freetattoosideas.blogspot.fr/2011/01/top-hat-tattoo.html
142.250.74.161302 Moved Temporarily 199 B URL HTTP/1.1 freetattoosideas.blogspot.fr/2011/01/top-hat-tattoo.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ae52c2fa7478b0f6b6a5c80fc24e6d08
7aa19092062fe1c0b3f1c5e84c5dd2042973d79b
dfa26ba35672eb66dc4d351dcffe418f5d33cbd947d0c606c35b3e834b2c0870
Analyzer Verdict Alert fortinet Malware
GET /2011/01/top-hat-tattoo.html HTTP/1.1
Host: freetattoosideas.blogspot.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://freetattoosideas.blogspot.com/2011/01/top-hat-tattoo.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 21:32:52 GMT
Expires: Wed, 14 Dec 2022 21:32:52 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 199
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5541
Expires: Wed, 14 Dec 2022 23:05:13 GMT
Date: Wed, 14 Dec 2022 21:32:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6225
Expires: Wed, 14 Dec 2022 23:16:37 GMT
Date: Wed, 14 Dec 2022 21:32:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 21:08:54 GMT
content-type: application/json
age: 1438
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3638
Expires: Wed, 14 Dec 2022 22:33:30 GMT
Date: Wed, 14 Dec 2022 21:32:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bqi9gD1lPdnuc2POYZ2rEb/EmHBR9CnhhsgbCWecrp0TJB+d+1MrD1N8QQxJ5xrfPGhnHTxUKNw=
x-amz-request-id: 06KHMRRZJNWWAPSP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 20:50:39 GMT
age: 2533
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 21:32:52 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
freetattoosideas.blogspot.com/2011/01/top-hat-tattoo.html
142.250.74.161200 OK 16 kB URL HTTP/1.1 freetattoosideas.blogspot.com/2011/01/top-hat-tattoo.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6495)
Hash e3a02841514ef48d65e5ae519551bf92
d658ebd0dcd479ffc2337348baeb2ab4adce4e2d
abbf4d2fe82fef3b25a1c115568ef9870d65db0d32ccb2d5357046c8b69dd863
Analyzer Verdict Alert fortinet Malware
GET /2011/01/top-hat-tattoo.html HTTP/1.1
Host: freetattoosideas.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 14 Dec 2022 21:32:52 GMT
Date: Wed, 14 Dec 2022 21:32:52 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 18 Nov 2022 04:51:50 GMT
ETag: W/"71333474cbcb00312559037b5b5d41bac7a33ac223751f4192f2e0d083afcb6c"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15773
Server: GSE
freetattoosideas.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 freetattoosideas.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: freetattoosideas.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/2011/01/top-hat-tattoo.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 12 Dec 2022 03:23:01 GMT
Expires: Mon, 19 Dec 2022 03:23:01 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 11 Dec 2022 20:50:25 GMT
Content-Type: text/javascript
Age: 238191
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 21:07:58 GMT
age: 1494
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
geoloc2.geovisite.com/private/geoglobe.js?compte=960705966763
54.36.176.112200 OK 11 kB URL HTTP/1.1 geoloc2.geovisite.com/private/geoglobe.js?compte=960705966763
IP 54.36.176.112:0
File type ASCII text, with very long lines (925)
Hash 158b1d9a5d86e64c347f47c7445237b8
9dce34eb4e1ce7a60f93356891597166bce161be
70c90397418803e59c4f8d0ac74f095cf757a1e03c6907993f8e19901615f731
GET /private/geoglobe.js?compte=960705966763 HTTP/1.1
Host: geoloc2.geovisite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.4.16
Pragma: no-cache
Expires: Tue, 9 May 2000 11:11:11 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0ffd9494d7b15d0c02e09f86eb695397
0650b890aa6e1d7651089bfc3b298d5b8d88650d
ac0d60d80fcd6577aefe03b46683d3f087cbada34717a3e53ec31cfeb0ed11e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.istockphoto.com/file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg
143.204.55.90301 Moved Permanently 167 B URL HTTP/1.1 www.istockphoto.com/file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg
IP 143.204.55.90:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg HTTP/1.1
Host: www.istockphoto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.istockphoto.com/file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JjalArFoK12JaoIUL2wX1K9SKE5MrA22QYm_0PXgV5iEKKtGwVKjEA==
www.blogger.com/static/v1/widgets/2092647672-widgets.js
142.250.74.73200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 142.250.74.73:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 588128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.73200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.73:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:15 GMT
expires: Sat, 09 Dec 2023 13:33:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 19:54:39 GMT
content-type: text/css
age: 460778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rlv.zcache.com/vintage_smoking_skull_with_hat_tattoo_art_apron-p154356363429156560q6wc_400.jpg
151.101.0.241301 Moved Permanently 0 B URL HTTP/1.1 rlv.zcache.com/vintage_smoking_skull_with_hat_tattoo_art_apron-p154356363429156560q6wc_400.jpg
IP 151.101.0.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vintage_smoking_skull_with_hat_tattoo_art_apron-p154356363429156560q6wc_400.jpg HTTP/1.1
Host: rlv.zcache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://rlv.zcache.com/vintage_smoking_skull_with_hat_tattoo_art_apron-p154356363429156560q6wc_400.jpg
Accept-Ranges: bytes
Date: Wed, 14 Dec 2022 21:32:53 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1675-BMA
X-Cache: HIT
X-Timer: S1671053573.135713,VS0,VE0
Strict-Transport-Security: max-age=31557600
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.73200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.73:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 09 Dec 2022 12:51:35 GMT
content-type: text/javascript
age: 460780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.wired.com/images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg
151.101.2.194301 Moved Permanently 0 B URL HTTP/1.1 www.wired.com/images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg
IP 151.101.2.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg HTTP/1.1
Host: www.wired.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://www.wired.com/images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg
Accept-Ranges: bytes
Date: Wed, 14 Dec 2022 21:32:53 GMT
Via: 1.1 varnish
Set-Cookie: CN_xid=98f386aa-659e-4e92-b826-faa65fcdd22d; Expires=Mon, 12 Jun 2023 21:32:53 GMT; Domain=.wired.com; path=/; Secure; SameSite=None;
CN_xid_refresh=98f386aa-659e-4e92-b826-faa65fcdd22d; Expires=Thu, 14 Dec 2023 21:32:53 GMT; Domain=.wired.com; path=/; Secure; httponly; SameSite=None;
xid1=1; Expires=Wed, 14 Dec 2022 21:33:08 GMT; path=/;
CN_segments=co.w2250; Expires=Mon, 12 Jun 2023 21:32:53 GMT; path=/;
CN_geo_country_code=NO; Expires=Mon, 12 Jun 2023 21:32:53 GMT; Path=/; Domain=wired.com; Samesite=None; Secure
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
X-Served-By: cache-bma1671-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1671053573.180596,VS0,VE0
Vary:
apple-news-services-host: www.wired.com
www.bloggapedia.com/bp_small_images/blog-gapedia5.png
172.104.142.251301 Moved Permanently 162 B URL HTTP/1.1 www.bloggapedia.com/bp_small_images/blog-gapedia5.png
IP 172.104.142.251:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bp_small_images/blog-gapedia5.png HTTP/1.1
Host: www.bloggapedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html
Content-Length: 162
Location: https://bloggapedia.com/bp_small_images/blog-gapedia5.png
Age: 0
Connection: keep-alive
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 19:47:45 GMT
expires: Wed, 13 Dec 2023 19:47:45 GMT
cache-control: public, max-age=31536000
age: 92708
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bloggernity.com/images/80x15.png
212.8.249.233200 OK 17 kB URL HTTP/1.1 www.bloggernity.com/images/80x15.png
IP 212.8.249.233:0
ASN #49981 WorldStream B.V.
File type PNG image data, 80 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 5242d93144035cc4be75059bd47ccdc1
09b97a6dee8fc706a9e9937e31acdaa7e6789612
7b2816f85aed65948f13ef20539ff3b9c3abb447944b67f2559769482d7700ec
GET /images/80x15.png HTTP/1.1
Host: www.bloggernity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: image/png
Content-Length: 16837
Last-Modified: Mon, 14 Feb 2005 09:31:18 GMT
Connection: keep-alive
ETag: "42106fe6-41c5"
Expires: Wed, 21 Dec 2022 21:32:53 GMT
Pragma: public
Cache-Control: max-age=604800, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.98200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.98:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 14 Dec 2022 08:17:26 GMT
Expires: Wed, 28 Dec 2022 08:17:26 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 47727
www.blogger.com/img/share_buttons_20_3.png
142.250.74.73200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 142.250.74.73:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 17:28:13 GMT
expires: Tue, 20 Dec 2022 17:28:13 GMT
cache-control: public, max-age=604800
last-modified: Tue, 13 Dec 2022 01:53:33 GMT
content-type: image/png
age: 101080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i732.photobucket.com/albums/ww323/shara101/6-4.jpg
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i732.photobucket.com/albums/ww323/shara101/6-4.jpg
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/ww323/shara101/6-4.jpg HTTP/1.1
Host: i732.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i732.photobucket.com/albums/ww323/shara101/6-4.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bC0tgxDKsAjQ8ZXrYsd0aquxrlFUt7dnTrQQOJq7bHobSHuJwAEL3Q==
Vary: Origin
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.73200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.73:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:19:02 GMT
expires: Tue, 20 Dec 2022 14:19:02 GMT
cache-control: public, max-age=604800
last-modified: Mon, 12 Dec 2022 15:55:44 GMT
content-type: image/gif
age: 112431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www3.pictures.gi.zimbio.com/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
151.101.193.91301 Moved Permanently 0 B URL HTTP/1.1 www3.pictures.gi.zimbio.com/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
IP 151.101.193.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg HTTP/1.1
Host: www3.pictures.gi.zimbio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://www3.pictures.gi.zimbio.com/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
Accept-Ranges: bytes
Date: Wed, 14 Dec 2022 21:32:53 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1680-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1671053573.304674,VS0,VE0
X-Response-Time: 106
Strict-Transport-Security: max-age=31557600
www.blogger.com/dyn-css/authorization.css?targetBlogID=7147502112486729649&zx=efa973e9-da4e-4e8e-9776-8704a69d731d
142.250.74.73200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7147502112486729649&zx=efa973e9-da4e-4e8e-9776-8704a69d731d
IP 142.250.74.73:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=7147502112486729649&zx=efa973e9-da4e-4e8e-9776-8704a69d731d HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 21:32:53 GMT
last-modified: Wed, 14 Dec 2022 21:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.punkbabyclothes.net/shop/images/gunsrosesyellowonesie.jpg
198.251.84.92302 Moved Temporarily 154 B URL HTTP/1.1 www.punkbabyclothes.net/shop/images/gunsrosesyellowonesie.jpg
IP 198.251.84.92:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /shop/images/gunsrosesyellowonesie.jpg HTTP/1.1
Host: www.punkbabyclothes.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: http://www.punkbabyclothes.net
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/1kt/awesomeinc/body_background_dark.png
142.250.74.73200 OK 106 B URL HTTP/1.1 www.blogblog.com/1kt/awesomeinc/body_background_dark.png
IP 142.250.74.73:0
File type PNG image data, 5 x 5, 1-bit colormap, non-interlaced\012- data
Hash 1de2f5d595cb35714e69a0f86e5f058a
c1ecb1aa5b2112d67dbe4644594a984a8df8d933
50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677
GET /1kt/awesomeinc/body_background_dark.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 106
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Dec 2022 14:21:45 GMT
Expires: Tue, 20 Dec 2022 14:21:45 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 12 Dec 2022 16:52:30 GMT
Content-Type: image/png
Age: 112268
a578.ac-images.myspacecdn.com/images01/108/l_474d059f4e95c29a5a8bbfa911d3e399.jpg
93.184.220.20404 Not Found 162 B URL HTTP/1.1 a578.ac-images.myspacecdn.com/images01/108/l_474d059f4e95c29a5a8bbfa911d3e399.jpg
IP 93.184.220.20:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /images01/108/l_474d059f4e95c29a5a8bbfa911d3e399.jpg HTTP/1.1
Host: a578.ac-images.myspacecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Wed, 14 Dec 2022 21:32:53 GMT
Server: nginx
Content-Length: 162
2.bp.blogspot.com/_L0OlF7IikIM/TJPLEM-EDoI/AAAAAAAABAs/POv9-EqxgbE/s1600/Teeny-Steampunk-Brass-Top-Hat_3E0A9E47.jpg
142.250.74.161403 Forbidden 1.0 kB URL HTTP/1.1 2.bp.blogspot.com/_L0OlF7IikIM/TJPLEM-EDoI/AAAAAAAABAs/POv9-EqxgbE/s1600/Teeny-Steampunk-Brass-Top-Hat_3E0A9E47.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 969e595182a947c7fdaaef4a34401760
390d35939d67b781893925474d5f9f7919058a5f
6c5d650b05794f0ef093ee85e3507023162c4dddcbdd9ed34002b82bb567d8f7
GET /_L0OlF7IikIM/TJPLEM-EDoI/AAAAAAAABAs/POv9-EqxgbE/s1600/Teeny-Steampunk-Brass-Top-Hat_3E0A9E47.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 403 Forbidden
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 21:32:53 GMT
Server: fife
Content-Length: 1017
X-XSS-Protection: 0
img2.timeinc.net/ew/dynamic/imgs/031204/13540__charlotte_l.jpg
54.230.111.84403 Forbidden 243 B URL HTTP/1.1 img2.timeinc.net/ew/dynamic/imgs/031204/13540__charlotte_l.jpg
IP 54.230.111.84:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 4299cd6b2d3032d7fdf4042644aa8985
575cf2d6b9e229cdc6ee9d0476674c5b6fe9414c
a77578368e21c9d0e4074c268d121a1f67a9259e55d6742d4a505530ee25e2be
GET /ew/dynamic/imgs/031204/13540__charlotte_l.jpg HTTP/1.1
Host: img2.timeinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 14 Dec 2022 21:32:52 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _76YCXXgHgqew-KEWJQNOahSH1pFcdISHl7t5MO838Ds8opaZGfkNg==
www.bloggernow.com/images/80x15.png
212.8.249.233200 OK 16 kB URL HTTP/1.1 www.bloggernow.com/images/80x15.png
IP 212.8.249.233:0
ASN #49981 WorldStream B.V.
File type PNG image data, 80 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash c4ddc97aaec72c3b98451f0b10b8dd88
e73f5a7cb1fdb083285f8288b0fe887ad272ec1c
6bbae02a9c709534fc307499afb731df54f9fb1acbb86f255e19c5c60dbfdcaa
GET /images/80x15.png HTTP/1.1
Host: www.bloggernow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: image/png
Content-Length: 16493
Last-Modified: Sun, 08 Dec 2019 06:55:00 GMT
Connection: keep-alive
ETag: "5dec9e44-406d"
Expires: Wed, 21 Dec 2022 21:32:53 GMT
Pragma: public
Cache-Control: max-age=604800, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 500d7838b7582b456b8025ffe03ac9a8
ba64ec0d9ae36361848bc1be73a99e7c38575271
0da1844c4988d6497821f944b47dd19158be73f10deac19945ebdd9c18927485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/1kt/awesomeinc/body_gradient_dark.png
142.250.74.73200 OK 141 B URL HTTP/1.1 www.blogblog.com/1kt/awesomeinc/body_gradient_dark.png
IP 142.250.74.73:0
File type PNG image data, 8 x 276, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eae035d0731c30445e8469cefc7a185
0e9abf4f6203ba4e0dfae0d889b6adf3cb55a929
625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186
GET /1kt/awesomeinc/body_gradient_dark.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 141
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Dec 2022 07:12:03 GMT
Expires: Tue, 20 Dec 2022 07:12:03 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 12 Dec 2022 16:52:30 GMT
Content-Type: image/png
Age: 138050
stats.topofblogs.com/send/69413
95.217.135.78302 Found 0 B URL HTTP/1.1 stats.topofblogs.com/send/69413
IP 95.217.135.78:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /send/69413 HTTP/1.1
Host: stats.topofblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 302 Found
Server: openresty
Date: Wed, 14 Dec 2022 21:31:01 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://ww1.topofblogs.com/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
www.blogtopsites.com/v_81138.gif
52.201.85.166200 OK 185 B URL HTTP/1.1 www.blogtopsites.com/v_81138.gif
IP 52.201.85.166:0
File type GIF image data, version 89a, 80 x 15\012- data
Hash 5f14c44739c2bd7108c87aecacdb3f34
5316a24cedc1860110609228c4f4f18520758a82
e807830b738c02817b04e7d725a00a0de59aa882a4fefd93795e11957e728a83
GET /v_81138.gif HTTP/1.1
Host: www.blogtopsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: image/gif
Content-Length: 185
Connection: keep-alive
Server: Apache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geoloc2.geovisite.com/private/geoglobe_iframe_css_64.php?compte=960705966763&anim=1&bgskin=19&ca=00FF33&cbg2=9966FF&ci=FF0000&fc=3300FF&skin=0&tp=Today&p=
54.36.176.112200 OK 65 kB URL HTTP/1.1 geoloc2.geovisite.com/private/geoglobe_iframe_css_64.php?compte=960705966763&anim=1&bgskin=19&ca=00FF33&cbg2=9966FF&ci=FF0000&fc=3300FF&skin=0&tp=Today&p=
IP 54.36.176.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30666)
Hash 5af6a52f528115408d26c6e18efbdaac
5346d9d819541d0508c0df2055eeaa23d48bf510
7b395d6fb431b4384f6fbe58d9c7acd7de6593bfccafa78e29b404f36e4d2bb7
GET /private/geoglobe_iframe_css_64.php?compte=960705966763&anim=1&bgskin=19&ca=00FF33&cbg2=9966FF&ci=FF0000&fc=3300FF&skin=0&tp=Today&p= HTTP/1.1
Host: geoloc2.geovisite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:53 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.4.16
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.blogflare.com/world.png
172.67.129.23404 Not Found 1.2 kB URL HTTP/1.1 www.blogflare.com/world.png
IP 172.67.129.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (355)
Hash 5097070b0fbdaf623945ee309dfc4d3f
a2c6f48ee46e52a0386adcca2eed79b5851bf849
4aab51443e282b0d27cf5cc6e1e57c12ffd7d62f9b1b1be397997bb0b666051c
GET /world.png HTTP/1.1
Host: www.blogflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 404 Not Found
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 26 Jul 2021 12:39:01 GMT
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=7200
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvnTVnnI9WZIJ2krpa76e0YLT%2B1uj82jzSNp2mtQXbidBLep4XaJryedJuDCb%2Br%2F6GL1q2MwxO1JWS3sicrdkiIyBZRtTuKv72Y46kGDln6tsKxU%2BqF2dPSjl%2FXzM%2FBqbDFofA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779a0e005dfb0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.blogflare.com/flare_11754.gif
172.67.129.23404 Not Found 1.2 kB URL HTTP/1.1 www.blogflare.com/flare_11754.gif
IP 172.67.129.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (355)
Hash c4b837bbd0f878bbcfaa8df6dee944dc
03e9559750d7a0da92361abe8f0e743fef5996d8
1b793d503622a9c767929e5771d7ceffd5fed449ce529cdaa1816a4e3fe5ee91
GET /flare_11754.gif HTTP/1.1
Host: www.blogflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 404 Not Found
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 26 Jul 2021 12:39:01 GMT
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=7200
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYlQ1rynWUonJumO4nvYjMwxodyto6N44mt2ngjh1VKTA6%2FqDSHxq09inqP38VPXfKf%2FzTtlH88Avk7JL3QUnh8Z50bugJIgVbtIuG1zn3JOXeipxxRTzSwvvUA3VIf5hU47rg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779a0e005ab20b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.zhippo.com/LittleJohnsTattoosHOSTED/images/gallery/medium/Sugar%2520skull%2520in%2520progress%2520spread(web).jpg
65.175.68.149404 Not Found 5.1 kB URL HTTP/1.1 www.zhippo.com/LittleJohnsTattoosHOSTED/images/gallery/medium/Sugar%2520skull%2520in%2520progress%2520spread(web).jpg
IP 65.175.68.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (445)
Hash f5450df903860c5293901f57901883e8
7a14ac23bbb77e96281f19142e69e3866534aa83
e4a8db45cfde5e1ba8b8b8cbecb029639c1b680899d527d8ef245703821ebbc8
GET /LittleJohnsTattoosHOSTED/images/gallery/medium/Sugar%2520skull%2520in%2520progress%2520spread(web).jpg HTTP/1.1
Host: www.zhippo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 14 Dec 2022 21:32:53 GMT
Connection: close
Content-Length: 5079
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 049f69500432fcb0f7a0b7abd3d043ce
f98580514cd887c1afc13f9eb3c19859c2fd9f6e
62be2377f7207f5a27fd76145d2c144aeba359256bb5dfef69b6c6ae61757fd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62BE2377F7207F5A27FD76145D2C144AEBA359256BB5DFEF69B6C6AE61757FD4"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9688
Expires: Thu, 15 Dec 2022 00:14:21 GMT
Date: Wed, 14 Dec 2022 21:32:53 GMT
Connection: keep-alive
bloggapedia.com/bp_small_images/blog-gapedia5.png
172.104.142.251404 Not Found 107 B URL HTTP/1.1 bloggapedia.com/bp_small_images/blog-gapedia5.png
IP 172.104.142.251:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1f1ab1003fec1cbbe630f8a25a93a2bf
8cec320eff3e038626b6f5edb5be9e98d5a5bbca
085420c1207434394ec6e170849d50b661e59c6e0a977ab43f5c74a37de71fcd
GET /bp_small_images/blog-gapedia5.png HTTP/1.1
Host: bloggapedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Age: 0
Content-Encoding: gzip
3.bp.blogspot.com/_MabKxAfp4Tc/Sd3ibJUDMuI/AAAAAAAAC9Y/NQxfQyBk0s8/s400/pugslash.JPG
142.250.74.161200 OK 46 kB URL HTTP/1.1 3.bp.blogspot.com/_MabKxAfp4Tc/Sd3ibJUDMuI/AAAAAAAAC9Y/NQxfQyBk0s8/s400/pugslash.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 400x300, components 3\012- data
Hash fab90bdadcf35d7ed6c849379620efe8
a844d2e5093fafbe0ffe3a79753f8e0dc470d424
d274f9f12b9bc8eed28af5b732a170b3fead275266a4e94281fcbbe3a9c852c9
GET /_MabKxAfp4Tc/Sd3ibJUDMuI/AAAAAAAAC9Y/NQxfQyBk0s8/s400/pugslash.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vbd6"
Expires: Thu, 15 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pugslash.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 21:32:53 GMT
Server: fife
Content-Length: 46099
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d814139abf6967ecb593eb9c2efd01ec
e0095c88d2ea89abb6f769c7e3eed7b6beaf838a
81d7717ae7b109f2ef2cb37fd8557291bff119b0b151a71e3dca5b203a78e787
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.topofblogs.com/
75.2.61.216200 OK 5.9 kB IP 75.2.61.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2474)
Hash 31fcf14c8903944650f5e80b8404253d
b610b6ffbc5efa5e94611b5afeeec180e8b398de
7a2b1f545d75dcad75c090ebeca92c47634c289161c877719e3ca514e9ad084f
GET / HTTP/1.1
Host: ww1.topofblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_B6W1QtjpTCE2+ZW1H5yJQPV1c2JGpmIBCVBXOISCZiLa9WUwNlxfqkwSmtJOLyc6UbYxygouJp3ByJU3Exg4Uw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
www3.pictures.gi.zimbio.com/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
151.101.193.91301 Moved Permanently 193 B URL HTTP/2 www3.pictures.gi.zimbio.com/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
IP 151.101.193.91:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a89f26913bb306ea5d562d56cd2a651b
022d78f3a9820da584b61b60490eb2d081b6e01a
5ff07582ede401499b21ebd5917fc76b981cfe542b19ce71adf6cd8c8b9e9c01
GET /Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg HTTP/1.1
Host: www3.pictures.gi.zimbio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
server: nginx/1.4.6 (Ubuntu)
location: http://www1.pictures.zimbio.com/gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
expires: Mon, 13 Mar 2023 01:40:26 GMT
cache-control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Dec 2022 21:32:53 GMT
age: 417147
x-served-by: cache-bfi-kbfi7400110-BFI, cache-bma1624-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1671053574.545628,VS0,VE146
x-response-time: 146218
strict-transport-security: max-age=31557600
content-length: 193
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7147502112486729649%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByM4ODg4ODgqByMwMDAwMDAyByNmZmZmZmY6ByNmZmZmZmZCByM4ODg4ODhKByM2NjY2NjZSByM4ODg4ODhaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4970452208423175487%26origin%3Dhttp://freetattoosideas.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7147502112486729649%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByM4ODg4ODgqByMwMDAwMDAyByNmZmZmZmY6ByNmZmZmZmZCByM4ODg4ODhKByM2NjY2NjZSByM4ODg4ODhaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4970452208423175487%26origin%3Dhttp://freetattoosideas.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
142.250.74.77302 Found 489 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7147502112486729649%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByM4ODg4ODgqByMwMDAwMDAyByNmZmZmZmY6ByNmZmZmZmZCByM4ODg4ODhKByM2NjY2NjZSByM4ODg4ODhaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4970452208423175487%26origin%3Dhttp://freetattoosideas.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7147502112486729649%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByM4ODg4ODgqByMwMDAwMDAyByNmZmZmZmY6ByNmZmZmZmZCByM4ODg4ODhKByM2NjY2NjZSByM4ODg4ODhaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4970452208423175487%26origin%3Dhttp://freetattoosideas.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (539)
Hash ec06be5c3aee36550ff4c7d11afb8a70
1dc7761414691c05ac3167531bd9afcd5b9c3352
1151095b227b69f35e21aecf3d3174cf0cea51b804ee86981a5f0e23ed3808de
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7147502112486729649%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByM4ODg4ODgqByMwMDAwMDAyByNmZmZmZmY6ByNmZmZmZmZCByM4ODg4ODhKByM2NjY2NjZSByM4ODg4ODhaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4970452208423175487%26origin%3Dhttp://freetattoosideas.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7147502112486729649%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByM4ODg4ODgqByMwMDAwMDAyByNmZmZmZmY6ByNmZmZmZmZCByM4ODg4ODhKByM2NjY2NjZSByM4ODg4ODhaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4970452208423175487%26origin%3Dhttp://freetattoosideas.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 21:32:53 GMT
location: https://www.blogger.com/followers.g?blogID=7147502112486729649&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByM4ODg4ODgqByMwMDAwMDAyByNmZmZmZmY6ByNmZmZmZmZCByM4ODg4ODhKByM2NjY2NjZSByM4ODg4ODhaC3RyYW5zcGFyZW50&pageSize=21&postID=4970452208423175487&origin=http%3A%2F%2Ffreetattoosideas.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-nr92G7fNsK_9-XC8tSmWNQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 489
server: GSE
set-cookie: __Host-GAPS=1:PmM9-guPIA41BBHjA66zyxVaZU61-w:6BFZ7sSynL60DTZ8;Path=/;Expires=Fri, 13-Dec-2024 21:32:53 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j+UBGVtak9fepgMdpob3dQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ywaPEZnUlmZ4MaxY3pigSriMzUI=
i732.photobucket.com/albums/ww323/shara101/6-4.jpg
143.204.55.106200 OK 33 kB URL HTTP/2 i732.photobucket.com/albums/ww323/shara101/6-4.jpg
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bcdb9b2fc33ea4ab891876763e12a51b
42a485a81001038d32a41d4a186aa9df37523e32
fe1b0f0d31775edb0cd05186b06372949598cc5638fdfa1f94c42d349915b3a9
GET /albums/ww323/shara101/6-4.jpg HTTP/1.1
Host: i732.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 32744
date: Wed, 14 Dec 2022 21:32:53 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="6-4.webp"
expires: Thu, 14 Dec 2023 21:32:53 GMT
server: photobucket
x-amzn-trace-id: Root=1-639a4105-487298742c96aa4935f747fd
x-request-id: 6Hlw7KiFkuOvWMJMdtDSm
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vXvDg44tqXG4OifAgtk8MixDztc6Y9abpRF_S8H_84KTCykvy9T0Mg==
vary: Accept, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.238200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 14 Dec 2022 21:32:53 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+043; expires=Fri, 13-Dec-2024 21:32:53 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 21:32:53 GMT
cache-control: private
X-Firefox-Spdy: h2
www1.pictures.zimbio.com/gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
151.101.193.91301 Moved Permanently 0 B URL HTTP/1.1 www1.pictures.zimbio.com/gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
IP 151.101.193.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg HTTP/1.1
Host: www1.pictures.zimbio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://www1.pictures.zimbio.com/gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
Accept-Ranges: bytes
Date: Wed, 14 Dec 2022 21:32:53 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1657-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1671053574.935453,VS0,VE0
X-Response-Time: 89
Strict-Transport-Security: max-age=31557600
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a29a4c6b4ba43b8d4b85a33b27279a06
a9177ccbe185ee26f4e92115a4bc5831b64d050b
c2409b47733ef77aeaf73719b0c5fd6294c50c5e579f6ab79f71503efad63e6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 664 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 89486fe9ec07bff5d79774e8d16db47e
f0230bbcbe6c9b34f55418ce31e55a6846918fae
dbdb631be170e6ab604cdf0bd3548704097d4030b97aa559b325fce656acb6ba
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 14 Dec 2022 21:32:53 GMT
date: Wed, 14 Dec 2022 21:32:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 664
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.wired.com/images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg
151.101.2.194200 OK 45 kB URL HTTP/2 www.wired.com/images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg
IP 151.101.2.194:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=10, bps=0, description=MM], baseline, precision 8, 440x586, components 3\012- data
Hash 421e6f9a614c04f8834d137e60ce1d2e
74b2e21a47a360b2628eb0521a312a7a87114931
128dfd9ee85a4389b7e8da2a260d0460cb38831465940ecd5dd2e55a15992ab9
GET /images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg HTTP/1.1
Host: www.wired.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/jpeg
etag: "af8c-4686c81d7c1c0"
expires: Fri, 13 Jan 2023 21:32:53 GMT
last-modified: Sun, 26 Apr 2009 03:05:51 GMT
cache-control: max-age=86400
accept-ranges: bytes
date: Wed, 14 Dec 2022 21:32:53 GMT
via: 1.1 varnish
age: 0
set-cookie: CN_xid=977a7962-0314-4c40-bd58-b553b68bfe4b; Expires=Mon, 12 Jun 2023 21:32:53 GMT; Domain=.wired.com; path=/; Secure; SameSite=None;
CN_xid_refresh=977a7962-0314-4c40-bd58-b553b68bfe4b; Expires=Thu, 14 Dec 2023 21:32:53 GMT; Domain=.wired.com; path=/; Secure; httponly; SameSite=None;
xid1=1; Expires=Wed, 14 Dec 2022 21:33:08 GMT; path=/;
CN_segments=co.w2250; Expires=Mon, 12 Jun 2023 21:32:53 GMT; path=/;
CN_geo_country_code=NO; Expires=Mon, 12 Jun 2023 21:32:53 GMT; Path=/; Domain=wired.com; Samesite=None; Secure
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
strict-transport-security: max-age=31536000; preload
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1671053573.480528,VS0,VE502
x-ua-device: desktop
vary: cn-experiments, Verso
apple-news-services-host: www.wired.com
apple-news-services-request-url: /images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg
apple-news-services-parsed-url: /images_blogs/geekdad/images/2009/04/06/treednawebjpg.jpeg
apple-news-services-handled: false
content-length: 44940
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (649)
Size 163 kB (163396 bytes)
Hash aa75370bb1ce2d5b05b0d02f6feecba4
f110915b53288da7b267c51210cfc239dc0b5591
cfb8dadaba93a5e0a08739ce589b55cc61fb93d0c616da564394ce925bef6197
GET /recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 16:24:11 GMT
expires: Thu, 14 Dec 2023 16:24:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
content-type: text/javascript
age: 18523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.777seo.com/seo.php?username=impoten&format=468x60
103.224.182.251302 Found 0 B URL HTTP/1.1 www.777seo.com/seo.php?username=impoten&format=468x60
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seo.php?username=impoten&format=468x60 HTTP/1.1
Host: www.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 14 Dec 2022 21:32:53 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1671053573.1652079; expires=Sat, 11-Dec-2032 21:32:53 GMT; Max-Age=315360000
Location: http://ww38.777seo.com/seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www1.pictures.zimbio.com/gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
151.101.193.91200 OK 58 kB URL HTTP/2 www1.pictures.zimbio.com/gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg
IP 151.101.193.91:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 396x594, components 3\012- data
Hash 6cb59d18f536f9560ca4e693799bc46e
7fa824a5b15cc70b6e6b5b10c039d5dc5125b281
4fa17d9ddfa144bbe0f4f6090137a0fa4af2de47800d2ef1e2e047c6af8d7e72
GET /gi/Girl%252BDragon%252BTattoo%252BPhotocall%252B2009%252BCannes%252BFilm%252B-6z831_FxR_l.jpg HTTP/1.1
Host: www1.pictures.zimbio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx/1.4.6 (Ubuntu)
last-modified: Fri, 11 Sep 2009 04:53:10 GMT
etag: "4aa9d7b6-e0cc"
expires: Mon, 13 Mar 2023 01:40:26 GMT
cache-control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Dec 2022 21:32:54 GMT
age: 417147
x-served-by: cache-bfi-krnt7300114-BFI, cache-bma1624-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1671053574.959430,VS0,VE147
x-response-time: 146771
strict-transport-security: max-age=31557600
content-length: 57548
X-Firefox-Spdy: h2
i01.i.aliimg.com/photo/v0/280688797/Small_Top_Hat.jpg
2.19.194.202404 Not Found 1.1 kB URL HTTP/1.1 i01.i.aliimg.com/photo/v0/280688797/Small_Top_Hat.jpg
IP 2.19.194.202:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 100x100, components 1\012- data
Hash f4faed5d3fc15dd13b679301d0f9b1a1
1a9d72718c7be5d812e46edfd171b52d0e5e107c
ede668c787756a1ae763c1fcd83ee528d3a61c9d2bd10f6840b3ae0395f475a4
GET /photo/v0/280688797/Small_Top_Hat.jpg HTTP/1.1
Host: i01.i.aliimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 404 Not Found
Server: Tengine
Content-Type: image/jpeg
Content-Length: 1080
traceid: 2ff6189916710535734463990e
Cache-Control: max-age=10
EagleEye-TraceId: 2ff6189916710535734463990e
Ali-Swift-Global-Savetime: 1671053574
X-Swift-SaveTime: Wed, 14 Dec 2022 21:32:54 GMT
X-Swift-CacheTime: 10
X-Swift-Error: orig response 4XX error
EagleId: 2ff6189916710535734463990e
Date: Wed, 14 Dec 2022 21:32:54 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Network_Info: NO_OSLO_50304
SERVED-FROM: 2.19.194.198
ww38.777seo.com/seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc
75.2.11.242200 OK 5.9 kB URL HTTP/1.1 ww38.777seo.com/seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc
IP 75.2.11.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2638)
Hash e5d4473ad04184d3ff0f4b5c2e86b182
6f41f85ce80fb08a6f234012a615682597e486e3
3b3200a95c45cfc431604a763b55c5e56278b15b758f769b9cb8ba1c6fdbf80c
GET /seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc HTTP/1.1
Host: ww38.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_oAkhTUuhiGigOI7+3XIhmKbSQ3ZRLFkiRuQZxc7PTbYubaCzY4q5cTD7l43BhuWFzIKvG+Oy2vMPtyJocfP9NQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 535931
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 517491
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7035
Expires: Wed, 14 Dec 2022 23:30:09 GMT
Date: Wed, 14 Dec 2022 21:32:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7035
Expires: Wed, 14 Dec 2022 23:30:09 GMT
Date: Wed, 14 Dec 2022 21:32:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7035
Expires: Wed, 14 Dec 2022 23:30:09 GMT
Date: Wed, 14 Dec 2022 21:32:54 GMT
Connection: keep-alive
www.freshpromotions.com.au/products/top-hat-stress-toys1.jpg
103.242.94.124301 Moved Permanently 224 B URL HTTP/1.1 www.freshpromotions.com.au/products/top-hat-stress-toys1.jpg
IP 103.242.94.124:0
ASN #63956 Colocation Australia Pty Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a2f6c49d3e553920b4ed80b4bb07542c
30545176a261b79f035daf20e999ea9fc95d8bf5
1fc7b0025361f9924d3b664c2c550e18ac50d45ee87616f4dd290dd6b3620b8d
GET /products/top-hat-stress-toys1.jpg HTTP/1.1
Host: www.freshpromotions.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Dec 2022 21:32:54 GMT
Server: Apache
Location: https://www.freshpromotions.com.au/products/top-hat-stress-toys1.jpg
Cache-Control: max-age=31536000
Expires: Thu, 14 Dec 2023 21:32:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 224
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
54.230.245.130200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP 54.230.245.130:0
File type ASCII text, with very long lines (316)
Hash 3c7567521347bf95b105ffa7fdc7da86
08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Wed, 14 Dec 2022 02:41:55 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3RoXGnZFbyrHJ29VvNp7mqmQ4gerJK-ZYcsPKIkFK1DpGbaIadP2jw==
Age: 67859
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25e5932a6449b859223367ce1e67e59c
5d2ea71d4f0d952d665586bdf32ed0e88c605af6
160021eb4b65b4720d90337bf46bfc3c5b317b2ec406ba377c9368a11c56f629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12046
x-amzn-requestid: 53e890e7-eaa7-434d-bcde-4a1e60b5b6b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGqNWEhooAMFZxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f0bb-0282299f7b644bbd2b65c079;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XJelUmwr6ECrVewxG3xTG9Zfvy0dUgxkP6FhPndIJ43i3iK6yrJZsw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:34 GMT
age: 84980
etag: "5d2ea71d4f0d952d665586bdf32ed0e88c605af6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 03:59:04 GMT
age: 63230
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RuZ47uh2aq0Ib0ZGmC7gBooDauMtzuzRZspYkVePk5lFecEIrgTqFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:57:03 GMT
age: 84951
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ddda117cee658be4cfe3a5d04a88c46
a167e2211732837cf07b3b9a0b33610492ab8a47
bc5fae9d44914c804f82d1e0f90a01fe14d86063da59292bf78100f539b3f7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13205
x-amzn-requestid: 23929642-4b48-40f4-8847-854dfca772b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKoH_4oAMF_8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-19ad3c327c190b9227d232a2;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vx7sZ090BsrHPpf5WTWPKYaCNlYvuh5chiNxw2anH2Kd1WovN9Dc4w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:49:29 GMT
age: 85405
etag: "a167e2211732837cf07b3b9a0b33610492ab8a47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3acfbf939eab432007f8315f2376f563
e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c
d02ae4fa55f6ba4b1ca2186eb31a40018eada1e1491efdc4a95ffba4c35afa07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5108
x-amzn-requestid: cba619a3-ef9a-420b-b280-2b53608aad53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpL0G93IAMF59Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef18-7cc4f81a16016a8d63156bff;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3JmSN0RECaKzxPmndCUHm_4YLojawf7kw8A43yj1h1IfuZQKsVl6eg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:32 GMT
age: 84982
etag: "e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1a13d12c326848d5b7adeb2562a35a5
d795c519ea637a213aab1d80daaf44ce5ad19069
f7b99c93b99268e1b2fa438d493cf23cd75a98833710ddd22b5278a76e9f019a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: c090b5fd-ff70-48a1-9c6b-256a0776cbfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c59nPEILoAMFr_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393dc94-691a58a54b9f102b23b65c31;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 01:10:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YRU4J6-QtNjHaiX0YcxnN0UHpcgX8B_B2zVozBa2qwR4gycFW5ajvg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 18:34:30 GMT
age: 10704
etag: "d795c519ea637a213aab1d80daaf44ce5ad19069"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1885)
Hash d61d5848e781103065d5bca54bb2f5d3
0c1410cc40187c59ff57497a601bc5a0914b94ba
f07be716e8073ec4f47c14978e5bb3d2ab7905d9f012131dd848e158fb41df78
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Wed, 14 Dec 2022 21:32:54 GMT
Expires: Wed, 14 Dec 2022 21:32:54 GMT
Cache-Control: private, max-age=3600
ETag: "9096543464630205400"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 21:32:54 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/bottom.png
54.230.245.130200 OK 3.4 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/bottom.png
IP 54.230.245.130:0
File type PNG image data, 459 x 156, 8-bit colormap, non-interlaced\012- data
Hash 8f00618489c9024bc741a161effb2e32
7e3146cfd561806169d6201b01ccbe37a256dfc5
ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355
GET /themes/cleanPeppermintBlack_657d9013/img/bottom.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3359
Connection: keep-alive
Server: nginx
Date: Wed, 14 Dec 2022 18:04:06 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-d1f"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4XF50wgPfD_B8RVD3mzAkAAmJbA9AaOZE6VO8IuRZbqPeWsz49h7NQ==
Age: 12528
ww38.777seo.com/seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc&_xafvr=NTBiZWVkZTAyMjljNzMxMWQ3OWI5NDYyYTUxYTY1ODk2NDFlM2I0Ziw2MzlhNDEwNjc3YWI1
75.2.11.242200 OK 2.7 kB URL HTTP/1.1 ww38.777seo.com/seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc&_xafvr=NTBiZWVkZTAyMjljNzMxMWQ3OWI5NDYyYTUxYTY1ODk2NDFlM2I0Ziw2MzlhNDEwNjc3YWI1
IP 75.2.11.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f3b93edc55c615ac9c469d5cecc1df17
46ed8f6872f64259e131e40569dc1169bcd44041
3c327432d66df6eedcbb132b5e75430724f7096a6bd370bfc9f4c647b38d86e7
GET /seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc&_xafvr=NTBiZWVkZTAyMjljNzMxMWQ3OWI5NDYyYTUxYTY1ODk2NDFlM2I0Ziw2MzlhNDEwNjc3YWI1 HTTP/1.1
Host: ww38.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 21:32:55 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
ww38.777seo.com/favicon.ico
75.2.11.242200 OK 0 B URL HTTP/1.1 ww38.777seo.com/favicon.ico
IP 75.2.11.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww38.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/seo.php?username=impoten&format=468x60&subid1=20221215-0832-531c-8df3-8883718db8bc&_xafvr=NTBiZWVkZTAyMjljNzMxMWQ3OWI5NDYyYTUxYTY1ODk2NDFlM2I0Ziw2MzlhNDEwNjc3YWI1
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 21:32:55 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3d7584ace9d9216e403e1fe1f36c8440
d31e6cbb9cff325cd809234de6ce36d52fe06693
4ab1b5d20e32c411de6eef5576e7cefa95a355b1ebb1f79d9d26ebab8ae4d1b0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98368
Date: Wed, 14 Dec 2022 21:32:55 GMT
Etag: "6399070a-1d7"
Expires: Fri, 16 Dec 2022 00:52:23 GMT
Last-Modified: Tue, 13 Dec 2022 23:13:14 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AoGw7ESWMoPLF4krLYjVKsuudT_q6wyJM2Xq15hlK1gfgi5mttEpLw==
Age: 5949
brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
44.195.142.43200 OK 11 kB URL HTTP/2 brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP 44.195.142.43:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1924)
Hash c0641026e2aa2ae4a96ccd158235b783
2021522ffd1a82699a70c7245d933ad4aa30f4cb
df39dd35ea5e3ebe21e7cdd35d0cc6c206bccff25e350dffb630b9444da5b459
GET /lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww38.777seo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 21:32:56 GMT
content-type: text/html;charset=UTF-8
content-length: 10723
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brigi-jar.com/main.js
44.195.142.43200 OK 480 B IP 44.195.142.43:0
Hash 91558066fecbfc1f6f77842f6aa85a6c
6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e
efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed
Analyzer Verdict Alert fortinet Malware
GET /main.js HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 21:32:56 GMT
content-type: application/javascript
content-length: 480
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
brigi-jar.com/style.css
44.195.142.43200 OK 6.0 kB IP 44.195.142.43:0
Hash 2eb024ad11ef5f2e503bfb60117c25d8
235b5ca1205cc2ca3d0b8e4f98ce022512b05c0f
d8efc1d8e1100baf07f4105119fde6f8fe760a9efebf189adc5d9b3dfccc9e0a
GET /style.css HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 21:32:56 GMT
content-type: text/css
content-length: 5981
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 21:32:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins:300
142.250.74.106200 OK 8.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300
IP 142.250.74.106:0
Hash 64b2f32eca5c8cd7ef5a1a7f427a4b5f
cdcc10f4d7f4d4b3f04fa3edb4afb178e8a23bb9
6d47ff74f0aff3c9cda15a9937c012782a2c982457a575a06ee5c7c17db0f227
GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Dec 2022 21:32:56 GMT
date: Wed, 14 Dec 2022 21:32:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
brigi-jar.com/empty.gif
44.195.142.43200 OK 42 B IP 44.195.142.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /empty.gif HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 21:32:56 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5da539ea90e62ebf7284b368583f1e64
d21496f8f086ed3e53695744bd2100d2afa5150b
d89b598fcb8abf76d78e9f8cd5d8727ca677d971850ca12cf580656a9c8f8554
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98174
Date: Wed, 14 Dec 2022 21:32:56 GMT
Etag: "63990dfc-1d7"
Expires: Fri, 16 Dec 2022 00:49:10 GMT
Last-Modified: Tue, 13 Dec 2022 23:42:52 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: s_TliNA2cmNhMv6qTMKbHotEJhx9_L4aqXwbLKDJ444ZHMwY10YONg==
Age: 3978
assetscdn.com/img/arrows.png
143.204.55.6200 OK 24 kB URL HTTP/2 assetscdn.com/img/arrows.png
IP 143.204.55.6:0
File type PNG image data, 1500 x 584, 8-bit/color RGBA, non-interlaced\012- data
Hash c97abaaf2fb3de553aa0531e97dff187
155d7ac68e4f3d8ba8cfac4c7a5c060b3f161483
c006478400bae991f05dde9341cf45cdf392cb06688eb8a58589eb993d376379
GET /img/arrows.png HTTP/1.1
Host: assetscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 24415
date: Thu, 04 Aug 2022 10:10:09 GMT
last-modified: Thu, 04 Aug 2022 10:09:47 GMT
etag: "c97abaaf2fb3de553aa0531e97dff187"
cache-control: public, max-age=31556926
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EKnGbtGXeTH0RqYzZHUBluA3-8FsTj2ClSGE8sGpdXKy2ObGETD2iQ==
age: 11445768
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins
IP 142.250.74.106:0
GET /css?family=Poppins HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Dec 2022 21:32:56 GMT
date: Wed, 14 Dec 2022 21:32:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/7147502112486729649?po=4970452208423175487&hl=en&blogspotRpcToken=8454474
142.250.74.73200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/7147502112486729649?po=4970452208423175487&hl=en&blogspotRpcToken=8454474
IP 142.250.74.73:0
GET /comment/frame/7147502112486729649?po=4970452208423175487&hl=en&blogspotRpcToken=8454474 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freetattoosideas.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 21:32:53 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-bvF1q8DaKwkTPrwksC66QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=TnA6eqgw1VRHP99IB2LVie_srKNQqHbSS08cDHbc1oM8U04TP9mtvY3w11KU66FjzEZ5W0qLyeUa2beBmu0rznIMmVeaE5QOop8qvCh7q9PMwxxPX7YRCIl-GI8YxTJkCedZotA1YqDY-tgu_CZbcHx8CGcz-U1HLl3r590KRK8; expires=Thu, 15-Jun-2023 21:32:53 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.istockphoto.com/file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg
143.204.55.90404 Not Found 0 B URL HTTP/2 www.istockphoto.com/file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg
IP 143.204.55.90:0
GET /file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg HTTP/1.1
Host: www.istockphoto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freetattoosideas.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: image/jpeg
date: Wed, 14 Dec 2022 21:32:53 GMT
server: nginx/1.22.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-unisporkal-error-page: true
cache-control: no-cache
set-cookie: giu=nv=1&lv=2022-12-14T21%3A32%3A53Z; path=/; expires=Sun, 14 Dec 2042 21:32:53 -0000; secure; HttpOnly
vis=vid=db1cc3b0-b576-44a8-b3c8-8fb79e1ae559; domain=.istockphoto.com; path=/; expires=Sun, 14 Dec 2042 21:32:53 -0000; secure
uac=t=iUk%2BxlKS3n%2FwttHJE6xtDblEVMVbpZRKt7E7b%2BHoxr29ftziyouPvQSUW8dGB%2F0c%2BZWi4zJe19227BsMhwGWYFHFhJ6JxXJvUB4Cl6Fvv%2BHB5tp5J5D2ON1gQHCNJkGQ%2BKCGlgcSsyoUjDEiEvMjJoIhP0ETpPOPj1i0JXwWPlg%3D%7C77u%2FSEZWK1lhQUxHOWpkNStpS3J6cUUKNDQxCgpoZEo3Rmc9PQpqZGw3Rmc9PQowCgoKMAo0NDEKCjQ0MQowCmRiMWNjM2IwLWI1NzYtNDRhOC1iM2M4LThmYjc5ZTFhZTU1OQoK%7C3%7C4%7C1&d; path=/; expires=Sun, 14 Dec 2042 21:32:53 -0000; secure; HttpOnly
x-request-id: 0A330623-A3A2_0A3379C8-01BB_639A4105_169F76A-0F3C-997
x-runtime: 0.011877
x-backend: app_landing
x-proxy-build: 1533793
x-timing-wait: 170/0/0/13
giproxy-truncatedpath: /file_thumbview_approve/4976984/2/istockphoto_4976984-top-hat-and-cane.jpg
selected-fe: istock_frontend
x-cache: Error from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: icLbvPVlin9kmU1MCuy5Mt6Wo0O467-oEn5CHgFuoY6F_-N0W_ZLvg==
X-Firefox-Spdy: h2