT; secure; SameSite=None
slecce027b1d785710849ef059d7d384704a=[4416743]; expires=Sat, 23 Sep 2023 22:15:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 593adbf6c7eac88834e726b953583ee1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
seemreflexdisable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitjjlFUVw8uIgwiIKCmXR3etLT7mExu0aCcbPsuupNqquqJ2Wqu5qq7ulJLgYXZI%2BzePPUeZNsUMOiF2%2F%2BMPEiASHjKYI5CCJ4EhZylkmCw36X73vf%2Bw6v3qvPtssT4qKkx0vv6k2pFJ1rNd3Gqx963pXGiszKXqPXXvhoIbjSMN03PDdquq813hZsXc%2F5rue6nus1lqQRie7NeZ7XdCHz%2FchrRm4z8JteK0DPPI5t6cBSB7x7Qi5B8tHM%2FsMAkg2Rpd9cF3a90Pnrb6WlooU26PK9O9l6pqsM6WRMjIMk27u4hrZHSz9AZ7tngqG7%2Fx%2FGckScv%2F5EnO1dqETc3T0XGiuIDDF%2FElV3CKGGkHQIpu9C8iMCMI4bq8jSBze0qejGOUvH7IhMnz6CrEZk%2Bo%2FnkKUPF5XsNW5rVRZSZxa9pIbsDSE7Q%2BTlAYrNKcjqAKz4FJL%2FSuZOV5ClO6tWaUh%2B%2FLInvDiJWTLbCsKF2YDycLadcDrb4kmbJ1G8wEN%2B5pCUQ8hkCCX6oHYKpXVQSgdl4qDMHaT8uBGyoN3m7RangjE%2FTrx2EiRBRJmbMHc%2B8lGy8Rv6KPI%2BmOqDmS3kZgvr8v5R6xJM%2BRPsWg3LHdiCoMtrVIKgsgQVJagkQVUQVN16lyvr2%2FoBV7aMvYvuX%2FT5eqCLzjbd1UVHZGQ7PyHPjr1zLn%2BygXVx3GDC9cPY42G7FXpuO4hE4rYiHvL5dhC6AYWVNaSdArUONuWIvHTnH%2BRyRGZ%2BWUNMD2DVAZh8AbR8EbQahL4LujYI2i42s%2B%2BYzhJh7TgPW2gjhW0ynYLrGnkxjWLD2VYn5PJZmtf43xDs8Orvs0%2B%2FP%2F3852CmRm5qfCx%2FJuioe4NbuiI7t3RlybereSFTuUnHSd8uaCGmv3pHbFTa8OXrtv%2Flm2xMjMf994QtVmjGZdax5OtFybkwS9owQb5fth%2BI%2BGZp1xZLk5X5ys1rS8tpbs71DkHliJDBIzA5Ik99cXr2i19ZnIE0Q5iyRloekouC1Adg%2BRZsPtlZTWDUBMe5g6qsB8aPJ0slCZSYYBrXsGJiQiwOf%2Fz3nNu299AxDmhxF1lao2tqdFUNqvqw5RODIjeHV3%2BbPyvEyhnEyjg7sTLq%2Frm5Vh43RCgWoihwg5C7bhxw3%2FdagtH5gEbU95MQhR2JZxj9DwAA%2F%2F8BAAD%2F%2Fw8beMWSBAAA
200 OK 7 B URL GET HTTP/1.1 seemreflexdisable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitjjlFUVw8uIgwiIKCmXR3etLT7mExu0aCcbPsuupNqquqJ2Wqu5qq7ulJLgYXZI%2BzePPUeZNsUMOiF2%2F%2BMPEiASHjKYI5CCJ4EhZylkmCw36X73vf%2Bw6v3qvPtssT4qKkx0vv6k2pFJ1rNd3Gqx963pXGiszKXqPXXvhoIbjSMN03PDdquq813hZsXc%2F5rue6nus1lqQRie7NeZ7XdCHz%2FchrRm4z8JteK0DPPI5t6cBSB7x7Qi5B8tHM%2FsMAkg2Rpd9cF3a90Pnrb6WlooU26PK9O9l6pqsM6WRMjIMk27u4hrZHSz9AZ7tngqG7%2Fx%2FGckScv%2F5EnO1dqETc3T0XGiuIDDF%2FElV3CKGGkHQIpu9C8iMCMI4bq8jSBze0qejGOUvH7IhMnz6CrEZk%2Bo%2FnkKUPF5XsNW5rVRZSZxa9pIbsDSE7Q%2BTlAYrNKcjqAKz4FJL%2FSuZOV5ClO6tWaUh%2B%2FLInvDiJWTLbCsKF2YDycLadcDrb4kmbJ1G8wEN%2B5pCUQ8hkCCX6oHYKpXVQSgdl4qDMHaT8uBGyoN3m7RangjE%2FTrx2EiRBRJmbMHc%2B8lGy8Rv6KPI%2BmOqDmS3kZgvr8v5R6xJM%2BRPsWg3LHdiCoMtrVIKgsgQVJagkQVUQVN16lyvr2%2FoBV7aMvYvuX%2FT5eqCLzjbd1UVHZGQ7PyHPjr1zLn%2BygXVx3GDC9cPY42G7FXpuO4hE4rYiHvL5dhC6AYWVNaSdArUONuWIvHTnH%2BRyRGZ%2BWUNMD2DVAZh8AbR8EbQahL4LujYI2i42s%2B%2BYzhJh7TgPW2gjhW0ynYLrGnkxjWLD2VYn5PJZmtf43xDs8Orvs0%2B%2FP%2F3852CmRm5qfCx%2FJuioe4NbuiI7t3RlybereSFTuUnHSd8uaCGmv3pHbFTa8OXrtv%2Flm2xMjMf994QtVmjGZdax5OtFybkwS9owQb5fth%2BI%2BGZp1xZLk5X5ys1rS8tpbs71DkHliJDBIzA5Ik99cXr2i19ZnIE0Q5iyRloekouC1Adg%2BRZsPtlZTWDUBMe5g6qsB8aPJ0slCZSYYBrXsGJiQiwOf%2Fz3nNu299AxDmhxF1lao2tqdFUNqvqw5RODIjeHV3%2BbPyvEyhnEyjg7sTLq%2Frm5Vh43RCgWoihwg5C7bhxw3%2FdagtH5gEbU95MQhR2JZxj9DwAA%2F%2F8BAAD%2F%2Fw8beMWSBAAA
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitjjlFUVw8uIgwiIKCmXR3etLT7mExu0aCcbPsuupNqquqJ2Wqu5qq7ulJLgYXZI%2BzePPUeZNsUMOiF2%2F%2BMPEiASHjKYI5CCJ4EhZylkmCw36X73vf%2Bw6v3qvPtssT4qKkx0vv6k2pFJ1rNd3Gqx963pXGiszKXqPXXvhoIbjSMN03PDdquq813hZsXc%2F5rue6nus1lqQRie7NeZ7XdCHz%2FchrRm4z8JteK0DPPI5t6cBSB7x7Qi5B8tHM%2FsMAkg2Rpd9cF3a90Pnrb6WlooU26PK9O9l6pqsM6WRMjIMk27u4hrZHSz9AZ7tngqG7%2Fx%2FGckScv%2F5EnO1dqETc3T0XGiuIDDF%2FElV3CKGGkHQIpu9C8iMCMI4bq8jSBze0qejGOUvH7IhMnz6CrEZk%2Bo%2FnkKUPF5XsNW5rVRZSZxa9pIbsDSE7Q%2BTlAYrNKcjqAKz4FJL%2FSuZOV5ClO6tWaUh%2B%2FLInvDiJWTLbCsKF2YDycLadcDrb4kmbJ1G8wEN%2B5pCUQ8hkCCX6oHYKpXVQSgdl4qDMHaT8uBGyoN3m7RangjE%2FTrx2EiRBRJmbMHc%2B8lGy8Rv6KPI%2BmOqDmS3kZgvr8v5R6xJM%2BRPsWg3LHdiCoMtrVIKgsgQVJagkQVUQVN16lyvr2%2FoBV7aMvYvuX%2FT5eqCLzjbd1UVHZGQ7PyHPjr1zLn%2BygXVx3GDC9cPY42G7FXpuO4hE4rYiHvL5dhC6AYWVNaSdArUONuWIvHTnH%2BRyRGZ%2BWUNMD2DVAZh8AbR8EbQahL4LujYI2i42s%2B%2BYzhJh7TgPW2gjhW0ynYLrGnkxjWLD2VYn5PJZmtf43xDs8Orvs0%2B%2FP%2F3852CmRm5qfCx%2FJuioe4NbuiI7t3RlybereSFTuUnHSd8uaCGmv3pHbFTa8OXrtv%2Flm2xMjMf994QtVmjGZdax5OtFybkwS9owQb5fth%2BI%2BGZp1xZLk5X5ys1rS8tpbs71DkHliJDBIzA5Ik99cXr2i19ZnIE0Q5iyRloekouC1Adg%2BRZsPtlZTWDUBMe5g6qsB8aPJ0slCZSYYBrXsGJiQiwOf%2Fz3nNu299AxDmhxF1lao2tqdFUNqvqw5RODIjeHV3%2BbPyvEyhnEyjg7sTLq%2Frm5Vh43RCgWoihwg5C7bhxw3%2FdagtH5gEbU95MQhR2JZxj9DwAA%2F%2F8BAAD%2F%2Fw8beMWSBAAA HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: u_pl=18448249; uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecce027b1d785710849ef059d7d384704a=[4416743]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:14:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b3a77bff58194be1b85c02e02e9fef1
Strict-Transport-Security: max-age=0; includeSubdomains
seventybrush.com/watch.905131969962.js?key=08ca4d32b35eab29744397f013c4d616&kw=%5B%22confessions%22%2C%22and%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.confessionsstories.com%2F&tz=0&dev=e&res=14.2079&uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 seventybrush.com/watch.905131969962.js?key=08ca4d32b35eab29744397f013c4d616&kw=%5B%22confessions%22%2C%22and%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.confessionsstories.com%2F&tz=0&dev=e&res=14.2079&uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseventybrush.com
Fingerprint30:AC:D9:1A:CD:C2:BA:AB:81:0C:36:7F:1A:82:11:FD:72:D4:45:EB
ValidityMon, 18 Sep 2023 15:33:07 GMT - Sun, 17 Dec 2023 15:33:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.905131969962.js?key=08ca4d32b35eab29744397f013c4d616&kw=%5B%22confessions%22%2C%22and%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.confessionsstories.com%2F&tz=0&dev=e&res=14.2079&uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1 HTTP/1.1
Host: seventybrush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 23 Sep 2023 22:14:58 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.confessionsstories.com
Access-Control-Allow-Origin: https://www.confessionsstories.com
Access-Control-Allow-Credentials: true
Location: https://seventybrush.com/watch.905131969962.js?key=08ca4d32b35eab29744397f013c4d616&kw=%5B%22confessions%22%2C%22and%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.confessionsstories.com%2F&tz=0&dev=e&res=14.2079&uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1&shu=bd2204103d46bc8abe7ebbd07179eff7655251a5ff0d8a168c18f30155c19d1749d972dc9e3d271665e5c15febba6f3e29bb812ab2ea1c13c435607433582275bbb37389de8f5c38786d62d7695a5e334030aeeb18d38112a355cdbdca&pst=1695507358&rmtc=t
Set-Cookie: u_pl=18449164; expires=Sun, 24 Sep 2023 22:14:58 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0OTE2NCwiayI6IjA4Y2E0ZDMyYjM1ZWFiMjk3NDQzOTdmMDEzYzRkNjE2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUwMjE4LCJwaWQiOjcwNjkyMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5bnE5cnUxMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmNvbmZlc3Npb25zc3Rvcmllcy5jb20vIn19.2gMHcma2fR_jz2By2JJ3P1XY6xyPXmGmDLLTjDbVhf0; expires=Sat, 23 Sep 2023 22:15:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71635e10fb383f41df972b5c9aef3ac6
Strict-Transport-Security: max-age=0; includeSubdomains
seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=119
200 OK 0 B URL GET HTTP/1.1 seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=119
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=119 HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: u_pl=18448249; uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecce027b1d785710849ef059d7d384704a=[4416743]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:14:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.confessionsstories.com/feeds/posts/default?alt=json-in-script&max-results=7&callback=_fHfQ
200 OK 34 kB URL GET HTTP/2 www.confessionsstories.com/feeds/posts/default?alt=json-in-script&max-results=7&callback=_fHfQ
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
File type Unicode text, UTF-8 text, with very long lines (65507)
Hash 2544e6856bfafd3a4ab89ae4faf87978
0d560fad551d70e60d2bc964199142d375eda6ab
0e90e06bc8cf2bc32e64c524643f2df3bc4e01020da17adc3fbead47933025e5
GET /feeds/posts/default?alt=json-in-script&max-results=7&callback=_fHfQ HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1; sb_main_ce027b1d785710849ef059d7d384704a=1; sb_count_ce027b1d785710849ef059d7d384704a=1; ppu_main_e22fe2138e3f63642753547dd0d1eb45=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"e62286c663e7f386c9f9b821629fb723584dc9d3e716cc201ed762e37e11a875"
date: Sat, 23 Sep 2023 22:14:57 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 23 Sep 2023 22:14:58 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 00:47:38 GMT
content-encoding: gzip
content-length: 33474
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
seventybrush.com/watch.905131969962.js?key=08ca4d32b35eab29744397f013c4d616&kw=%5B%22confessions%22%2C%22and%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.confessionsstories.com%2F&tz=0&dev=e&res=14.2079&uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1&shu=bd2204103d46bc8abe7ebbd07179eff7655251a5ff0d8a168c18f30155c19d1749d972dc9e3d271665e5c15febba6f3e29bb812ab2ea1c13c435607433582275bbb37389de8f5c38786d62d7695a5e334030aeeb18d38112a355cdbdca&pst=1695507358&rmtc=t
200 OK 2.1 kB URL GET HTTP/1.1 seventybrush.com/watch.905131969962.js?key=08ca4d32b35eab29744397f013c4d616&kw=%5B%22confessions%22%2C%22and%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.confessionsstories.com%2F&tz=0&dev=e&res=14.2079&uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1&shu=bd2204103d46bc8abe7ebbd07179eff7655251a5ff0d8a168c18f30155c19d1749d972dc9e3d271665e5c15febba6f3e29bb812ab2ea1c13c435607433582275bbb37389de8f5c38786d62d7695a5e334030aeeb18d38112a355cdbdca&pst=1695507358&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseventybrush.com
Fingerprint30:AC:D9:1A:CD:C2:BA:AB:81:0C:36:7F:1A:82:11:FD:72:D4:45:EB
ValidityMon, 18 Sep 2023 15:33:07 GMT - Sun, 17 Dec 2023 15:33:06 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2637)
Hash daa29d758a026f45460b2c99dc425b83
f7cb7761c1e67e64737b6551da8ac057c0c7371a
e8704c46942719531821b43cb3a9cefa4e9c03e7afe5f502365a35bbee265459
GET /watch.905131969962.js?key=08ca4d32b35eab29744397f013c4d616&kw=%5B%22confessions%22%2C%22and%22%2C%22stories%22%5D&refer=https%3A%2F%2Fwww.confessionsstories.com%2F&tz=0&dev=e&res=14.2079&uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1&shu=bd2204103d46bc8abe7ebbd07179eff7655251a5ff0d8a168c18f30155c19d1749d972dc9e3d271665e5c15febba6f3e29bb812ab2ea1c13c435607433582275bbb37389de8f5c38786d62d7695a5e334030aeeb18d38112a355cdbdca&pst=1695507358&rmtc=t HTTP/1.1
Host: seventybrush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
Referer: https://www.confessionsstories.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18449164; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODQ0OTE2NCwiayI6IjA4Y2E0ZDMyYjM1ZWFiMjk3NDQzOTdmMDEzYzRkNjE2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjUwMjE4LCJwaWQiOjcwNjkyMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5bnE5cnUxMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmNvbmZlc3Npb25zc3Rvcmllcy5jb20vIn19.2gMHcma2fR_jz2By2JJ3P1XY6xyPXmGmDLLTjDbVhf0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 23 Sep 2023 22:14:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.confessionsstories.com
Access-Control-Allow-Origin: https://www.confessionsstories.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7:2:1; expires=Sat, 30 Sep 2023 22:14:58 GMT; secure; SameSite=None
iprc9ed01570df77a473fc35c172cde7289d=3569806; expires=Sun, 24 Sep 2023 02:14:58 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 24 Sep 2023 22:14:58 GMT; secure; SameSite=None
uncs=1; expires=Sun, 24 Sep 2023 22:14:58 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 24 Sep 2023 22:14:58 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 24 Sep 2023 22:14:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bd3ccc1598ffecaab1fa525d28db382d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
472 B IP
Hash f5e8c4f8f278f9efbee06f1da6ca6afa
07cea281d3989868b6a516d85d886f223231c690
207b4b722f6e6827f867905eb8f9d07bb251106fd318bba1b063d0127920444a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash f5e8c4f8f278f9efbee06f1da6ca6afa
07cea281d3989868b6a516d85d886f223231c690
207b4b722f6e6827f867905eb8f9d07bb251106fd318bba1b063d0127920444a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/Ams57196RiI
200 OK 55 kB URL GET HTTP/2 www.youtube.com/embed/Ams57196RiI
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58290)
Hash b11e619a0e6e307f2c2f6d0d806979b5
6d7740c499379eea8b6e391def67d6f7d39dd4df
273d147c2c04283b1a27f8d95dab5da399fb29ea2861df620258851465c70478
GET /embed/Ams57196RiI HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 22:14:58 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=VOqBtRNRlwY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=YSpC_88dexs; Domain=.youtube.com; Expires=Thu, 21-Mar-2024 22:14:58 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIA; Domain=.youtube.com; Expires=Thu, 21-Mar-2024 22:14:58 GMT; Path=/; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+999; expires=Mon, 22-Sep-2025 22:14:58 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/9cbb6b90/www-player.css
200 OK 49 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/www-player.css
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash ee113c2fd024ac56f71eaecd779226c4
a6c0f0f28ee8924ffdaccb46516c88093459376f
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
GET /s/player/9cbb6b90/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48765
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 07:28:24 GMT
expires: Tue, 17 Sep 2024 07:28:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 485194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:24:26 GMT
expires: Fri, 20 Sep 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 197432
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 05:45:56 GMT
expires: Wed, 18 Sep 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 404942
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js
200 OK 96 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (682)
Hash 116a5fe46325d930c09e12813c4179bb
5dddd872b57e06b4e5f2406a4259c3bece6d46c9
ba96780d2ab1b1efe09f18d20459cbc7d0aeda172548a23ea7dc1274aad29c98
GET /s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 96160
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 14:40:19 GMT
expires: Sat, 21 Sep 2024 14:40:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 113679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/base.js
200 OK 800 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (555)
Size 800 kB (800489 bytes)
Hash 2481b078c6cd818dd2e0a27147582742
d5095185d9c7651d67d53ba909d9d88c435dd31f
ef166dff9ddce661455b889b8362db440760288974073aac303c188196c9c7b8
GET /s/player/9cbb6b90/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 800489
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 07:39:35 GMT
expires: Tue, 17 Sep 2024 07:39:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 484523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.confessionsstories.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata
200 OK 1.7 kB URL GET HTTP/2 www.confessionsstories.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
File type Unicode text, UTF-8 text, with very long lines (4065)
Hash 61dc78fae0fe744adcddb975ada65828
315e3851712fa46b573f32bf648cf8435759fb79
5c7796d093727a7f7814183c94e94e347a8ac984f749bb0ccb9cff620045415f
GET /feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1; sb_main_ce027b1d785710849ef059d7d384704a=1; sb_count_ce027b1d785710849ef059d7d384704a=1; ppu_main_e22fe2138e3f63642753547dd0d1eb45=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=seemreflexdisable.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"3ca9eac655ab6a91ed7ee866e6149f5014f8d221d1a51500d9fb2d73a0b7d20e"
date: Sat, 23 Sep 2023 22:14:58 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 23 Sep 2023 22:14:59 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 00:47:38 GMT
content-encoding: gzip
content-length: 1675
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 144 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintAA:0D:43:1A:D3:E4:C6:42:86:E6:B6:6B:B0:1E:22:41:C9:F8:8C:A9
ValidityThu, 27 Jul 2023 23:07:11 GMT - Wed, 25 Oct 2023 23:07:10 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:58 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Mon, 25 Sep 2023 22:14:58 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cse.google.com/cse.js?cx=de2fd38b6259aa228
200 OK 3.0 kB URL GET HTTP/3 cse.google.com/cse.js?cx=de2fd38b6259aa228
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3170)
Hash 5dcd6c56fcc03e1019cbb9f899e70660
139c7f2776b9d8d2a6567191846b444d0663ea94
0b2bbac9607de889bf50e2e697c208965f56f2fd0fedb350d3e61edc2198f895
GET /cse.js?cx=de2fd38b6259aa228 HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-50J-A-lps8pm8KN66kj0vw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 23 Sep 2023 22:14:58 GMT
server: gws
content-length: 3007
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+678; expires=Mon, 22-Sep-2025 22:14:58 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 22:14:58 GMT
cache-control: private
www.blogger.com/dyn-css/authorization.css?targetBlogID=4017546421926280597&zx=862c67cc-5e9f-4b2f-9b02-d6c8fa740164
200 OK 21 B URL GET HTTP/3 www.blogger.com/dyn-css/authorization.css?targetBlogID=4017546421926280597&zx=862c67cc-5e9f-4b2f-9b02-d6c8fa740164
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=4017546421926280597&zx=862c67cc-5e9f-4b2f-9b02-d6c8fa740164 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 22:14:59 GMT
last-modified: Sat, 23 Sep 2023 22:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/si/4b/bc/23/4bbc230609fdb995bc243ab2bf113a24/1688469712.png
200 OK 32 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/4b/bc/23/4bbc230609fdb995bc243ab2bf113a24/1688469712.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintAA:0D:43:1A:D3:E4:C6:42:86:E6:B6:6B:B0:1E:22:41:C9:F8:8C:A9
ValidityThu, 27 Jul 2023 23:07:11 GMT - Wed, 25 Oct 2023 23:07:10 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ed284c39635733f0d43d00179a9b39b
01d584c4f75e073a12ba3b7a0a6e278c3dcfd70d
007e5914a8a8d6a3ddc6b83882a1518b48f7b770c096bf54b56566d451b7765e
GET /si/4b/bc/23/4bbc230609fdb995bc243ab2bf113a24/1688469712.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: image/png
content-length: 31821
server: nginx/1.21.6
last-modified: Tue, 04 Jul 2023 11:22:00 GMT
etag: "64a400d8-7c4d"
expires: Mon, 25 Sep 2023 22:14:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/24/b3/7a/24b37af1450ebc7184eb0b1cc5f2abed/1688560994.png
200 OK 25 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/24/b3/7a/24b37af1450ebc7184eb0b1cc5f2abed/1688560994.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintAA:0D:43:1A:D3:E4:C6:42:86:E6:B6:6B:B0:1E:22:41:C9:F8:8C:A9
ValidityThu, 27 Jul 2023 23:07:11 GMT - Wed, 25 Oct 2023 23:07:10 GMT
File type PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash bdc31a4330b8181ee2fb46f3c281480a
3e0f3a7438a7b4d0f704a1c348d333d0887244d7
aaab7b2cfbb3770c3f6c9ac22efcf9c88f9ad4f665f607f012d075b65fd3b4df
GET /si/24/b3/7a/24b37af1450ebc7184eb0b1cc5f2abed/1688560994.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: image/png
content-length: 25270
server: nginx/1.21.6
last-modified: Wed, 05 Jul 2023 12:43:23 GMT
etag: "64a5656b-62b6"
expires: Mon, 25 Sep 2023 22:14:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash c17d1900febb134482f5f3fdc9fd4b69
18d8f12fa6991f23477832a6c6a356fadd6e8508
19d15be13fbb8add8926f12e5c810a16851ee487bb211efa193d1ea199ecf0ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash c17d1900febb134482f5f3fdc9fd4b69
18d8f12fa6991f23477832a6c6a356fadd6e8508
19d15be13fbb8add8926f12e5c810a16851ee487bb211efa193d1ea199ecf0ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/cse/static/style/look/v4/default.css
200 OK 1.3 kB URL GET HTTP/2 www.google.com/cse/static/style/look/v4/default.css
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT
Hash c14e45e189f801818b14f1315605a632
dd7e7fb9d156b343beef0155b41da1c847d69e41
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:47:37 GMT
expires: Sat, 23 Sep 2023 22:37:37 GMT
cache-control: public, max-age=3000
age: 1642
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/cse/static/element/e992cd4de3c7044f/default+no.css
200 OK 9.1 kB URL GET HTTP/2 www.google.com/cse/static/element/e992cd4de3c7044f/default+no.css
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT
Hash cceef64799f5bf61b9dcb5cfc675ed55
f2eae36d5c2cab03d77d5d3601e0d12457d88b11
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
GET /cse/static/element/e992cd4de3c7044f/default+no.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9102
date: Sat, 23 Sep 2023 22:14:59 GMT
expires: Sat, 23 Sep 2023 22:14:59 GMT
cache-control: private, max-age=31536000
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
200 OK 591 B URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: image/png
content-length: 591
last-modified: Mon, 21 Feb 2022 10:06:44 GMT
etag: "62136434-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2526218
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqOAPjUQ60r8ecf6HxnINcEuQssnWWi%2F%2Fv5WG%2BZwxQjG%2BQKhuNZhyN1IW7pL7szT6PC8gwIfuJ8SCOoeK%2BosFnO4bpCFkIxGHfvEcs1IOb9tfERXNEisJK8EFMljE5Q1I2tUfmpB00sD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b624cc2f7c385b-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.confessionsstories.com/favicon.ico
200 OK 412 B URL GET HTTP/2 www.confessionsstories.com/favicon.ico
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1; sb_main_ce027b1d785710849ef059d7d384704a=1; sb_count_ce027b1d785710849ef059d7d384704a=1; ppu_main_e22fe2138e3f63642753547dd0d1eb45=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=seemreflexdisable.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 23 Sep 2023 22:14:59 GMT
date: Sat, 23 Sep 2023 22:14:59 GMT
cache-control: private, max-age=86400
last-modified: Thu, 21 Sep 2023 00:47:38 GMT
etag: W/"7510eba6c89b5dfcd8fc1f4e668725c2d8decc7bcba5d3538c876eb3b75c3c74"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL GET HTTP/2 banquetunarmedgrater.com/advertisers.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint77:2B:76:51:D0:51:70:02:2E:BF:B7:9B:02:8B:5A:A4:91:FA:0B:9E
ValidityMon, 11 Sep 2023 08:34:11 GMT - Sun, 10 Dec 2023 08:34:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 3c58e8e76f23f70721b3b4c5270550f4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 23 Sep 2023 22:14:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYjJpdbSPak6qrNY43oLmISl%2FT8DtXReDfgS5CFOZV7H7aVJlxcuqHNzWshAC6YbLLYHEqUoIJjgb5makwIY96lZZ%2BAC08p0gp7EmBhYnITPiOpQjJfjRFeECKulMhAt%2BopCXgl2iETVlbQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b624cd7c235685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-NcuE4c0inWk/YfCP8f2_4-I/AAAAAAAAAS4/Dqmrh3F08NAJsrh2Zfb33bsHuwB2GJyxQCNcBGAsYHQ/w72-h72-p-k-no-nu/1643155438868610-0.png
200 OK 5.5 kB URL GET HTTP/2 lh3.googleusercontent.com/-NcuE4c0inWk/YfCP8f2_4-I/AAAAAAAAAS4/Dqmrh3F08NAJsrh2Zfb33bsHuwB2GJyxQCNcBGAsYHQ/w72-h72-p-k-no-nu/1643155438868610-0.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d1fdc13a9a02bceb0454661d4ce7e3c5
19c6df6d017f79b27965a679a2f33f6bf04a37ee
28fbe9d239bdc298a95e017945638d4ab6652163d7497b48df50db660fdce8f7
GET /-NcuE4c0inWk/YfCP8f2_4-I/AAAAAAAAAS4/Dqmrh3F08NAJsrh2Zfb33bsHuwB2GJyxQCNcBGAsYHQ/w72-h72-p-k-no-nu/1643155438868610-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v12f"
expires: Sun, 24 Sep 2023 22:14:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1643155438868610-0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:14:59 GMT
server: fife
content-length: 5524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
200 OK 1.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
Hash aae84ccade4cab86c1afdf4c4532762a
b08de856858a730e980fb2a0ca2f0e1442c03d46
6e45c9c8dba52c75144c153e63a04d055f15e5f39897ab3f2413154c9cf2e91f
GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:59:09 GMT
etag: W/"6213707d-1048"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVb41WPvjMRDVFw8n1JS9wE4CoGb807vcztQK4Skk%2FHaJc4HAJQ3b5dmbd50fsGIVt7VBY37I2UIZVu15em1OFEPTStBL%2BCKzzBKUbQ%2FChBf%2BfFrjS1kEh68W8A4RSvhc%2B66vH3utmUC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b624cc2d557750-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN74Mf3Mfn-XwG4mQR4jzDcvgO3QYxgsqj8exQL1_anCPQc3-F21uzQ7u23IlQH0cZ_RoZQhbkUTt9EgOGVUOUYJT69Czj08v-6wcQlyAX9hSpjVUKPMh7zA_XXSdGwdTBx35aNgl5tzCao-eBO3hwcHXYm6pR8oKnWxtzt02jqQcRBh34b2fosSNTO7fE/s72-w332-h249-c/digital-art-398342_640.webp
200 OK 3.3 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN74Mf3Mfn-XwG4mQR4jzDcvgO3QYxgsqj8exQL1_anCPQc3-F21uzQ7u23IlQH0cZ_RoZQhbkUTt9EgOGVUOUYJT69Czj08v-6wcQlyAX9hSpjVUKPMh7zA_XXSdGwdTBx35aNgl5tzCao-eBO3hwcHXYm6pR8oKnWxtzt02jqQcRBh34b2fosSNTO7fE/s72-w332-h249-c/digital-art-398342_640.webp
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 2e783b3f8fcaa975f69271a3d1220fe2
971ad92bff8383f3606fdc83dce0639a720a0069
b994bd9e0fbfe562a18fb5dc92c6930d1ff0e88c51b0979c63a7ca53c3f95c88
GET /img/b/R29vZ2xl/AVvXsEjN74Mf3Mfn-XwG4mQR4jzDcvgO3QYxgsqj8exQL1_anCPQc3-F21uzQ7u23IlQH0cZ_RoZQhbkUTt9EgOGVUOUYJT69Czj08v-6wcQlyAX9hSpjVUKPMh7zA_XXSdGwdTBx35aNgl5tzCao-eBO3hwcHXYm6pR8oKnWxtzt02jqQcRBh34b2fosSNTO7fE/s72-w332-h249-c/digital-art-398342_640.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v20"
expires: Sun, 24 Sep 2023 22:14:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital-art-398342_640.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:14:59 GMT
server: fife
content-length: 3269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=79249&fd=519
200 OK 0 B URL GET HTTP/1.1 seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=79249&fd=519
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=79249&fd=519 HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: u_pl=18448249; uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecce027b1d785710849ef059d7d384704a=[4416743]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:14:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
lh3.googleusercontent.com/-0Loppuv4RWM/ZNrif-gs6lI/AAAAAAAAAkM/M2c_VT-I9TYhAKeuBYYPxhTCI4j7ncj2QCNcBGAsYHQ/s1600/1692066426593919-0.png
200 OK 263 kB URL GET HTTP/2 lh3.googleusercontent.com/-0Loppuv4RWM/ZNrif-gs6lI/AAAAAAAAAkM/M2c_VT-I9TYhAKeuBYYPxhTCI4j7ncj2QCNcBGAsYHQ/s1600/1692066426593919-0.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 720x934, components 3\012- data
Size 263 kB (262897 bytes)
Hash 1a6c57f6fde15a1ac34be1bba16e055f
d61169ac40db951b5c5697a8836c39bc2af7b660
5966e79ed7570c46f9d23994558acbb8fc8231086566f0b0653550c926c01949
GET /-0Loppuv4RWM/ZNrif-gs6lI/AAAAAAAAAkM/M2c_VT-I9TYhAKeuBYYPxhTCI4j7ncj2QCNcBGAsYHQ/s1600/1692066426593919-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v245"
expires: Sun, 24 Sep 2023 22:14:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1692066426593919-0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:14:59 GMT
server: fife
content-length: 262897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-QdxmhJxgcC0/ZLtOIULg06I/AAAAAAAAAh4/0l2FiV7HNnsxZjnVh0lQkIcxTFO0ouM0ACNcBGAsYHQ/w72-h72-p-k-no-nu/1689996825716854-0.png
200 OK 2.7 kB URL GET HTTP/2 lh3.googleusercontent.com/-QdxmhJxgcC0/ZLtOIULg06I/AAAAAAAAAh4/0l2FiV7HNnsxZjnVh0lQkIcxTFO0ouM0ACNcBGAsYHQ/w72-h72-p-k-no-nu/1689996825716854-0.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash bdebbcc1e69396a4d96d70fe87dd4f2e
a7131cc3f13ae3c881cc60a4bb1d58a5f2ae016c
ec4b04c6b799ef7e39d7706a5fa6a07e9f9afd8765ca590924b1af4ac676f6d8
GET /-QdxmhJxgcC0/ZLtOIULg06I/AAAAAAAAAh4/0l2FiV7HNnsxZjnVh0lQkIcxTFO0ouM0ACNcBGAsYHQ/w72-h72-p-k-no-nu/1689996825716854-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v21f"
expires: Sun, 24 Sep 2023 22:14:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1689996825716854-0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:14:59 GMT
server: fife
content-length: 2675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-w5RbkQnJToQ/ZNrisOF_7sI/AAAAAAAAAkQ/6WoFfqUIEqIeFzstYHn2lNTOdy9lokgPQCNcBGAsYHQ/s1600/1692066477631972-0.png
200 OK 263 kB URL GET HTTP/2 lh3.googleusercontent.com/-w5RbkQnJToQ/ZNrisOF_7sI/AAAAAAAAAkQ/6WoFfqUIEqIeFzstYHn2lNTOdy9lokgPQCNcBGAsYHQ/s1600/1692066477631972-0.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 720x934, components 3\012- data
Size 263 kB (262897 bytes)
Hash 1a6c57f6fde15a1ac34be1bba16e055f
d61169ac40db951b5c5697a8836c39bc2af7b660
5966e79ed7570c46f9d23994558acbb8fc8231086566f0b0653550c926c01949
GET /-w5RbkQnJToQ/ZNrisOF_7sI/AAAAAAAAAkQ/6WoFfqUIEqIeFzstYHn2lNTOdy9lokgPQCNcBGAsYHQ/s1600/1692066477631972-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v246"
expires: Sun, 24 Sep 2023 22:14:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1692066477631972-0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:14:59 GMT
server: fife
content-length: 262897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-CN1M_JIwDeg/ZMtuebs4cWI/AAAAAAAAAkE/fbGGcaVSln00lQLXl-5vsHk4rBEZaanUwCNcBGAsYHQ/s1600/1691053687859703-0.png
200 OK 494 kB URL GET HTTP/2 lh3.googleusercontent.com/-CN1M_JIwDeg/ZMtuebs4cWI/AAAAAAAAAkE/fbGGcaVSln00lQLXl-5vsHk4rBEZaanUwCNcBGAsYHQ/s1600/1691053687859703-0.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 736x1104, components 3\012- data
Size 494 kB (493450 bytes)
Hash ca359825742e49052b3e1f3c7ad779a3
22e95a76459fd5d7d8415e5edf9cb05fad352266
1768e6237e99732a33142a67cb4e685e9ebfec4082d7ebf0056d23c31f844332
GET /-CN1M_JIwDeg/ZMtuebs4cWI/AAAAAAAAAkE/fbGGcaVSln00lQLXl-5vsHk4rBEZaanUwCNcBGAsYHQ/s1600/1691053687859703-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v242"
expires: Sun, 24 Sep 2023 22:14:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1691053687859703-0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:14:59 GMT
server: fife
content-length: 493450
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiy2xHVggG6tIo6s3T2EbaAHURdbCYB-FqcmdwuHYOm_SiVXf196s7VC25KtcGA6ybusIQDkig2w_VzBUxX8-rHrS8-X63Se5tJx5gkWTjVsxsjR_QCdtWKuAMyV0D6vPHfXsL9HW87LdkwpuKLKo4lt-OaI8QJxq8yxcWwBslR0qcEwUIof9NWyjVNCNTE/s320/digital-art-398342_640.webp
200 OK 22 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiy2xHVggG6tIo6s3T2EbaAHURdbCYB-FqcmdwuHYOm_SiVXf196s7VC25KtcGA6ybusIQDkig2w_VzBUxX8-rHrS8-X63Se5tJx5gkWTjVsxsjR_QCdtWKuAMyV0D6vPHfXsL9HW87LdkwpuKLKo4lt-OaI8QJxq8yxcWwBslR0qcEwUIof9NWyjVNCNTE/s320/digital-art-398342_640.webp
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Hash e6fa183606e5768ab22b81d91e6508b9
20f1699ed30fa87ba8d1dce753fca050c075c633
5319f146e088aaf82532e8b0901c0a10d803d8b68d056fc6539fcdc4bb3e78e1
GET /img/b/R29vZ2xl/AVvXsEiy2xHVggG6tIo6s3T2EbaAHURdbCYB-FqcmdwuHYOm_SiVXf196s7VC25KtcGA6ybusIQDkig2w_VzBUxX8-rHrS8-X63Se5tJx5gkWTjVsxsjR_QCdtWKuAMyV0D6vPHfXsL9HW87LdkwpuKLKo4lt-OaI8QJxq8yxcWwBslR0qcEwUIof9NWyjVNCNTE/s320/digital-art-398342_640.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v24"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital-art-398342_640.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 21673
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj58qYaCB6XV3zz86epSv_8SbNkoH0Yctvjzd8lyCP8fAlgICtcg5G9t4iyYXq-RtVyJK60zBRS2tQheplqK_SrQL1orl2kCfiIQLkDx7u-hp-jCtU2asUUFfEG_FBoUkUBmsV39E4ABN8629qzI-2XMbO5jfnmwxujmT4I1JDe7Gu5wHe2l2McQQm6Sr9Y/s320/digital-art-398342_640.webp
200 OK 22 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj58qYaCB6XV3zz86epSv_8SbNkoH0Yctvjzd8lyCP8fAlgICtcg5G9t4iyYXq-RtVyJK60zBRS2tQheplqK_SrQL1orl2kCfiIQLkDx7u-hp-jCtU2asUUFfEG_FBoUkUBmsV39E4ABN8629qzI-2XMbO5jfnmwxujmT4I1JDe7Gu5wHe2l2McQQm6Sr9Y/s320/digital-art-398342_640.webp
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Hash e6fa183606e5768ab22b81d91e6508b9
20f1699ed30fa87ba8d1dce753fca050c075c633
5319f146e088aaf82532e8b0901c0a10d803d8b68d056fc6539fcdc4bb3e78e1
GET /img/b/R29vZ2xl/AVvXsEj58qYaCB6XV3zz86epSv_8SbNkoH0Yctvjzd8lyCP8fAlgICtcg5G9t4iyYXq-RtVyJK60zBRS2tQheplqK_SrQL1orl2kCfiIQLkDx7u-hp-jCtU2asUUFfEG_FBoUkUBmsV39E4ABN8629qzI-2XMbO5jfnmwxujmT4I1JDe7Gu5wHe2l2McQQm6Sr9Y/s320/digital-art-398342_640.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v23"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital-art-398342_640.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 21673
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN74Mf3Mfn-XwG4mQR4jzDcvgO3QYxgsqj8exQL1_anCPQc3-F21uzQ7u23IlQH0cZ_RoZQhbkUTt9EgOGVUOUYJT69Czj08v-6wcQlyAX9hSpjVUKPMh7zA_XXSdGwdTBx35aNgl5tzCao-eBO3hwcHXYm6pR8oKnWxtzt02jqQcRBh34b2fosSNTO7fE/w332-h249/digital-art-398342_640.webp
200 OK 23 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN74Mf3Mfn-XwG4mQR4jzDcvgO3QYxgsqj8exQL1_anCPQc3-F21uzQ7u23IlQH0cZ_RoZQhbkUTt9EgOGVUOUYJT69Czj08v-6wcQlyAX9hSpjVUKPMh7zA_XXSdGwdTBx35aNgl5tzCao-eBO3hwcHXYm6pR8oKnWxtzt02jqQcRBh34b2fosSNTO7fE/w332-h249/digital-art-398342_640.webp
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 332x249, components 3\012- data
Hash f3ebbe6a12c0493591d1ef9e9303f618
ea1e6475171a6323f1f05eeb22803c7f95009d4a
4f46b0c59aab260772f7cc6fde8c5982f43884eb6d5e69ccebdcedaf29345896
GET /img/b/R29vZ2xl/AVvXsEjN74Mf3Mfn-XwG4mQR4jzDcvgO3QYxgsqj8exQL1_anCPQc3-F21uzQ7u23IlQH0cZ_RoZQhbkUTt9EgOGVUOUYJT69Czj08v-6wcQlyAX9hSpjVUKPMh7zA_XXSdGwdTBx35aNgl5tzCao-eBO3hwcHXYm6pR8oKnWxtzt02jqQcRBh34b2fosSNTO7fE/w332-h249/digital-art-398342_640.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v20"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital-art-398342_640.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 22803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj58qYaCB6XV3zz86epSv_8SbNkoH0Yctvjzd8lyCP8fAlgICtcg5G9t4iyYXq-RtVyJK60zBRS2tQheplqK_SrQL1orl2kCfiIQLkDx7u-hp-jCtU2asUUFfEG_FBoUkUBmsV39E4ABN8629qzI-2XMbO5jfnmwxujmT4I1JDe7Gu5wHe2l2McQQm6Sr9Y/s1600/digital-art-398342_640.webp
200 OK 40 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj58qYaCB6XV3zz86epSv_8SbNkoH0Yctvjzd8lyCP8fAlgICtcg5G9t4iyYXq-RtVyJK60zBRS2tQheplqK_SrQL1orl2kCfiIQLkDx7u-hp-jCtU2asUUFfEG_FBoUkUBmsV39E4ABN8629qzI-2XMbO5jfnmwxujmT4I1JDe7Gu5wHe2l2McQQm6Sr9Y/s1600/digital-art-398342_640.webp
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 47637c13e01a8770e36fc42c743726b4
285a23c0c52ee2aace03eaacd626a2c17bf762e0
99bfd612ac3568fd8b52a1c7a6b2c4dbb90f906feb73ae42969fdf7f56082d5b
GET /img/b/R29vZ2xl/AVvXsEj58qYaCB6XV3zz86epSv_8SbNkoH0Yctvjzd8lyCP8fAlgICtcg5G9t4iyYXq-RtVyJK60zBRS2tQheplqK_SrQL1orl2kCfiIQLkDx7u-hp-jCtU2asUUFfEG_FBoUkUBmsV39E4ABN8629qzI-2XMbO5jfnmwxujmT4I1JDe7Gu5wHe2l2McQQm6Sr9Y/s1600/digital-art-398342_640.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v23"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital-art-398342_640.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 40470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiy2xHVggG6tIo6s3T2EbaAHURdbCYB-FqcmdwuHYOm_SiVXf196s7VC25KtcGA6ybusIQDkig2w_VzBUxX8-rHrS8-X63Se5tJx5gkWTjVsxsjR_QCdtWKuAMyV0D6vPHfXsL9HW87LdkwpuKLKo4lt-OaI8QJxq8yxcWwBslR0qcEwUIof9NWyjVNCNTE/s1600/digital-art-398342_640.webp
200 OK 40 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiy2xHVggG6tIo6s3T2EbaAHURdbCYB-FqcmdwuHYOm_SiVXf196s7VC25KtcGA6ybusIQDkig2w_VzBUxX8-rHrS8-X63Se5tJx5gkWTjVsxsjR_QCdtWKuAMyV0D6vPHfXsL9HW87LdkwpuKLKo4lt-OaI8QJxq8yxcWwBslR0qcEwUIof9NWyjVNCNTE/s1600/digital-art-398342_640.webp
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 47637c13e01a8770e36fc42c743726b4
285a23c0c52ee2aace03eaacd626a2c17bf762e0
99bfd612ac3568fd8b52a1c7a6b2c4dbb90f906feb73ae42969fdf7f56082d5b
GET /img/b/R29vZ2xl/AVvXsEiy2xHVggG6tIo6s3T2EbaAHURdbCYB-FqcmdwuHYOm_SiVXf196s7VC25KtcGA6ybusIQDkig2w_VzBUxX8-rHrS8-X63Se5tJx5gkWTjVsxsjR_QCdtWKuAMyV0D6vPHfXsL9HW87LdkwpuKLKo4lt-OaI8QJxq8yxcWwBslR0qcEwUIof9NWyjVNCNTE/s1600/digital-art-398342_640.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v24"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital-art-398342_640.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 40470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmND15jGPpL41znEvOKHNkwFoGftFgsw_u95efi6_mnhwkOigdXBdLT1T1YCDd-E9vJZwlIs5D1QCom9S3VTsTseKy9dyLsvPfC8gVMCtBT7Du2SJXZTGa-edcAl40rR-j0TctdOBM6Q8IuOVkSI3XeKHTdsAWdX6D9o6C7L5SSj-K_xJHB1xAa_fgVgft/s1600/digital-art-398342_640.webp
200 OK 40 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmND15jGPpL41znEvOKHNkwFoGftFgsw_u95efi6_mnhwkOigdXBdLT1T1YCDd-E9vJZwlIs5D1QCom9S3VTsTseKy9dyLsvPfC8gVMCtBT7Du2SJXZTGa-edcAl40rR-j0TctdOBM6Q8IuOVkSI3XeKHTdsAWdX6D9o6C7L5SSj-K_xJHB1xAa_fgVgft/s1600/digital-art-398342_640.webp
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 47637c13e01a8770e36fc42c743726b4
285a23c0c52ee2aace03eaacd626a2c17bf762e0
99bfd612ac3568fd8b52a1c7a6b2c4dbb90f906feb73ae42969fdf7f56082d5b
GET /img/b/R29vZ2xl/AVvXsEhmND15jGPpL41znEvOKHNkwFoGftFgsw_u95efi6_mnhwkOigdXBdLT1T1YCDd-E9vJZwlIs5D1QCom9S3VTsTseKy9dyLsvPfC8gVMCtBT7Du2SJXZTGa-edcAl40rR-j0TctdOBM6Q8IuOVkSI3XeKHTdsAWdX6D9o6C7L5SSj-K_xJHB1xAa_fgVgft/s1600/digital-art-398342_640.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v1e"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital-art-398342_640.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 40470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbhJ-i22aBOaYmbv_6b5kzUjYadlI84m67rKudTm8KQt32ZGK_2IoMhG7e7tGKz7FY13sytNRsyKV8bT-ftcAHoF_REnQyid7YAOiIV4v20pXt-uMwrfju1DohNdbC-Y8jJ7ZSyNQgLTRQwYqe1PcPU9Qh_S_CcU55u9JAVaSt6Y24vGkp447yOSpU/w72-h72-p-k-no-nu/patrol%20car.jpg
200 OK 2.9 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbhJ-i22aBOaYmbv_6b5kzUjYadlI84m67rKudTm8KQt32ZGK_2IoMhG7e7tGKz7FY13sytNRsyKV8bT-ftcAHoF_REnQyid7YAOiIV4v20pXt-uMwrfju1DohNdbC-Y8jJ7ZSyNQgLTRQwYqe1PcPU9Qh_S_CcU55u9JAVaSt6Y24vGkp447yOSpU/w72-h72-p-k-no-nu/patrol%20car.jpg
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b764cc46ae4f9f9c6cd99102c9115a75
743b3dce776d08bade8fb65f4e3f47151d50455c
fb9bf8f22499faa68b7a52b0edb469e19ba084a75f0be0dbd70b394ca002a410
GET /img/b/R29vZ2xl/AVvXsEhbhJ-i22aBOaYmbv_6b5kzUjYadlI84m67rKudTm8KQt32ZGK_2IoMhG7e7tGKz7FY13sytNRsyKV8bT-ftcAHoF_REnQyid7YAOiIV4v20pXt-uMwrfju1DohNdbC-Y8jJ7ZSyNQgLTRQwYqe1PcPU9Qh_S_CcU55u9JAVaSt6Y24vGkp447yOSpU/w72-h72-p-k-no-nu/patrol%20car.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v732"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="patrol car.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 2851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV1ioibJAl9tvOv6w4KvHfdtAvXPbogqoMXn5wz98BAnNrgda5aKoAH8brlnxveK0jNKEXss-8illfhEGseShZk9FuoCEiv6t6X5a2YgUn4-FDhQGLhwEMh1QlFHPqeKNdJqp64f_rLmD1_d9rmcQyalo1NuZ6roIAFdtkY5XhhnrSiHyghKwIO303/w72-h72-p-k-no-nu/patrol%20car.jpg
200 OK 2.9 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV1ioibJAl9tvOv6w4KvHfdtAvXPbogqoMXn5wz98BAnNrgda5aKoAH8brlnxveK0jNKEXss-8illfhEGseShZk9FuoCEiv6t6X5a2YgUn4-FDhQGLhwEMh1QlFHPqeKNdJqp64f_rLmD1_d9rmcQyalo1NuZ6roIAFdtkY5XhhnrSiHyghKwIO303/w72-h72-p-k-no-nu/patrol%20car.jpg
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b764cc46ae4f9f9c6cd99102c9115a75
743b3dce776d08bade8fb65f4e3f47151d50455c
fb9bf8f22499faa68b7a52b0edb469e19ba084a75f0be0dbd70b394ca002a410
GET /img/b/R29vZ2xl/AVvXsEiV1ioibJAl9tvOv6w4KvHfdtAvXPbogqoMXn5wz98BAnNrgda5aKoAH8brlnxveK0jNKEXss-8illfhEGseShZk9FuoCEiv6t6X5a2YgUn4-FDhQGLhwEMh1QlFHPqeKNdJqp64f_rLmD1_d9rmcQyalo1NuZ6roIAFdtkY5XhhnrSiHyghKwIO303/w72-h72-p-k-no-nu/patrol%20car.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v734"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="patrol car.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 2851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 106 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (1456)
Size 106 kB (106110 bytes)
Hash aa3e7bf049b49bce9c6a51ecb5e440e9
2af710eb12e95a935b506051952150617df138b5
783b5f423d72d7e8d28c1bbd03bf9fbae4a639762e03d749521569dbac088cb3
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 23 Sep 2023 22:14:59 GMT
date: Sat, 23 Sep 2023 22:14:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyVfaOu7aWyl2YK9s3xwH-AG5wGOuJRPnp9DRQnlxp5WHfxUWP7W2L4tTF5eEbAGtK50O44PtJF9I28Fg4AzwdRK_ELCpi8L5bto9xW3dhzHzmUI5scxarfKtcQ3mhKEzeVtQZBpGooKeeYY65VugbcVgz7yEV5R43FjoLIh4PdDCKSP9wueXT5s8Y/w72-h72-p-k-no-nu/patrol%20car.jpg
200 OK 2.9 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyVfaOu7aWyl2YK9s3xwH-AG5wGOuJRPnp9DRQnlxp5WHfxUWP7W2L4tTF5eEbAGtK50O44PtJF9I28Fg4AzwdRK_ELCpi8L5bto9xW3dhzHzmUI5scxarfKtcQ3mhKEzeVtQZBpGooKeeYY65VugbcVgz7yEV5R43FjoLIh4PdDCKSP9wueXT5s8Y/w72-h72-p-k-no-nu/patrol%20car.jpg
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b764cc46ae4f9f9c6cd99102c9115a75
743b3dce776d08bade8fb65f4e3f47151d50455c
fb9bf8f22499faa68b7a52b0edb469e19ba084a75f0be0dbd70b394ca002a410
GET /img/b/R29vZ2xl/AVvXsEgyVfaOu7aWyl2YK9s3xwH-AG5wGOuJRPnp9DRQnlxp5WHfxUWP7W2L4tTF5eEbAGtK50O44PtJF9I28Fg4AzwdRK_ELCpi8L5bto9xW3dhzHzmUI5scxarfKtcQ3mhKEzeVtQZBpGooKeeYY65VugbcVgz7yEV5R43FjoLIh4PdDCKSP9wueXT5s8Y/w72-h72-p-k-no-nu/patrol%20car.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v738"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="patrol car.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 2851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
200 OK 809 B URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
Hash 89918681df9f363bb293cb027c2f1113
cf7dca97b09ed3d03e821b407286539519a9f037
6648e7501f858c8ffaf2b35736dbd37f2d22afb2c781ee552d7c113d77413b9e
GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-3be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eptGZVOsp%2FnAVsfaO8Stn8LGvV0qIjki010As1kJja4YgvAglP%2FULapHWb6g6%2FHSla8U%2BTke%2F7mfLbf2SDEJg6F6EA0wYEjqQUySM2%2FoOQBBT7YMZRh0kCtrNHDqHfbGb7CSOAPjs%2FIq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b624cdaf837750-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.confessionsstories.com/
200 OK 38 kB URL GET HTTP/2 www.confessionsstories.com/
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967)
Hash 403699874e742783dad74f9fa8037554
6c043715a04ce6c9a03c9ad6f3356b7651b90d01
0fb01a0d2f16f5397f550aa993510b030ad5f55100786cf1eb89ebddb14505ef
GET / HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1; sb_main_ce027b1d785710849ef059d7d384704a=1; sb_count_ce027b1d785710849ef059d7d384704a=1; ppu_main_e22fe2138e3f63642753547dd0d1eb45=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=seemreflexdisable.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 22:15:00 GMT
date: Sat, 23 Sep 2023 22:15:00 GMT
cache-control: private, max-age=0
last-modified: Thu, 21 Sep 2023 00:47:38 GMT
etag: W/"7510eba6c89b5dfcd8fc1f4e668725c2d8decc7bcba5d3538c876eb3b75c3c74"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 38255
server: GSE
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilH47epHJ6-UFk6_mOFTJUUvzBtKgcYINJp6fhHmro_6ysgs9R3Dr8ilgq1q1u4X1FUEDsFaiESGv2YfD9Cl75YJV_dJeo-1xNROB6qFdpEN6DbDheHYmg3RN9pXKnwc3TzHBdsZWklhtvhJ1jiOFIjhQf9y2XYDyABVC6D67RYPUs2urpTGkZEOJf/w72-h72-p-k-no-nu/fingering-1552574107.jpeg
200 OK 2.9 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilH47epHJ6-UFk6_mOFTJUUvzBtKgcYINJp6fhHmro_6ysgs9R3Dr8ilgq1q1u4X1FUEDsFaiESGv2YfD9Cl75YJV_dJeo-1xNROB6qFdpEN6DbDheHYmg3RN9pXKnwc3TzHBdsZWklhtvhJ1jiOFIjhQf9y2XYDyABVC6D67RYPUs2urpTGkZEOJf/w72-h72-p-k-no-nu/fingering-1552574107.jpeg
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a019aa0b08567627f786de332d1634d4
1a811b3884884ddb2437470df6b56ec888e17d11
ebe461419751d5ef12fc93dde6a8f41bbda48de3a27b7927f920a41a64edf465
GET /img/b/R29vZ2xl/AVvXsEilH47epHJ6-UFk6_mOFTJUUvzBtKgcYINJp6fhHmro_6ysgs9R3Dr8ilgq1q1u4X1FUEDsFaiESGv2YfD9Cl75YJV_dJeo-1xNROB6qFdpEN6DbDheHYmg3RN9pXKnwc3TzHBdsZWklhtvhJ1jiOFIjhQf9y2XYDyABVC6D67RYPUs2urpTGkZEOJf/w72-h72-p-k-no-nu/fingering-1552574107.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v71a"
expires: Sun, 24 Sep 2023 22:15:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fingering-1552574107.jpeg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 22:15:00 GMT
server: fife
content-length: 2940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 04:50:55 GMT
expires: Fri, 20 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 235445
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 10:05:24 GMT
expires: Sat, 21 Sep 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 130176
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=259
200 OK 0 B URL GET HTTP/1.1 seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=259
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=259 HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: u_pl=18448249; uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecce027b1d785710849ef059d7d384704a=[4416743]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:15:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/remote.js
200 OK 34 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/remote.js
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (539)
Hash eef28696bbaa39b975f7968898ed0b77
700e69a6fe11bdc5b61d9e3d5744081e1107e473
9c0bfa50f6614e11b264c0de231333a99dae38106f3796f5ec4179b588b624af
GET /s/player/9cbb6b90/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 14:40:21 GMT
expires: Sat, 21 Sep 2024 14:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 113679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/js/th/nwcP_aRe3K2iGEG8OSbc8djJ97oB5PWz9GCqv6PbSFg.js
200 OK 15 kB URL GET HTTP/3 www.google.com/js/th/nwcP_aRe3K2iGEG8OSbc8djJ97oB5PWz9GCqv6PbSFg.js
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (37330)
Hash a606e8515f96db1e4911d214675f61e6
1933bbf1e5426f5b092b4cb74af33e5cef514454
9f070ffda45edcada21841bc3926dcf1d8c9f7ba01e4f5b3f460aabfa3db4858
GET /js/th/nwcP_aRe3K2iGEG8OSbc8djJ97oB5PWz9GCqv6PbSFg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14782
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 15:07:25 GMT
expires: Sun, 22 Sep 2024 15:07:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Sep 2023 20:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 25655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 781bcdac0ca8245a8f90d2fd7626fd82
611c000863bb94d8df3522be017425da90765169
256504e92c4815c7d46f1a3991687c1363395e6b3d5bac533b72cf6bec4f5ef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seemreflexdisable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitjjlFUVw8uIgwiIKCmXTP9Ez3uIfF7BoJxs2y66o3qa6qnpSp7mqquqcnuRhckD3O4s1T502yQQ2LXrz5w8SLBISMpwjmIIjgSVjIWSYJDvtdvu997zu8eq8%2B2y5OiIuCHi%2B9qzelUnShVXdrr37oeVdqKzIt%2BrV%2B2P6o7V%2Bpmd4bntupu6%2FV3hZsXS80XM91PderLUkjYt1f8Dyv7kJm%2Bx2v3nHrfqPutXz0zePYFg4sdcB7J%2BQSJB%2FP7T%2F0IdkIafLNdWHXc529%2FlZSKJprgx7fu5Oup7pMkUzH2DiI072La2h7tPQDdLp7Jhi69%2F9hJMfE%2BetPROnehUpEvd1zoZGCSBHxJ1H2RhBqBElHYPouJD8iAOO4sYo0eXBDm5JunLN0wo7J7OkjyHJMZv94DmnycFHJfu22VkUudWrRjyvI%2FgiyO0JWHCDfnIEsD8DyTyH5r2ThdAVpsrNqlYbkxy97woviiMXzLT9oz%2FuUB%2FNhzOl8i8chjztRmwf8zCEpR5DxCEoMQO0MCuugkA6K2EGROUj4cS1gfhjysMWpYKwRxV4Y%2B7HfocyNmdvsNFCwyRsGyLMBmBqAmS1kZgvr8v5R6xJM8RPsWgXLHdicoMcrlIKgtAQlJSglQZkTlL1qlyvbsNUDrmwReRe9cdGb1VDn3W26q%2FOuSMl2dkKenXjnXP5kA%2BviuMaE2wgijwdhK%2FDc0O%2BI2G11eMCboR%2B4PoWVFaSdAbUONuWYvHTnH2RyTOZ%2BWUNED2DVAZh8AbR4EbQcBg0XdG3ohy420%2B%2BYTmNh7SQPm2sjha0znYDrClk%2Bi3zD2VYn5PJZmtf43xDs8Orv80%2B%2FP%2Fv852CmQmYqfCx%2FJuiqe8NbuiQ7t3RpyberWS4TuUknSd%2FOaS5mv3pHbJTa8OXrdvDlm2xCTMb994TNV2jKZdq15OtFybkwS9owQb5fth%2BI6GZh1xYLkxbZys1rS8tJZs71jkDlmJDhIzA5Jk99cXr2i19ZnIM0I5iiQlIckouC1Adg2RZsNt1ZTWDUFEeZg7KohqYRTZdKEigxxTSqYMXUhEgc%2FvjvObdt76FrHND8LtKkQs9U6KkKVA1giyeGeWYOr%2F7WPCtEyhlGyjg7kTLq%2Frm5Vh7XGHMF9aLAE4KLVpMxv83CqB03%2FUCELd5CbsfiGUb%2FAwAA%2F%2F8BAAD%2F%2F%2FA80NWSBAAA
200 OK 7 B URL GET HTTP/1.1 seemreflexdisable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitjjlFUVw8uIgwiIKCmXTP9Ez3uIfF7BoJxs2y66o3qa6qnpSp7mqquqcnuRhckD3O4s1T502yQQ2LXrz5w8SLBISMpwjmIIjgSVjIWSYJDvtdvu997zu8eq8%2B2y5OiIuCHi%2B9qzelUnShVXdrr37oeVdqKzIt%2BrV%2B2P6o7V%2Bpmd4bntupu6%2FV3hZsXS80XM91PderLUkjYt1f8Dyv7kJm%2Bx2v3nHrfqPutXz0zePYFg4sdcB7J%2BQSJB%2FP7T%2F0IdkIafLNdWHXc529%2FlZSKJprgx7fu5Oup7pMkUzH2DiI072La2h7tPQDdLp7Jhi69%2F9hJMfE%2BetPROnehUpEvd1zoZGCSBHxJ1H2RhBqBElHYPouJD8iAOO4sYo0eXBDm5JunLN0wo7J7OkjyHJMZv94DmnycFHJfu22VkUudWrRjyvI%2FgiyO0JWHCDfnIEsD8DyTyH5r2ThdAVpsrNqlYbkxy97woviiMXzLT9oz%2FuUB%2FNhzOl8i8chjztRmwf8zCEpR5DxCEoMQO0MCuugkA6K2EGROUj4cS1gfhjysMWpYKwRxV4Y%2B7HfocyNmdvsNFCwyRsGyLMBmBqAmS1kZgvr8v5R6xJM8RPsWgXLHdicoMcrlIKgtAQlJSglQZkTlL1qlyvbsNUDrmwReRe9cdGb1VDn3W26q%2FOuSMl2dkKenXjnXP5kA%2BviuMaE2wgijwdhK%2FDc0O%2BI2G11eMCboR%2B4PoWVFaSdAbUONuWYvHTnH2RyTOZ%2BWUNED2DVAZh8AbR4EbQcBg0XdG3ohy420%2B%2BYTmNh7SQPm2sjha0znYDrClk%2Bi3zD2VYn5PJZmtf43xDs8Orv80%2B%2FP%2Fv852CmQmYqfCx%2FJuiqe8NbuiQ7t3RpyberWS4TuUknSd%2FOaS5mv3pHbJTa8OXrdvDlm2xCTMb994TNV2jKZdq15OtFybkwS9owQb5fth%2BI6GZh1xYLkxbZys1rS8tJZs71jkDlmJDhIzA5Jk99cXr2i19ZnIM0I5iiQlIckouC1Adg2RZsNt1ZTWDUFEeZg7KohqYRTZdKEigxxTSqYMXUhEgc%2FvjvObdt76FrHND8LtKkQs9U6KkKVA1giyeGeWYOr%2F7WPCtEyhlGyjg7kTLq%2Frm5Vh7XGHMF9aLAE4KLVpMxv83CqB03%2FUCELd5CbsfiGUb%2FAwAA%2F%2F8BAAD%2F%2F%2FA80NWSBAAA
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitjjlFUVw8uIgwiIKCmXTP9Ez3uIfF7BoJxs2y66o3qa6qnpSp7mqquqcnuRhckD3O4s1T502yQQ2LXrz5w8SLBISMpwjmIIjgSVjIWSYJDvtdvu997zu8eq8%2B2y5OiIuCHi%2B9qzelUnShVXdrr37oeVdqKzIt%2BrV%2B2P6o7V%2Bpmd4bntupu6%2FV3hZsXS80XM91PderLUkjYt1f8Dyv7kJm%2Bx2v3nHrfqPutXz0zePYFg4sdcB7J%2BQSJB%2FP7T%2F0IdkIafLNdWHXc529%2FlZSKJprgx7fu5Oup7pMkUzH2DiI072La2h7tPQDdLp7Jhi69%2F9hJMfE%2BetPROnehUpEvd1zoZGCSBHxJ1H2RhBqBElHYPouJD8iAOO4sYo0eXBDm5JunLN0wo7J7OkjyHJMZv94DmnycFHJfu22VkUudWrRjyvI%2FgiyO0JWHCDfnIEsD8DyTyH5r2ThdAVpsrNqlYbkxy97woviiMXzLT9oz%2FuUB%2FNhzOl8i8chjztRmwf8zCEpR5DxCEoMQO0MCuugkA6K2EGROUj4cS1gfhjysMWpYKwRxV4Y%2B7HfocyNmdvsNFCwyRsGyLMBmBqAmS1kZgvr8v5R6xJM8RPsWgXLHdicoMcrlIKgtAQlJSglQZkTlL1qlyvbsNUDrmwReRe9cdGb1VDn3W26q%2FOuSMl2dkKenXjnXP5kA%2BviuMaE2wgijwdhK%2FDc0O%2BI2G11eMCboR%2B4PoWVFaSdAbUONuWYvHTnH2RyTOZ%2BWUNED2DVAZh8AbR4EbQcBg0XdG3ohy420%2B%2BYTmNh7SQPm2sjha0znYDrClk%2Bi3zD2VYn5PJZmtf43xDs8Orv80%2B%2FP%2Fv852CmQmYqfCx%2FJuiqe8NbuiQ7t3RpyberWS4TuUknSd%2FOaS5mv3pHbJTa8OXrdvDlm2xCTMb994TNV2jKZdq15OtFybkwS9owQb5fth%2BI6GZh1xYLkxbZys1rS8tJZs71jkDlmJDhIzA5Jk99cXr2i19ZnIM0I5iiQlIckouC1Adg2RZsNt1ZTWDUFEeZg7KohqYRTZdKEigxxTSqYMXUhEgc%2FvjvObdt76FrHND8LtKkQs9U6KkKVA1giyeGeWYOr%2F7WPCtEyhlGyjg7kTLq%2Frm5Vh7XGHMF9aLAE4KLVpMxv83CqB03%2FUCELd5CbsfiGUb%2FAwAA%2F%2F8BAAD%2F%2F%2FA80NWSBAAA HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: u_pl=18448249; uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecce027b1d785710849ef059d7d384704a=[4416743]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:15:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2251ac405d0d363220416e027e27474
Strict-Transport-Security: max-age=0; includeSubdomains
i.ytimg.com/vi_webp/Ams57196RiI/sddefault.webp
200 OK 28 kB URL GET HTTP/2 i.ytimg.com/vi_webp/Ams57196RiI/sddefault.webp
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint83:6D:53:72:1E:39:D8:A0:10:4A:F9:34:A4:A7:2B:90:D7:0A:51:64
ValidityMon, 04 Sep 2023 08:16:59 GMT - Mon, 27 Nov 2023 08:16:58 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44338811a0256cc4250fcf748866d9b9
36751f879d1dadf5242d7b6d6a8e4805ab6b2b08
d22eabd05a46e176ab923b27f009233743a71803138a6e3df2bbd6eb6ff42e1d
GET /vi_webp/Ams57196RiI/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 28014
date: Sat, 23 Sep 2023 22:15:00 GMT
expires: Sun, 24 Sep 2023 00:15:00 GMT
cache-control: public, max-age=7200
etag: "1623822280"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
seemreflexdisable.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 seemreflexdisable.com/pixel/sbs?c=1
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: u_pl=18448249; uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecce027b1d785710849ef059d7d384704a=[4416743]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:15:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.google.com/cse/static/css/v2/clear.png
200 OK 1.0 kB URL GET HTTP/3 www.google.com/cse/static/css/v2/clear.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 2df778bf2e22d52fe849babb330ec977
0f833f030bb43f282473bddd3a33b5f8cba7a845
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
GET /cse/static/css/v2/clear.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+no.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 07:51:44 GMT
expires: Sun, 22 Sep 2024 07:51:44 GMT
cache-control: public, max-age=31536000
age: 51796
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/cse/static/images/1x/no/branding.png
200 OK 1.7 kB URL GET HTTP/3 www.google.com/cse/static/images/1x/no/branding.png
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type PNG image data, 185 x 15, 8-bit colormap, non-interlaced\012- data
Hash c39831f7e5396d6a90bd905c138d5886
ff368aadee0166486db04f6e6ef09edb12af8bd0
db857eae92685a8397a33e039487e17f387308089624890a54297011d91e2a19
GET /cse/static/images/1x/no/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1676
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 15:35:25 GMT
expires: Sun, 22 Sep 2024 15:35:25 GMT
cache-control: public, max-age=31536000
age: 23975
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clients1.google.com/generate_204
204 No Content 0 B URL GET HTTP/3 clients1.google.com/generate_204
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204 HTTP/1.1
Host: clients1.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 22:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 23 Sep 2023 22:15:00 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 781bcdac0ca8245a8f90d2fd7626fd82
611c000863bb94d8df3522be017425da90765169
256504e92c4815c7d46f1a3991687c1363395e6b3d5bac533b72cf6bec4f5ef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 32 kB URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a4b5b651f1247fed9c6858f7bdbbba53
9bed4d8e918c2b0dd1d626bcd5454983b3608253
10d0615760b4bd86b450c83177ec43cb0bc89376cc560aae4a22af24734e472c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 23 Sep 2023 22:15:00 GMT
server: ESF
cache-control: private
content-length: 32112
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/dgxGI7jNS_QfO6aCZjE1fF0sTpvCtBLRIXPktpeOMWle2Px7iHx6ehOyXJeIDa47amPrPOFDdA=s68-c-k-c0x00ffffff-no-rj
200 OK 4.6 kB URL GET HTTP/2 yt3.ggpht.com/dgxGI7jNS_QfO6aCZjE1fF0sTpvCtBLRIXPktpeOMWle2Px7iHx6ehOyXJeIDa47amPrPOFDdA=s68-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 93732a34bffff0f3eab2de5ca21ba8af
37dd2015106560a016372c243f68e1487c91ad2a
0e1532aed57b7a435b888222c70f8dc6adf572495bad1758d07239590a11b2de
GET /dgxGI7jNS_QfO6aCZjE1fF0sTpvCtBLRIXPktpeOMWle2Px7iHx6ehOyXJeIDa47amPrPOFDdA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 4571
x-xss-protection: 0
date: Sat, 23 Sep 2023 22:15:01 GMT
expires: Sun, 24 Sep 2023 22:15:01 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/generate_204?sYrD4Q
204 No Content 0 B URL GET HTTP/3 www.youtube.com/generate_204?sYrD4Q
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?sYrD4Q HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 22:15:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.confessionsstories.com/favicon.ico
200 OK 412 B URL GET HTTP/2 www.confessionsstories.com/favicon.ico
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1; sb_main_ce027b1d785710849ef059d7d384704a=1; sb_count_ce027b1d785710849ef059d7d384704a=1; ppu_main_e22fe2138e3f63642753547dd0d1eb45=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=seemreflexdisable.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
expires: Sat, 23 Sep 2023 22:15:01 GMT
date: Sat, 23 Sep 2023 22:15:01 GMT
cache-control: private, max-age=86400
last-modified: Thu, 21 Sep 2023 00:47:38 GMT
etag: W/"7510eba6c89b5dfcd8fc1f4e668725c2d8decc7bcba5d3538c876eb3b75c3c74"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
X-Firefox-Spdy: h2
www.confessionsstories.com/
200 OK 38 kB URL GET HTTP/2 www.confessionsstories.com/
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.confessionsstories.com
Fingerprint7D:00:BB:25:1C:0B:0E:02:A0:DB:27:68:BC:FB:B7:20:26:A5:B0:4A
ValidityTue, 15 Aug 2023 05:20:26 GMT - Mon, 13 Nov 2023 06:10:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967)
Hash 403699874e742783dad74f9fa8037554
6c043715a04ce6c9a03c9ad6f3356b7651b90d01
0fb01a0d2f16f5397f550aa993510b030ad5f55100786cf1eb89ebddb14505ef
GET / HTTP/1.1
Host: www.confessionsstories.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7%3A2%3A1; sb_main_ce027b1d785710849ef059d7d384704a=1; sb_count_ce027b1d785710849ef059d7d384704a=1; ppu_main_e22fe2138e3f63642753547dd0d1eb45=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=seemreflexdisable.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 22:15:01 GMT
date: Sat, 23 Sep 2023 22:15:01 GMT
cache-control: private, max-age=0
last-modified: Thu, 21 Sep 2023 00:47:38 GMT
etag: W/"7510eba6c89b5dfcd8fc1f4e668725c2d8decc7bcba5d3538c876eb3b75c3c74"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 38255
server: GSE
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 23 Sep 2023 22:15:01 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 36c3e9b84cd8ae98a256be0bcb74e030
a6fcf6c292962614d351b2c5e22e7860a5bb4779
8348e97ad55a63aeb7507dc380a5e712ef398536e9d64e0cd5c3a38f7c12793f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1060
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 23 Sep 2023 22:15:01 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1695507301864
Content-Type: application/json
X-Goog-Visitor-Id: CgtZU3BDXzg4ZGV4cyjixr2oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695507299078&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C320%2C205&vis=1&wgl=true&ca_type=image
Content-Length: 15747
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sat, 23 Sep 2023 22:15:01 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+307; expires=Mon, 22-Sep-2025 22:15:01 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 22:15:01 GMT
cache-control: private
cse.google.com/adsense/search/async-ads.js
200 OK 54 kB URL GET HTTP/3 cse.google.com/adsense/search/async-ads.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2067)
Hash 34386b50b64ab3fd4e67560ad6aa50d8
ffbd0d30a6087199e9c49bd964e25e679c9bb47f
18b0ea8dd0e9b00d94b57cf190393791125d5876a1fce0297bd7c73dd6f618d0
GET /adsense/search/async-ads.js HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 23 Sep 2023 22:15:00 GMT
expires: Sat, 23 Sep 2023 22:15:00 GMT
cache-control: private, max-age=3600
etag: "15506744638659849499"
x-content-type-options: nosniff
link: <https://afs.googlesyndication.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
unseenreport.com/pxf.gif?uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=e22fe2138e3f63642753547dd0d1eb45&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=e22fe2138e3f63642753547dd0d1eb45&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=e22fe2138e3f63642753547dd0d1eb45&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:15:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de9eeb53a71465934407c00d1eb75437
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=ce027b1d785710849ef059d7d384704a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=ce027b1d785710849ef059d7d384704a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=c79dd459-8248-4a60-b0a1-4aec8cf2e2e7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=ce027b1d785710849ef059d7d384704a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:15:02 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8268036ee8e3087d4ef70925326cb843
Strict-Transport-Security: max-age=0; includeSubdomains
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1695507304417
Content-Type: application/json
X-Goog-Visitor-Id: CgtZU3BDXzg4ZGV4cyjixr2oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695507299747&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C320%2C205&vis=1&wgl=true&ca_type=image
Content-Length: 1081
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sat, 23 Sep 2023 22:15:04 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+697; expires=Mon, 22-Sep-2025 22:15:04 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 22:15:04 GMT
cache-control: private
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1695507316236
Content-Type: application/json
X-Goog-Visitor-Id: CgtZU3BDXzg4ZGV4cyjixr2oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695507299078&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C320%2C205&vis=1&wgl=true&ca_type=image
Content-Length: 762
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sat, 23 Sep 2023 22:15:16 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+054; expires=Mon, 22-Sep-2025 22:15:16 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 22:15:16 GMT
cache-control: private
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
Hash e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:06:42 GMT
etag: W/"62136432-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaH0MBxYi1J6GDCr81fK26VQVVgU22afGhwndEeY6tNPh5uAsy6iofjIs%2FN9qObI%2Bl2l8SVwCMdhDLx0qILmvWEnCTqipXeIwte8gk0DhhjV%2BockhaCIpCPfIUA60Eg%2BYFcbeF9P0nyN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b624cc2d697750-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3285f27a11ab185710800a5ef5e94beb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 23 Sep 2023 22:14:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbT9pSVD7fg3qzjDKZYqK7t%2BSBCubI8y8KNTJgugIs%2Fv3cxKT1LtY5mwsv%2Fm636V%2BeZGzRSg%2B0tierlQ3I1hpAwJBBHiFkFwBux6TBIxjxx4Wgmbbh5vin9f4e%2BJafQxc%2FuJthA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b624bdc9ae7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
200 OK 1.5 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintCB:0F:87:85:B0:83:8B:5C:86:E5:81:91:9D:F5:ED:C4:A2:B6:B1:BE
ValidityTue, 12 Sep 2023 01:01:21 GMT - Mon, 11 Dec 2023 01:01:20 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1639), with no line terminators
Hash 97b357c624104a8e915d01424dfe16ce
6bd7fcedfb7986b149601b1bc840f525b67a8f06
8d010e7163298acf3671bb429a2e0b1d69033a5adc314fa4bddebf74b9775e6e
GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.confessionsstories.com
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:58 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
etag: W/"6242c2de-602"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 23 Sep 2023 23:14:58 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__no.js?usqp=CAI%3D
200 OK 317 kB URL GET HTTP/3 www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__no.js?usqp=CAI%3D
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (1925)
Size 317 kB (316939 bytes)
Hash 54c543be6234a2d3ccd2be1c304563dd
035d33df511558065c9b260c353e2c079eb3e4d5
aa83be74ff3ec482a668908bdff0cab305c741645d2a2270880a76623b26ee3c
GET /cse/static/element/e992cd4de3c7044f/cse_element__no.js?usqp=CAI%3D HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 105416
date: Sat, 23 Sep 2023 22:15:00 GMT
expires: Sat, 23 Sep 2023 22:15:00 GMT
cache-control: private, max-age=31536000
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/embed.js
200 OK 55 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/Ams57196RiI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3391)
Hash 0634fe0bbd81dee2f78ea73905699a32
60f070925b24a488529e44998702b761940bfc12
0e0790121ab615b8a885f11bf9b05c0c9f961bc0c5ba748e18d0ac1168ee6583
GET /s/player/9cbb6b90/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ams57196RiI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 17138
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 19:47:35 GMT
expires: Sun, 22 Sep 2024 19:47:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 8843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
200 OK 13 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash 6e4764b359aab3f86b4c27f42d43b59d
90ede073b409524dd4fb7e0ffb2546c315cc9369
1c8e52d3888cd342e92a8cb297a8425f4a88878ab086c04022c67e0df08009b9
GET /css?family=Roboto:400,400i,500,500i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 23 Sep 2023 22:14:56 GMT
date: Sat, 23 Sep 2023 22:14:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4168&fd=498
200 OK 0 B URL GET HTTP/1.1 seemreflexdisable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4168&fd=498
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerLet's Encrypt
Subjectseemreflexdisable.com
Fingerprint9D:B3:5A:C8:AE:F9:DE:AF:FC:66:57:41:FA:34:13:52:23:17:7C:3F
ValidityThu, 14 Sep 2023 11:23:01 GMT - Wed, 13 Dec 2023 11:23:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4168&fd=498 HTTP/1.1
Host: seemreflexdisable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Cookie: u_pl=18448249; uid_id2=1e1bfbcf-5476-4ad7-8fda-5df8df9b6d7d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecce027b1d785710849ef059d7d384704a=[4416743]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 23 Sep 2023 22:14:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
addresseepaper.com/sfp.js
0 B URL GET addresseepaper.com/sfp.js
IP
Requested by https://www.confessionsstories.com/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.confessionsstories.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
200 OK 84 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
IP
Requested by https://www.confessionsstories.com/
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type ASCII text, with very long lines (32025)
Hash 4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:14:59 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 18973379
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiobUwtUqcWp9%2BumkCzQJDSBdt38EXziXA8VL8QJuj%2BlDg2dpuFhv%2Br%2FLWUTGKj8KbU%2BbbE6jJuGQ6MsAUQ3zOCM4VHmXEcgCDnXr3E6wCh79Rb5WilpiGRwf4EZEpjMzw509%2BW8NFby"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b624cc3f80385b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
142.250.74.51
52.58.179.111
104.21.17.166
0.0.0.0