firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 02:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pYv2CiEMn0TU4u-ZyFhqV6rkg20LTL4XR1moZFDo6SO_x3SXCExrvA==
Age: 3360
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3384
Expires: Tue, 27 Sep 2022 04:07:54 GMT
Date: Tue, 27 Sep 2022 03:11:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JIWzesPJK6oYRN6_hCQP9xH_OXLEZ8_bHyA-kaVwhyn15BTwLArUWw==
age: 81375
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:11:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 03:36:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0_6Bv7pG4UiRvnHHDQNjxA3ZVyKq-eLhv4oo5zlg-b2SLvRDvauHeA==
Age: 44
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Last-Modified: Tue, 27 Sep 2022 01:37:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.google.com/uds/solutions/slideshow/gfslideshow.js
142.250.74.164404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/uds/solutions/slideshow/gfslideshow.js
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 717fb58c6b1cdf824dffb387bae569e3
e498a5dfd6e51d99c5a48ce37df669b15a4865c2
4c560b3e2ebb5a130877816d46d0d4f7d2d7596aad0421f8de3739c8933a3d59
GET /uds/solutions/slideshow/gfslideshow.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1599
Date: Tue, 27 Sep 2022 03:11:31 GMT
www.google.com/jsapi
142.250.74.164301 Moved Permanently 237 B IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 362d5b448e14803e150656f8f2b2064f
46e929aad5f6323e61c895d51c8fa5f46171f16e
9361792c2d970710b9e66bb86b6dc9b17dab59a9294a30a5790bdb1e92b38021
GET /jsapi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.gstatic.com/charts/loader.js
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 03:04:05 GMT
Expires: Tue, 27 Sep 2022 03:34:05 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 446
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.130200 OK 40 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (2320)
Hash 58d13f2e68d4ce4d19661987f5eae8b9
6e16b72a8e1e923affc07f3af591a4ff8a40161c
109cbcf9bdc51c672c517e48e1dae13737c8437fcf3a2020b06d14add831d598
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Tue, 27 Sep 2022 03:11:31 GMT
Expires: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 10902004848400274675
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 40365
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 39f4c6b878fc92202be480070361362c
5963f72aea1957734b22dfb4019291dc2db459a3
a5954460fca600556f47d2ef8b59206644e00fae1acef9faaff3156d417642a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
g2.gumgum.com/javascripts/ggv2.js
52.30.93.115301 Moved Permanently 162 B URL HTTP/1.1 g2.gumgum.com/javascripts/ggv2.js
IP 52.30.93.115:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /javascripts/ggv2.js HTTP/1.1
Host: g2.gumgum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 03:11:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Server: nginx
Location: https://js.gumgum.com/services.js
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Tue, 27 Sep 2022 03:11:31 GMT
expires: Tue, 27 Sep 2022 03:11:31 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/charts/loader.js
142.250.74.163200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 02:43:55 GMT
expires: Tue, 27 Sep 2022 03:43:55 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 1656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.201200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:55:32 GMT
expires: Mon, 25 Sep 2023 15:55:32 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 24 Sep 2022 18:50:26 GMT
content-type: text/css
age: 126959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.201200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.201:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:11:14 GMT
expires: Sun, 02 Oct 2022 05:11:14 GMT
cache-control: public, max-age=604800
last-modified: Sat, 24 Sep 2022 17:50:40 GMT
content-type: image/gif
age: 165617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img1.blogblog.com/img/icon18_wrench_allbkg.png
216.58.207.201200 OK 475 B URL HTTP/1.1 img1.blogblog.com/img/icon18_wrench_allbkg.png
IP 216.58.207.201:0
File type PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Hash f617effe6d96c15acfea8b2e8aae551f
6d676af11ad2e84b620cce4d5992b657cb2d8ab6
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
GET /img/icon18_wrench_allbkg.png HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 475
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 25 Sep 2022 12:53:29 GMT
Expires: Sun, 02 Oct 2022 12:53:29 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 24 Sep 2022 19:50:11 GMT
Content-Type: image/png
Age: 137882
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 13:54:51 GMT
Expires: Mon, 10 Oct 2022 13:54:51 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 47800
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash d70fcc84d705c565b31a5835c0938d5b
d28e5dc9fcc6239d67986df3205468072023d2d7
1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 07:25:39 GMT
expires: Mon, 25 Sep 2023 07:25:39 GMT
cache-control: public, max-age=31536000
age: 157552
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
guidetoline.blogspot.com/search/label/Mumbai%20Police%20Arrest%20Suspect%20in%20Gang%20Rape
142.250.74.161200 OK 84 kB URL HTTP/1.1 guidetoline.blogspot.com/search/label/Mumbai%20Police%20Arrest%20Suspect%20in%20Gang%20Rape
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21478)
Hash cd42d0bda757b76638b1c23b4fbca184
6aa5678e8497d0dbdff0075ca6c0c9864f489b6e
91a0a1ad20356719de42ad8e48ce646ac2c062a16acf1cae7fb896c8a3a8af17
Analyzer Verdict Alert fortinet Phishing
GET /search/label/Mumbai%20Police%20Arrest%20Suspect%20in%20Gang%20Rape HTTP/1.1
Host: guidetoline.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 27 Sep 2022 03:11:30 GMT
Date: Tue, 27 Sep 2022 03:11:30 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 28 Apr 2022 00:13:38 GMT
ETag: W/"3a7eb2d564039fbf261412b6a6deb2c74890a5b1a83015cb03c6e2e1c88fc19d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 83585
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VFJZcxCszeVtWKjpXoGztw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OVcbzZx0+xz5u81rE3G1QKDrXRs=
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
guidetoline.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 guidetoline.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: guidetoline.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/search/label/Mumbai%20Police%20Arrest%20Suspect%20in%20Gang%20Rape
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Tue, 27 Sep 2022 03:11:31 GMT
Expires: Tue, 04 Oct 2022 03:11:31 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 26 Sep 2022 16:53:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46301 Moved Permanently 0 B URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 27 Sep 2022 03:11:31 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
graphics8.nytimes.com/images/2013/08/24/world/asia/24india-ink/24india-ink-blog480.jpg
151.101.85.164200 OK 54 kB URL HTTP/1.1 graphics8.nytimes.com/images/2013/08/24/world/asia/24india-ink/24india-ink-blog480.jpg
IP 151.101.85.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 480x292, components 3\012- data
Hash a0f11cb0f890f33727c48d5f28d2fa2b
da46ed56137b463114b397601d50ce74bbf57723
937ce21bfaf83075fa2b990e01b795a78f61185a0960dae16c997d64048ec590
GET /images/2013/08/24/world/asia/24india-ink/24india-ink-blog480.jpg HTTP/1.1
Host: graphics8.nytimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycdsIVDSDqP3RiXSJ1DcNTYwZdZPocy4urc_n_kN8RC3A0K8LmllEmWDbiPn8EB8X-aEKxOg2bH19uHBMn8tuGJuW2g
Cache-Control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
Expires: Wed, 14 Sep 2022 03:04:34 GMT
Last-Modified: Sat, 20 Jan 2018 08:23:04 GMT
ETag: "a0f11cb0f890f33727c48d5f28d2fa2b"
x-goog-generation: 1516436584769623
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54019
x-amz-meta-goog-reserved-file-mtime: 1377276336
Content-Type: image/jpeg
x-goog-hash: crc32c=N1tSEg==, md5=oPEcsPiQ8zcnxI1fKNL6Kw==
x-goog-storage-class: MULTI_REGIONAL
Server: UploadServer
Via: 1.1 varnish, 1.1 varnish
Strict-Transport-Security: max-age=63072000; preload; includeSubdomains
Content-Length: 54019
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 03:11:31 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100021-IAD, cache-bma1656-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1664248291.277732,VS0,VE137
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
bdv.bidvertiser.com/BidVertiser.dbm?pid=299498%26bid=1107747
54.241.51.109200 OK 87 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=299498%26bid=1107747
IP 54.241.51.109:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 6c60754af27389e2778b3584bf10f3a1
196be0cdc74708ee01c01f86a648c16573e18fc6
ff2485a3dc35082ae7e3799388665929ffd72227191bf24b7c01033bfe19ddd9
GET /BidVertiser.dbm?pid=299498%26bid=1107747 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/html
Connection: close
Content-Length: 87
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMODkzNDVjYTEtYzNiYi00YjRkLThkZjAtOGM0MGI5NzRhZjM4&options=w1600
142.250.74.33301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMODkzNDVjYTEtYzNiYi00YjRkLThkZjAtOGM0MGI5NzRhZjM4&options=w1600
IP 142.250.74.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=0BwVBOzw_-hbMODkzNDVjYTEtYzNiYi00YjRkLThkZjAtOGM0MGI5NzRhZjM4&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 27 Sep 2022 03:11:31 GMT
Location: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMODkzNDVjYTEtYzNiYi00YjRkLThkZjAtOGM0MGI5NzRhZjM4&options=w1600
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
yllix.com/slider.php?pub=719463§ion=General&ga=g&side=random
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/slider.php?pub=719463§ion=General&ga=g&side=random
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /slider.php?pub=719463§ion=General&ga=g&side=random HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Sep 2022 03:11:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/slider.php?pub=719463§ion=General&ga=g&side=random
www.linkwithin.com/pixel.png
3.19.188.212200 OK 83 B URL HTTP/1.1 www.linkwithin.com/pixel.png
IP 3.19.188.212:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1dba98f5e46c0e7a1549b3d8af9b93
37284bda145ed93cee64997e3d6688cae7d98468
88021da4a13d993a2c94e4d8ddc9bd98b34985d806371e71e0531b37b8a0e081
GET /pixel.png HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:31 GMT
Content-Type: image/png
Content-Length: 83
Last-Modified: Thu, 18 Jun 2020 22:02:28 GMT
Connection: keep-alive
ETag: "5eebe474-53"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
graphics8.nytimes.com/images/2013/08/23/world/asia/23-mumbai-rape-IndiaInk/23-mumbai-rape-IndiaInk-blog480.jpg
151.101.85.164200 OK 42 kB URL HTTP/1.1 graphics8.nytimes.com/images/2013/08/23/world/asia/23-mumbai-rape-IndiaInk/23-mumbai-rape-IndiaInk-blog480.jpg
IP 151.101.85.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 480x320, components 3\012- data
Hash bacb94e2bbe6c31f02aba36c82029cc7
bcd57f733fe441c10ad85ee2038c615dafc0e59b
3aeb01bb7de4fa103505c81ff43e2d6e6b87950f5677e79f6c5ba2a4b46de4e6
GET /images/2013/08/23/world/asia/23-mumbai-rape-IndiaInk/23-mumbai-rape-IndiaInk-blog480.jpg HTTP/1.1
Host: graphics8.nytimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycdtcuMCWGBKlrjPbG7MaJoBlMcFmkaQywSYecWbv73wKV1wpzY6VgNmiWgtwiKAQZ8DO-DN6qNShPonl9Sy5xEjLHg
Cache-Control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
Expires: Tue, 27 Sep 2022 03:11:31 GMT
Last-Modified: Sat, 20 Jan 2018 08:21:58 GMT
ETag: "bacb94e2bbe6c31f02aba36c82029cc7"
x-goog-generation: 1516436518241956
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 42238
x-amz-meta-goog-reserved-file-mtime: 1377273077
Content-Type: image/jpeg
x-goog-hash: crc32c=SkPtTw==, md5=usuU4rvmwx8Cq6NsggKcxw==
x-goog-storage-class: MULTI_REGIONAL
Server: UploadServer
Via: 1.1 varnish, 1.1 varnish
Strict-Transport-Security: max-age=63072000; preload; includeSubdomains
Content-Length: 42238
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 03:11:31 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100163-IAD, cache-bma1633-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1664248291.261526,VS0,VE227
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3CFPejvGauzMYPcFCcmIrzZJrZs4QoMMRTPPtB8cCmpdwkn_jNMaG4lLgXqxnlYgitsIkFEW9N6bkgmOazNUhUMSYxShM4G-wn2HRNdrkh5FglQK-hmgOgoiA5U_ILhR5FqUMoPbMM2FG4qSVGtgIzEsRaOPZ8mZph=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3CFPejvGauzMYPcFCcmIrzZJrZs4QoMMRTPPtB8cCmpdwkn_jNMaG4lLgXqxnlYgitsIkFEW9N6bkgmOazNUhUMSYxShM4G-wn2HRNdrkh5FglQK-hmgOgoiA5U_ILhR5FqUMoPbMM2FG4qSVGtgIzEsRaOPZ8mZph=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash fb160ccf83c5c3c91cf4a61d4490d94f
20544707e3f34cafa4c423624e6bbe0868903380
c22c450ab1cde1a11be40f823747a90372209dc897dce0a0f84dd3c9f7f809f9
GET /blogger_img_proxy/ANbyha3CFPejvGauzMYPcFCcmIrzZJrZs4QoMMRTPPtB8cCmpdwkn_jNMaG4lLgXqxnlYgitsIkFEW9N6bkgmOazNUhUMSYxShM4G-wn2HRNdrkh5FglQK-hmgOgoiA5U_ILhR5FqUMoPbMM2FG4qSVGtgIzEsRaOPZ8mZph=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 03:11:31 GMT
server: fife
content-length: 1765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 51504f4eb93af1b9ed4db7e1978cc6c0
727ecdb93c33a03b5afa3bf096544c0a556b9fda
facd2789ac1063ad9e1ed036e8387eacd96a1b4e57c9b1bd1139e831abd8d580
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 09:35:58 GMT
Expires: Sat, 01 Oct 2022 09:35:57 GMT
Etag: "727ecdb93c33a03b5afa3bf096544c0a556b9fda"
Cache-Control: max-age=368065,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75110d6e487eb52d-OSL
eclkmpbn.com/adServe/banners?tid=16976_73856_0&type=slider&size=728x90
173.192.101.26301 Moved Permanently 162 B URL HTTP/1.1 eclkmpbn.com/adServe/banners?tid=16976_73856_0&type=slider&size=728x90
IP 173.192.101.26:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /adServe/banners?tid=16976_73856_0&type=slider&size=728x90 HTTP/1.1
Host: eclkmpbn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Sep 2022 03:11:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://mybetterck.com/adServe/banners?tid=16976_73856_0&type=slider&size=728x90
2.bp.blogspot.com/-6DoLkJZcm5s/UAzPEjypstI/AAAAAAAACi8/Q_0pRYSYdZA/w72-h72-p-k-no-nu/Chaitya+painting+1.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 2.bp.blogspot.com/-6DoLkJZcm5s/UAzPEjypstI/AAAAAAAACi8/Q_0pRYSYdZA/w72-h72-p-k-no-nu/Chaitya+painting+1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 70f60cfb229896d8bd4c3af7424f07f9
947121050a70502c23b039858f8de269671cadb6
0359ee845b0a458ad050721eb26d926238fa0afbb2cfbcf0360227fc3532c135
GET /-6DoLkJZcm5s/UAzPEjypstI/AAAAAAAACi8/Q_0pRYSYdZA/w72-h72-p-k-no-nu/Chaitya+painting+1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3de4"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Chaitya painting 1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 3271
X-XSS-Protection: 0
yllix.com/slider.php?pub=719463§ion=General&ga=g&side=random
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/slider.php?pub=719463§ion=General&ga=g&side=random
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /slider.php?pub=719463§ion=General&ga=g&side=random HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 27 Sep 2022 03:11:31 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?pub=719463§ion=General&ga=g&side=random
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.kizoa.com/embed-23327981-6503323o1l1
172.67.178.36301 Moved Permanently 0 B URL HTTP/1.1 www.kizoa.com/embed-23327981-6503323o1l1
IP 172.67.178.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed-23327981-6503323o1l1 HTTP/1.1
Host: www.kizoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 03:11:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 04:11:31 GMT
Location: https://www.kizoa.com/embed-23327981-6503323o1l1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7tPAo%2BTQIW6cEuf2AwqgdF8E9xeD9XCmEhE2BWVInjHJVcBv%2FW1%2B8l2xliFvVIACjlG4othspJyFb6o60452hkmB3v0c4SWsBoj4mFZPiVBZtjJhXGRLYuOuvhq3RKk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75110d6f0e0c0b3d-OSL
alt-svc: h2=":443"; ma=60
3.bp.blogspot.com/_a3ZI07KGbwA/TLQnzojRE-I/AAAAAAAADGA/dgbLREiGQiQ/w72-h72-p-k-no-nu/Samantha-hot-stills%281%29.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/1.1 3.bp.blogspot.com/_a3ZI07KGbwA/TLQnzojRE-I/AAAAAAAADGA/dgbLREiGQiQ/w72-h72-p-k-no-nu/Samantha-hot-stills%281%29.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f8a22fa0cdae55191c71546e6856eb9f
8397d278bdbd3d24fea29ad23a1c8938cbeb7645
8f51212f37fdabf66b76019db0745c3b9fc01cc138261a10d81f9cf7533a80fb
GET /_a3ZI07KGbwA/TLQnzojRE-I/AAAAAAAADGA/dgbLREiGQiQ/w72-h72-p-k-no-nu/Samantha-hot-stills%281%29.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v2912"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Samantha-hot-stills(1).jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 4476
X-XSS-Protection: 0
www.kizoa.com/embed-23327981-6503323o1l1
172.67.178.36301 Moved Permanently 0 B URL HTTP/2 www.kizoa.com/embed-23327981-6503323o1l1
IP 172.67.178.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed-23327981-6503323o1l1 HTTP/1.1
Host: www.kizoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 27 Sep 2022 03:11:31 GMT
content-length: 0
location: https://legacy.kizoa.com/embed-23327981-6503323o1l1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISaZHKJCfqeCSJFCWQpFYH%2BXghD5lLJ%2FFGRTgFmgk6pohzb2GH8ZBsGfRgOjho%2Fp1vBNj%2FrgGRHkPD7dhmiFU7EaOPdgn3MIGtg6%2FmwqxWTnlrmfp0IaMEqaauu6qtIj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75110d6f3e89b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMODkzNDVjYTEtYzNiYi00YjRkLThkZjAtOGM0MGI5NzRhZjM4&options=w1600
142.250.74.33200 OK 3.4 kB URL HTTP/2 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMODkzNDVjYTEtYzNiYi00YjRkLThkZjAtOGM0MGI5NzRhZjM4&options=w1600
IP 142.250.74.33:0
File type PNG image data, 260 x 260, 4-bit colormap, non-interlaced\012- data
Hash 5bb8b8dca47a8c3b4fef001b441a4918
d04093d944e7052c7fb97d950207c0fcf979db0a
c4df7b9c4c74206a44eee0d64d3c80d3ec97b62298cdcf308b0d684db75dad78
GET /image?id=0BwVBOzw_-hbMODkzNDVjYTEtYzNiYi00YjRkLThkZjAtOGM0MGI5NzRhZjM4&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 28 Sep 2022 03:11:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 03:11:31 GMT
server: fife
content-length: 3421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/uds/solutions/slideshow/gfslideshow.js
142.250.74.164404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/uds/solutions/slideshow/gfslideshow.js
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 717fb58c6b1cdf824dffb387bae569e3
e498a5dfd6e51d99c5a48ce37df669b15a4865c2
4c560b3e2ebb5a130877816d46d0d4f7d2d7596aad0421f8de3739c8933a3d59
GET /uds/solutions/slideshow/gfslideshow.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1599
Date: Tue, 27 Sep 2022 03:11:31 GMT
cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
72.14.185.43200 OK 157 B URL HTTP/1.1 cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
IP 72.14.185.43:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 27 Sep 2022 03:11:31 GMT
content-type: application/javascript
content-length: 157
last-modified: Fri, 09 Mar 2018 19:33:30 GMT
etag: "5aa2e18a-9d"
accept-ranges: bytes
connection: close
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-C_YyJ-ASKOg/Tva9UcIkmpI/AAAAAAAADP8/uy0K5vd8O-k/w72-h72-p-k-no-nu/b-grade-actress-rosa.jpg
142.250.74.161200 OK 3.7 kB URL HTTP/1.1 1.bp.blogspot.com/-C_YyJ-ASKOg/Tva9UcIkmpI/AAAAAAAADP8/uy0K5vd8O-k/w72-h72-p-k-no-nu/b-grade-actress-rosa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 561537e860f2f4d93b8ed0fb0175d6ae
7e1f7edfd6206031621716f61e32d6c12a6d3346
2cc2ab31405480046f8652b18b5d5175585e3e7a231a21d5d312c19b4b32a119
GET /-C_YyJ-ASKOg/Tva9UcIkmpI/AAAAAAAADP8/uy0K5vd8O-k/w72-h72-p-k-no-nu/b-grade-actress-rosa.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v45ab"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="b-grade-actress-rosa.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 3662
X-XSS-Protection: 0
1.bp.blogspot.com/-5RFdkzBWksY/VesHrY1SCeI/AAAAAAAAC48/h49TstJvmyk/s1600-r/033.jpg
142.250.74.161200 OK 576 kB URL HTTP/1.1 1.bp.blogspot.com/-5RFdkzBWksY/VesHrY1SCeI/AAAAAAAAC48/h49TstJvmyk/s1600-r/033.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1200, components 3\012- data
Size 576 kB (576088 bytes)
Hash 60809719553c8d5666aa3e168abbc345
26659fe2962eb5f3b16d0b889cfa233a038dfb3c
edb648ec2eaa53d3820d1392bbbf054e4b8b9a20f6819908880992e854957b16
GET /-5RFdkzBWksY/VesHrY1SCeI/AAAAAAAAC48/h49TstJvmyk/s1600-r/033.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb90"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="033.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 576088
X-XSS-Protection: 0
2.bp.blogspot.com/-wo_qeJNRg9g/TpWcX7dfHYI/AAAAAAAAAQ0/Yr8BBPFAt7s/s1600/hanuman-ram.jpg
142.250.74.161200 OK 53 kB URL HTTP/1.1 2.bp.blogspot.com/-wo_qeJNRg9g/TpWcX7dfHYI/AAAAAAAAAQ0/Yr8BBPFAt7s/s1600/hanuman-ram.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 201x725, components 3\012- data
Hash fc1223de4283470675157b139aa611a5
e43de1a51ad37a54e1defe25b6be9746c13e55fa
4e7efeb32e839d126146df5d1470909e9cc74aed366975fd51d39b16d7aa5c6c
GET /-wo_qeJNRg9g/TpWcX7dfHYI/AAAAAAAAAQ0/Yr8BBPFAt7s/s1600/hanuman-ram.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3c2"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="hanuman-ram.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 52820
X-XSS-Protection: 0
yllix.com/warn.php?pub=719463§ion=General&ga=g&side=random
185.66.200.224200 OK 126 kB URL HTTP/2 yllix.com/warn.php?pub=719463§ion=General&ga=g&side=random
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
Size 126 kB (125545 bytes)
Hash f6b8ccff8704c51a31929bfcb9c70cd4
9ed94ff7c75ee75ebbec0d54b3ee3d82598dc29a
4751abf66b646a3e5f1d64042fe7ded93502e3a24af75ea3eef8299d268052de
GET /warn.php?pub=719463§ion=General&ga=g&side=random HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:11:31 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-_qaDrYQCK8A/T3BISlwX_XI/AAAAAAAAADU/uy8wd0z-eiw/w72-h72-p-k-no-nu/1zLOHe7eDaVl.jpg
142.250.74.161200 OK 3.7 kB URL HTTP/1.1 3.bp.blogspot.com/-_qaDrYQCK8A/T3BISlwX_XI/AAAAAAAAADU/uy8wd0z-eiw/w72-h72-p-k-no-nu/1zLOHe7eDaVl.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 02248ec378964edc9003300fb5665333
78a7517f8c5b1d0b5e29723f40eda0802df517f1
71b05d5ad0e7b363aa0eec8fe71fe4e0902eb4f7fbfd28b4d6245fbd93ab3916
GET /-_qaDrYQCK8A/T3BISlwX_XI/AAAAAAAAADU/uy8wd0z-eiw/w72-h72-p-k-no-nu/1zLOHe7eDaVl.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v35"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1zLOHe7eDaVl.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 3682
X-XSS-Protection: 0
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2g7bQ_TtB6slkwE38WVzzbHlv2-BKHoTNxP0GemBJR5DSVZF4wNVgqu5wNVNaVOD2gSk5p3WBy6tBPRpUoJD1tRFLgmVkvA0PKXLsUNr7quuGyQaQ0=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2g7bQ_TtB6slkwE38WVzzbHlv2-BKHoTNxP0GemBJR5DSVZF4wNVgqu5wNVNaVOD2gSk5p3WBy6tBPRpUoJD1tRFLgmVkvA0PKXLsUNr7quuGyQaQ0=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 3c24b4854f694f9c86c7eefa3e904382
8b7bcf8b6d9c9b9abb8b68d9ca2d960e334e7612
71474b908966b4d9ee02a9f6ca463f97a2ffe244db9529fbe54b61746cedd43d
GET /blogger_img_proxy/ANbyha2g7bQ_TtB6slkwE38WVzzbHlv2-BKHoTNxP0GemBJR5DSVZF4wNVgqu5wNVNaVOD2gSk5p3WBy6tBPRpUoJD1tRFLgmVkvA0PKXLsUNr7quuGyQaQ0=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 03:11:31 GMT
server: fife
content-length: 1717
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1Em7M7kNcPRDzL5u2tbT7BDYsHC5oAue1a2eyv_qu-m9-j-BaEfRtJa8PsybXs0earlovSXAiR4LV-mSvjE0cA-pDVF_yJ0-Cc6M5PMccph4YXjWFRqgY=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1Em7M7kNcPRDzL5u2tbT7BDYsHC5oAue1a2eyv_qu-m9-j-BaEfRtJa8PsybXs0earlovSXAiR4LV-mSvjE0cA-pDVF_yJ0-Cc6M5PMccph4YXjWFRqgY=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 89e7051d6875ed912d479d467c4749e3
9491549a46c79f8f6c7109ee231c1b763e23aa2c
2f0b0c4531a21f8eb77582a0e9b622a80a1246fc8e03ae4f6c90862d33d27f53
GET /blogger_img_proxy/ANbyha1Em7M7kNcPRDzL5u2tbT7BDYsHC5oAue1a2eyv_qu-m9-j-BaEfRtJa8PsybXs0earlovSXAiR4LV-mSvjE0cA-pDVF_yJ0-Cc6M5PMccph4YXjWFRqgY=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 03:11:31 GMT
server: fife
content-length: 1720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-cbSdq9VIyzQ/TpVfueVXIVI/AAAAAAAAAQo/TjMSe1C_Mn8/s1600/Untitled-1.jpg
142.250.74.161200 OK 59 kB URL HTTP/1.1 4.bp.blogspot.com/-cbSdq9VIyzQ/TpVfueVXIVI/AAAAAAAAAQo/TjMSe1C_Mn8/s1600/Untitled-1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 300x1050, components 3\012- data
Hash 67c1d1f7462383fda16bbf31528614dd
f17f4715e33559e03ef72fa411dbdfe8f1257f5e
fc7d2a3123aa4eb819eeadb7037f9cc44f413032a727ae3ffe05692a31a93032
GET /-cbSdq9VIyzQ/TpVfueVXIVI/AAAAAAAAAQo/TjMSe1C_Mn8/s1600/Untitled-1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3c1"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Untitled-1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 58589
X-XSS-Protection: 0
1.bp.blogspot.com/-pkAqbAIfmlM/TiJ6tq176DI/AAAAAAAAAug/hoQwvA1drpM/w72-h72-p-k-no-nu/Zarine+Khan+hot+photos.jpg
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 1.bp.blogspot.com/-pkAqbAIfmlM/TiJ6tq176DI/AAAAAAAAAug/hoQwvA1drpM/w72-h72-p-k-no-nu/Zarine+Khan+hot+photos.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 90d7d19ada57746d84958a60c4b986f4
743bbd0d7a38dd3e9c85502c57975f1c6639cf5a
de497e31a92ef1b181c0d913a30400c59dbc8fda306f2209638760ea4cbbd184
GET /-pkAqbAIfmlM/TiJ6tq176DI/AAAAAAAAAug/hoQwvA1drpM/w72-h72-p-k-no-nu/Zarine+Khan+hot+photos.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v2e8"
Expires: Wed, 28 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Zarine Khan hot photos.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:11:31 GMT
Server: fife
Content-Length: 3248
X-XSS-Protection: 0
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 21c8643db6d75b1bc9c09f2ca6881ac6
ff767bac23d4d6318f00f19a99e8a6d17402e864
7a680450a7a73886bb65c29fc23b1a75b652274ad11d0f5cb5055a549239161d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 19:20:06 GMT
Expires: Mon, 03 Oct 2022 19:20:05 GMT
Etag: "ff767bac23d4d6318f00f19a99e8a6d17402e864"
Cache-Control: max-age=575913,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75110d708958b52d-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8cd97aaf3e95e1e9bbdf8b739727d7cd
858cf438048356fc972c737cc84e1439c18dec5e
18e601b130747b5b70afa4a4614e9b7d8c7f3df5cd72725e1488c5b411a452e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=962619344860001329&zx=f9229c0d-272c-456a-9957-25dddf842102
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=962619344860001329&zx=f9229c0d-272c-456a-9957-25dddf842102
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=962619344860001329&zx=f9229c0d-272c-456a-9957-25dddf842102 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 03:11:31 GMT
last-modified: Tue, 27 Sep 2022 03:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=guidetoline.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=guidetoline.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=guidetoline.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 03:11:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=guidetoline.blogspot.com&callback=_gfp_s_&client=ca-pub-9361233454292407
172.217.21.162200 OK 202 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=guidetoline.blogspot.com&callback=_gfp_s_&client=ca-pub-9361233454292407
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 99ae2a3ef28a1b7a38b102ecc073a76c
0ee5dcd4a20f8fca6dfa84507375215bb1c53dbf
e3b302aa44abf1ac8620dd2b4dec31cd67e15ff53e7702ea006b654b38bdfab2
GET /gampad/cookie.js?domain=guidetoline.blogspot.com&callback=_gfp_s_&client=ca-pub-9361233454292407 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 03:11:32 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=guidetoline.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=guidetoline.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=guidetoline.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 03:11:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8cd97aaf3e95e1e9bbdf8b739727d7cd
858cf438048356fc972c737cc84e1439c18dec5e
18e601b130747b5b70afa4a4614e9b7d8c7f3df5cd72725e1488c5b411a452e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bdv.bidvertiser.com/BidVertiser.dbm?pid=299498%26bid=1107747
54.241.51.109200 OK 87 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=299498%26bid=1107747
IP 54.241.51.109:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 6c60754af27389e2778b3584bf10f3a1
196be0cdc74708ee01c01f86a648c16573e18fc6
ff2485a3dc35082ae7e3799388665929ffd72227191bf24b7c01033bfe19ddd9
GET /BidVertiser.dbm?pid=299498%26bid=1107747 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/html
Connection: close
Content-Length: 87
legacy.kizoa.com/embed-23327981-6503323o1l1
141.94.30.95200 OK 21 kB URL HTTP/2 legacy.kizoa.com/embed-23327981-6503323o1l1
IP 141.94.30.95:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1277)
Hash ee411be743c9ae9eef1f25b2697cc481
d80620d61cfd64223d1d3045fdc72ece4d4dda93
6830560822c16feff62048750823608fa119c24dc90014de10796fc419d671c7
GET /embed-23327981-6503323o1l1 HTTP/1.1
Host: legacy.kizoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:11:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 27 Sep 2022 04:11:31 GMT
pragma: cache
cache-control: max-age=3600
x-cache: BYPASS
x-req: slideshow=23327981&keycode=6503323&options=1&loop=1
x-uri: /embed.php
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
X-Firefox-Spdy: h2
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 0c3fdf54a35d66a1e272956af95d34af
fd6cf4aa04104d6b48831bbf88bc6256fd5012c3
3adb20fd3b841e10b308345d164ac790a96228c3eac3e063efa505ae3c7d4cf6
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 200 OK
date: Tue, 27 Sep 2022 03:09:11 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 576553240
content-type: text/javascript
content-length: 4405
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:6A48_2E69C9F0:0050_633269E4_27A7F:16BD2
x-iplb-instance: 40743
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6289
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 03:11:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6289
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 03:11:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6289
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 03:11:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6289
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 03:11:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 19334
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 42133
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d478b7bea64d1a5998967c0a665e6be
b078452d30703ea98ad4a7f7fd411b3e2a42ee71
24158d741732109ae2be7314205ac35f4c8b29785876f2785e8bb0ea906762b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6628
x-amzn-requestid: 1f0e95f2-d860-422f-80ad-96c6e7c941c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1vvHIaoAMFV4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296997-5746c99d78e025945cfdd238;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9-6jF5OoUb2I2HBasyNXBZC-L6rF1VINmgoBFZMuJ9eNelzkS-8BDQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:08:24 GMT
age: 18188
etag: "b078452d30703ea98ad4a7f7fd411b3e2a42ee71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b97879edd864c4f251a6668c8201095f
28938e97773ac1a51a529e85284d228239641f01
143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7XXVE-hcLMoCU9jUDrgReSZMkPLz_GEAKoc_gR4Ai4hoCeZXfiC3tg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:28:34 GMT
age: 78178
etag: "28938e97773ac1a51a529e85284d228239641f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3140ec95f33c36599de95b25cdade940
932c74fa24b61ee1b1c672b6c19b1e736caab8d3
f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9737
x-amzn-requestid: aec3c3e9-42e5-4de5-8882-118002369ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreGJxoAMF-oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-527ccd70654c22891262279d;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ukn4d6yPeJJHN5trYK3xbhik2pX41zHki3nG5r6fCzQgm3vYw5lhAA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:43:16 GMT
age: 19696
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ef8d9284ebd57a7cf76ceb762291356
2b53c4f836970501a682dae07235215c487d35cc
3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 18496
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3kM8RQZFhk_p6uu6hMkbYYYgeYch3wd1xzkSAoWlXX-JAQjgc21VRafhrASlQmamV_rauIREKsux4ykHwQs5eZOGzSsEf_oyHWapD77D4puzHtCVQqOzR2axcNUOWN_LBXfB4IFCraaXF-Rl52PKTDxqClK8wxMKUpyEryJx_xi6sy5f6tQjCOTzDyRYA=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3kM8RQZFhk_p6uu6hMkbYYYgeYch3wd1xzkSAoWlXX-JAQjgc21VRafhrASlQmamV_rauIREKsux4ykHwQs5eZOGzSsEf_oyHWapD77D4puzHtCVQqOzR2axcNUOWN_LBXfB4IFCraaXF-Rl52PKTDxqClK8wxMKUpyEryJx_xi6sy5f6tQjCOTzDyRYA=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 0100a7eb6a12255b81e83cd664a4e952
87322ab9e36816c337563909f6afe0180ee4809b
c09a75a48375e526e8154be2933e6c7194f65629c65dfd50fc30d089cfa09a7a
GET /blogger_img_proxy/ANbyha3kM8RQZFhk_p6uu6hMkbYYYgeYch3wd1xzkSAoWlXX-JAQjgc21VRafhrASlQmamV_rauIREKsux4ykHwQs5eZOGzSsEf_oyHWapD77D4puzHtCVQqOzR2axcNUOWN_LBXfB4IFCraaXF-Rl52PKTDxqClK8wxMKUpyEryJx_xi6sy5f6tQjCOTzDyRYA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 03:11:32 GMT
server: fife
content-length: 1792
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 27 Sep 2022 03:11:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 02:16:38 GMT
expires: Tue, 27 Sep 2022 03:16:38 GMT
cache-control: public, max-age=3600
age: 3295
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.Aw0KCF0YAxE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoKgx5LsdYmbmnxU3cRYVKJn0Zzig/m=el_main
142.250.74.74200 OK 94 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.Aw0KCF0YAxE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoKgx5LsdYmbmnxU3cRYVKJn0Zzig/m=el_main
IP 142.250.74.74:0
File type ASCII text, with very long lines (1613)
Hash abe5dfbfca8f0907abb1bab1f3597906
ec03951a1465e01b2d4170e1c9aeaf34d21d16d0
4e9df864bff28fb550b7f19254a3d007ba4db0c3cdd7071cc9e6b5d8418d4238
GET /_/translate_http/_/js/k=translate_http.tr.no.Aw0KCF0YAxE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoKgx5LsdYmbmnxU3cRYVKJn0Zzig/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 93858
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 19:14:48 GMT
expires: Tue, 26 Sep 2023 19:14:48 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 24 Sep 2022 05:12:23 GMT
content-type: text/javascript; charset=UTF-8
age: 28605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mybetterck.com/adServe/banners?tid=16976_73856_0&type=slider&size=728x90
108.168.193.189403 Forbidden 1.3 kB URL HTTP/2 mybetterck.com/adServe/banners?tid=16976_73856_0&type=slider&size=728x90
IP 108.168.193.189:0
Hash f909d61c0d81b19741bd1871703ba65f
c39c86fbf020b76109d360373ade32b39a122d89
fd089f54ff04307860d7405c4aae243d972cf483254fc831531837be0b567d7c
GET /adServe/banners?tid=16976_73856_0&type=slider&size=728x90 HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 27 Sep 2022 03:11:33 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-language: en
content-encoding: gzip
X-Firefox-Spdy: h2
translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20220925
142.250.74.46204 No Content 0 B URL HTTP/1.1 translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20220925
IP 142.250.74.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20220925 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
HTTP/1.1 204 No Content
Content-Type: image/gif; charset=us-ascii
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 27 Sep 2022 03:11:33 GMT
Cross-Origin-Resource-Policy: cross-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: script-src 'nonce-CyvF8NLxoWeqUDjFrQNx9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
Report-To: {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
Cross-Origin-Opener-Policy: same-origin; report-to="TranslateApiHttp"
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
142.250.74.164200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 27 Sep 2022 03:11:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.widgetserver.com/
198.58.118.167200 OK 7.2 kB IP 198.58.118.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (334)
Hash 72ea0f68f72849378c6520dcf156b16a
3cdab8441f96a1423ea5ac8d5f1ce03b843251f4
95048fff79d50786a9da2b36ec9ff8ce53f37b9916c5d03a49602cccf095cd2f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guidetoline.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 27 Sep 2022 03:11:33 GMT
content-type: text/html; charset=utf-8
content-length: 7166
vary: Accept-Language
content-language: en
connection: close
cdn.widgetserver.com/favicon.ico
198.58.118.167200 OK 43 B URL HTTP/1.1 cdn.widgetserver.com/favicon.ico
IP 198.58.118.167:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /favicon.ico HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 27 Sep 2022 03:11:33 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close
cdn.widgetserver.com/mtm/async/.eJxdjMkOwiAQht-FYyXgUWt8FkNhSidhc5guifHdBePJ2_evL7ESilFoIYUhXxs2IpiBgJpYmMuotV_RAeeACdQUsq8ls7I59tmSKz-SidDq1iW1o_PAFWgD6p3-bC0UbjnDwXrhGKQpJaA1jDnpozun49-N4fa8n9VVYjQetNlw_uEOU5GDHr75Rbw_LaREBw:1od10P:ZceFUQv9ph2x4uQR1kPlhwUwuvg/1/0
198.58.118.167200 OK 256 B URL HTTP/1.1 cdn.widgetserver.com/mtm/async/.eJxdjMkOwiAQht-FYyXgUWt8FkNhSidhc5guifHdBePJ2_evL7ESilFoIYUhXxs2IpiBgJpYmMuotV_RAeeACdQUsq8ls7I59tmSKz-SidDq1iW1o_PAFWgD6p3-bC0UbjnDwXrhGKQpJaA1jDnpozun49-N4fa8n9VVYjQetNlw_uEOU5GDHr75Rbw_LaREBw:1od10P:ZceFUQv9ph2x4uQR1kPlhwUwuvg/1/0
IP 198.58.118.167:0
File type ASCII text, with no line terminators
Hash 41d51808d56a6db46c124c6ac50e5cfe
588010b4acc379e8b8402119e55bf161116aa00f
078a597faf7cd2eb58aa147cafff1dc2fd9c88e373c2917e66ec632b61b09c9f
Analyzer Verdict Alert fortinet Malware
GET /mtm/async/.eJxdjMkOwiAQht-FYyXgUWt8FkNhSidhc5guifHdBePJ2_evL7ESilFoIYUhXxs2IpiBgJpYmMuotV_RAeeACdQUsq8ls7I59tmSKz-SidDq1iW1o_PAFWgD6p3-bC0UbjnDwXrhGKQpJaA1jDnpozun49-N4fa8n9VVYjQetNlw_uEOU5GDHr75Rbw_LaREBw:1od10P:ZceFUQv9ph2x4uQR1kPlhwUwuvg/1/0 HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cdn.widgetserver.com/
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 27 Sep 2022 03:11:34 GMT
content-type: text/html; charset=utf-8
content-length: 256
x-mtm-path: 4
x-mtm-prov: 70:0.00;1:7.04
x-mtm-rd: 0.75
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ3aWRnZXRzZXJ2ZXIuY29tIiwiaHR0cDovL3d3dzEud2lkZ2V0c2VydmVyLmNvbS8_dG09MSZzdWJpZDQ9MTY2NDI0ODI5My4wMjQ4NDkwMDAwJktXMT1FdXJvcGUlMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXMj1Ob3J3YXklMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXMz1Pc2xvJTIwQ291bnR5JTIwRGVkaWNhdGVkJTIwU2VydmVycyZLVzQ9T3NsbyUyMERlZGljYXRlZCUyMFNlcnZlcnMmS1c1PUN1c3RvbSUyMERlZGljYXRlZCUyMFNlcnZlcnMmc2VhcmNoYm94PTAmYmFja2ZpbGw9MCIsMSwiMjAyMi0wOS0yNyAwMzoxMTozNCIsMSwiMTY2NDI0ODI5My4wMjQ4NDkwMDAwIiwxLG51bGwsbnVsbF0:1od10Q:Al3kGP88pJ96mcBHov8z42PhMx8; expires=Tue, 27-Sep-2022 04:11:34 GMT; Max-Age=3600; Path=/
connection: close
www1.widgetserver.com/?tm=1&subid4=1664248293.0248490000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
99.83.136.84200 OK 2.5 kB URL HTTP/1.1 www1.widgetserver.com/?tm=1&subid4=1664248293.0248490000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP 99.83.136.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2242)
Hash 7ff52b2b035f6bdc3f351a9ac857ba1a
9da57514f1c2f880ee9cc6cb1d5bbeb0da2b4925
0ca7e00af3cf648841dc77568298984ae4b2a9ca419eda0472c22117da50a424
GET /?tm=1&subid4=1664248293.0248490000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
54.230.245.22200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP 54.230.245.22:0
File type ASCII text, with very long lines (506)
Hash 64b79b43df8fbf2c5d082964b9116a68
dc3c763519baf0f4c32bb60bfc429651a491ea01
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1134
Connection: keep-alive
Server: nginx
Date: Mon, 26 Sep 2022 09:14:29 GMT
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Accept-Ranges: bytes
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PgxyJIsb_JbQkrE3ohQ6LhJ4vA3KllLt5lIdjz77woyPIDPkWODojw==
Age: 64625
www1.widgetserver.com/track.php?domain=widgetserver.com&toggle=browserjs&uid=MTY2NDI0ODI5NC4zNzk6ZGExNGUwZjQwZTQ0NTU4YTRjYTNhYjc5NGU2NDY1MWU4MDAyOTQ1YzA1Yjk5YzRiMjM0NWQxMjE3ZTI1ZDUyMDo2MzMyNjllNjVjODQ2
99.83.136.84200 OK 20 B URL HTTP/1.1 www1.widgetserver.com/track.php?domain=widgetserver.com&toggle=browserjs&uid=MTY2NDI0ODI5NC4zNzk6ZGExNGUwZjQwZTQ0NTU4YTRjYTNhYjc5NGU2NDY1MWU4MDAyOTQ1YzA1Yjk5YzRiMjM0NWQxMjE3ZTI1ZDUyMDo2MzMyNjllNjVjODQ2
IP 99.83.136.84:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=widgetserver.com&toggle=browserjs&uid=MTY2NDI0ODI5NC4zNzk6ZGExNGUwZjQwZTQ0NTU4YTRjYTNhYjc5NGU2NDY1MWU4MDAyOTQ1YzA1Yjk5YzRiMjM0NWQxMjE3ZTI1ZDUyMDo2MzMyNjllNjVjODQ2 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1664248293.0248490000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.widgetserver.com/ls.php
99.83.136.84201 Created 0 B URL HTTP/1.1 www1.widgetserver.com/ls.php
IP 99.83.136.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ls.php HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2194
Origin: http://www1.widgetserver.com
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1664248293.0248490000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 201 Created
Date: Tue, 27 Sep 2022 03:11:35 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 633269e789855d67e739797e
Charset: utf-8
Access-Control-Allow-Origin: http://www1.widgetserver.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_SUPSYTS2PCRh8Ls5zp1NSmxeij00Qvlwhvjl2cyGx0vBj3mon9/x1+ONnws1ZpP257yznaZ50Ban0jeT28eI6Q==
www1.widgetserver.com/favicon.ico
99.83.136.84200 OK 0 B URL HTTP/1.1 www1.widgetserver.com/favicon.ico
IP 99.83.136.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1664248293.0248490000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:35 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
www1.widgetserver.com/track.php?click=d5750c6b6d0f8f4e4d15ff913020bf47c704fe02&domain=widgetserver.com&uid=MTY2NDI0ODI5NC4zNzk6ZGExNGUwZjQwZTQ0NTU4YTRjYTNhYjc5NGU2NDY1MWU4MDAyOTQ1YzA1Yjk5YzRiMjM0NWQxMjE3ZTI1ZDUyMDo2MzMyNjllNjVjODQ2&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzMyNjllNjVjODMyfHx8MTY2NDI0ODI5NC43NzI0fGMyMmFmOTY5YzA3Zjg5MTQ5NzJhODUzODFkYTczODRmMTJkZjBlNGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw4NWYwYzU0ZGJmZDA2NDhjOTc0ZWRjYjY0NjNkMmRiNzFkYTNiYzg3fDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
99.83.136.84200 OK 20 B URL HTTP/1.1 www1.widgetserver.com/track.php?click=d5750c6b6d0f8f4e4d15ff913020bf47c704fe02&domain=widgetserver.com&uid=MTY2NDI0ODI5NC4zNzk6ZGExNGUwZjQwZTQ0NTU4YTRjYTNhYjc5NGU2NDY1MWU4MDAyOTQ1YzA1Yjk5YzRiMjM0NWQxMjE3ZTI1ZDUyMDo2MzMyNjllNjVjODQ2&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzMyNjllNjVjODMyfHx8MTY2NDI0ODI5NC43NzI0fGMyMmFmOTY5YzA3Zjg5MTQ5NzJhODUzODFkYTczODRmMTJkZjBlNGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw4NWYwYzU0ZGJmZDA2NDhjOTc0ZWRjYjY0NjNkMmRiNzFkYTNiYzg3fDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
IP 99.83.136.84:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=d5750c6b6d0f8f4e4d15ff913020bf47c704fe02&domain=widgetserver.com&uid=MTY2NDI0ODI5NC4zNzk6ZGExNGUwZjQwZTQ0NTU4YTRjYTNhYjc5NGU2NDY1MWU4MDAyOTQ1YzA1Yjk5YzRiMjM0NWQxMjE3ZTI1ZDUyMDo2MzMyNjllNjVjODQ2&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzMyNjllNjVjODMyfHx8MTY2NDI0ODI5NC43NzI0fGMyMmFmOTY5YzA3Zjg5MTQ5NzJhODUzODFkYTczODRmMTJkZjBlNGR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw4NWYwYzU0ZGJmZDA2NDhjOTc0ZWRjYjY0NjNkMmRiNzFkYTNiYzg3fDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1664248293.0248490000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
phoka-mps.com/zcvisitor/17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6d7c0a30-c0d7-11ec-8ec4-12beee04f19b
52.45.156.125200 996 B URL HTTP/1.1 phoka-mps.com/zcvisitor/17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6d7c0a30-c0d7-11ec-8ec4-12beee04f19b
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5c07940945532cd6f285953087faeac9
37fb864c0b3a241808680772fa100f67e57afd73
faa1a304da092f83ba1f9bdd7cb12dfea1bb3ef2fbc3f07c59b90185f84c82fd
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6d7c0a30-c0d7-11ec-8ec4-12beee04f19b HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 27 Sep 2022 03:11:36 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: hnhCFoWL
phoka-mps.com/zcredirect?visitid=17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
52.45.156.125200 322 B URL HTTP/1.1 phoka-mps.com/zcredirect?visitid=17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 02f023ab62c642d665840af511c54df6
a35bad8e1fdd6d5aefd42c287882c167ba027bbd
0fb4e5fbdc47c9f39f461507d59b64beea69d977f76b75eccfeb1cd79c3b8b82
GET /zcredirect?visitid=17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://phoka-mps.com/zcvisitor/17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6d7c0a30-c0d7-11ec-8ec4-12beee04f19b
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 27 Sep 2022 03:11:36 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: jIcLpYvl
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 73ccee1475381960eb67569ba9afabda
26abc9c175da292530938534417fe19cdc300bb8
3baf0c9d6e4a7d3d79e6e78d5bd89699e6208ac211f619939acc8ccbc7dca357
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 14:26:19 GMT
Expires: Mon, 03 Oct 2022 14:26:18 GMT
Etag: "26abc9c175da292530938534417fe19cdc300bb8"
Cache-Control: max-age=558281,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75110d8c9c5db52d-OSL
phoka-mps.com/favicon.ico
52.45.156.125404 653 B URL HTTP/1.1 phoka-mps.com/favicon.ico
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://phoka-mps.com/zcredirect?visitid=17a583d0-3e12-11ed-b8ad-0a8f53fd9c8b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Tue, 27 Sep 2022 03:11:36 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: OZUvkHFx
c3f96ddb61.smapp.work/static/app/css/instal_style_v2.css
35.186.250.143200 OK 28 kB URL HTTP/2 c3f96ddb61.smapp.work/static/app/css/instal_style_v2.css
IP 35.186.250.143:0
File type assembler source, ASCII text, with very long lines (544), with CRLF line terminators
Hash 6ecebccb9f65cc0b5d630cdc17188c20
df7c5b3e8d7f880d18a359f2158e8c0920e6aa56
8d0a3e4dd6f3735a4c0cd4c8e0aa44b6c21b3c20e2ae69099ce7e58b60a8474c
GET /static/app/css/instal_style_v2.css HTTP/1.1
Host: c3f96ddb61.smapp.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c3f96ddb61.smapp.work/trkclk/?pid=6100&cid=3265653&custom1=CPC
Cookie: cx_ntsl_i=55fdf3a8-3f1f-4d7e-a7d2-acbb77d428b0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.13.12
x-guploader-uploadid: ADPycdsf7jEekytYE8nEnAsES7u65Srl22wNVkZr_nqf12yFgfBvFz-HmRZDh_YKTZbW3j6CtTYSkMexUsNqsW35S2zJChuLOG6m
x-goog-generation: 1626429849829226
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 107808
x-goog-meta-goog-reserved-file-mtime: 1618910907
content-language: en
x-goog-hash: crc32c=zuDJXw==, md5=EYBwgvPqybrcxrxEJB2Q5w==
x-goog-storage-class: STANDARD
vary: Origin
content-encoding: gzip
via: 1.1 google
date: Fri, 23 Sep 2022 11:14:20 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000,public
age: 316636
last-modified: Fri, 16 Jul 2021 10:04:09 GMT
etag: W/"11807082f3eac9badcc6bc44241d90e7"
content-type: text/css
content-length: 28149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/fwkg4Fzi5mM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fwkg4Fzi5mM
IP 142.250.74.3:0
Hash 738c955e5fdd000a648e48ccdde5188f
59df74db98aa15efee7dc5cfc608d717f223c1f2
c3199d06c56fa0de64d9a66bfba2ccb436af34eec0d2f8679b5791021fd2f7a2
POST /s/gts1d4/fwkg4Fzi5mM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.instal.com/static/app/js/angular.min.js
35.186.206.92200 OK 89 kB URL HTTP/2 ads.instal.com/static/app/js/angular.min.js
IP 35.186.206.92:0
File type ASCII text, with very long lines (545)
Hash df1c56732ca5e0cfe2a4725ec9517449
8e113b67065c1c7245ea2e7aa89ea86860f32a85
13620cc565679ee11351aeec916d43cc30b583c93906a1cadf9f16bae217f83e
GET /static/app/js/angular.min.js HTTP/1.1
Host: ads.instal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c3f96ddb61.smapp.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.13.12
content-length: 88802
x-guploader-uploadid: ADPycdvQ5JwFeR-r7BPZjrWFw_czeNlvp9rgOyCEFTjfprxErS4TcMainQ8PFRwiGTwhgwiy-xeWQR6wHUcAiHj4rltMyzJoxgXv
x-goog-generation: 1626429850571126
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 88802
x-goog-meta-goog-reserved-file-mtime: 1618910907
content-language: en
x-goog-hash: crc32c=0SO4vA==, md5=3xxWcyyl4M/ipHJeyVF0SQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Origin
via: 1.1 google
date: Sun, 18 Sep 2022 12:51:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000,public
age: 742795
last-modified: Fri, 16 Jul 2021 10:04:10 GMT
etag: "df1c56732ca5e0cfe2a4725ec9517449"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/fwkg4Fzi5mM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fwkg4Fzi5mM
IP 142.250.74.3:0
Hash 738c955e5fdd000a648e48ccdde5188f
59df74db98aa15efee7dc5cfc608d717f223c1f2
c3199d06c56fa0de64d9a66bfba2ccb436af34eec0d2f8679b5791021fd2f7a2
POST /s/gts1d4/fwkg4Fzi5mM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,600
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600
IP 142.250.74.10:0
Hash 15de719dacb4044c97f5ea1d5124de2f
cc41624930d49d9c2f08066192c8d39bb2d9bb0d
cc228b0447c4b1e12eff26723383eeed01b8ca06377f8c8141f607786dfe66b1
GET /css?family=Open+Sans:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c3f96ddb61.smapp.work/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 03:11:36 GMT
date: Tue, 27 Sep 2022 03:11:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 73ccee1475381960eb67569ba9afabda
26abc9c175da292530938534417fe19cdc300bb8
3baf0c9d6e4a7d3d79e6e78d5bd89699e6208ac211f619939acc8ccbc7dca357
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:11:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 14:26:19 GMT
Expires: Mon, 03 Oct 2022 14:26:18 GMT
Etag: "26abc9c175da292530938534417fe19cdc300bb8"
Cache-Control: max-age=558281,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75110d8e1cccb52d-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://c3f96ddb61.smapp.work
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 205811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c3f96ddb61.smapp.work/favicon.ico
35.186.250.143200 OK 198 B URL HTTP/2 c3f96ddb61.smapp.work/favicon.ico
IP 35.186.250.143:0
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash c6acedaff906029fc5455d9ec52c7f42
92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
GET /favicon.ico HTTP/1.1
Host: c3f96ddb61.smapp.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c3f96ddb61.smapp.work/trkclk/?pid=6100&cid=3265653&custom1=CPC
Cookie: cx_ntsl_i=55fdf3a8-3f1f-4d7e-a7d2-acbb77d428b0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.13.12
date: Tue, 27 Sep 2022 03:11:36 GMT
content-type: image/x-icon
content-length: 198
last-modified: Wed, 19 Aug 2020 15:43:28 GMT
etag: "5f3d48a0-c6"
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Dosis:300,400,700
142.250.74.10200 OK 55 kB URL HTTP/2 fonts.googleapis.com/css?family=Dosis:300,400,700
IP 142.250.74.10:0
Hash 395a3ddc7effbd184aaccc40a63a139b
103bf6c8aaacafbd25a85bf5f039c703ff53f7be
13751c12e4f2a57fae75294b8bff35d666346c23298fe3a04b9396dc0ffaeea6
GET /css?family=Dosis:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c3f96ddb61.smapp.work/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 03:11:36 GMT
date: Tue, 27 Sep 2022 03:11:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 34b288c0c4d1482511eda955e6cde50a
15aaa6d32203e764735e8d0642ac2a1786e39f57
3057cad5fcd20a71234eb8fd678c27d85d297946909ddc2e21df1c4a1178ce4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ugc.kizoa.app/kpo/23327981_6503323.mp4
141.94.30.95206 Partial Content 0 B URL HTTP/2 ugc.kizoa.app/kpo/23327981_6503323.mp4
IP 141.94.30.95:0
GET /kpo/23327981_6503323.mp4 HTTP/1.1
Host: ugc.kizoa.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://legacy.kizoa.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 27 Sep 2022 03:11:32 GMT
content-type: video/mp4
content-length: 6653009
last-modified: Thu, 09 Jun 2022 15:23:51 GMT
etag: af63ffad3163cd6a8cc08475a341809c
x-timestamp: 1654788230.57887
x-trans-id: tx47e932bbd2ce47cfa4002-00633269e4
x-openstack-request-id: tx47e932bbd2ce47cfa4002-00633269e4
x-iplb-request-id: 8D5E1E5F:2B3E_3626E64B:01BB_633269E4_3B70B8:12328
x-iplb-instance: 12308
expires: Tue, 27 Sep 2022 04:11:32 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000; preload
access-control-allow-origin: *
content-range: bytes 0-6653008/6653009
X-Firefox-Spdy: h2
legacy.kizoa.com/js/jquery-1.11.0.min.js
141.94.30.95200 OK 0 B URL HTTP/2 legacy.kizoa.com/js/jquery-1.11.0.min.js
IP 141.94.30.95:0
GET /js/jquery-1.11.0.min.js HTTP/1.1
Host: legacy.kizoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legacy.kizoa.com/embed-23327981-6503323o1l1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:11:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 09 Dec 2021 11:25:45 GMT
vary: Accept-Encoding
etag: W/"61b1e7b9-38672"
expires: Thu, 27 Oct 2022 03:11:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
mybetterck.com/adServe/banners?tid=16976_73856_0&type=slider&size=728x90
108.168.193.189403 Forbidden 0 B URL HTTP/2 mybetterck.com/adServe/banners?tid=16976_73856_0&type=slider&size=728x90
IP 108.168.193.189:0
GET /adServe/banners?tid=16976_73856_0&type=slider&size=728x90 HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Tue, 27 Sep 2022 03:11:32 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-language: en
content-encoding: gzip
X-Firefox-Spdy: h2
c3f96ddb61.smapp.work/trkclk/?pid=6100&cid=3265653&custom1=CPC
35.186.250.143200 OK 0 B URL HTTP/2 c3f96ddb61.smapp.work/trkclk/?pid=6100&cid=3265653&custom1=CPC
IP 35.186.250.143:0
GET /trkclk/?pid=6100&cid=3265653&custom1=CPC HTTP/1.1
Host: c3f96ddb61.smapp.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://phoka-mps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:11:36 GMT
content-type: text/html; charset=UTF-8
clickid: 38d57210-0e05-43d2-8bd9-426b3b0a58b0:3fe57b353c1b22f1f9122fca24f7c9c2cbe5d47b
set-cookie: cx_ntsl_i=55fdf3a8-3f1f-4d7e-a7d2-acbb77d428b0; expires=Wed, 23 Sep 2037 03:11:36 GMT; Path=/
server: TornadoServer/4.3
etag: W/"6a34c0756444658153d02b9cba57b147563e57a7"
ot_code: device_type
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.gumgum.com/services.js
54.230.111.40200 OK 0 B URL HTTP/2 js.gumgum.com/services.js
IP 54.230.111.40:0
GET /services.js HTTP/1.1
Host: js.gumgum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 27 Sep 2022 03:11:32 GMT
x-amz-meta-access-control-allow-origin: *
x-amz-meta-version: 3.87.20
cache-control: max-age=7200
x-amz-meta-timing-allow-origin: *
last-modified: Tue, 20 Sep 2022 21:19:22 GMT
x-amz-version-id: 3bu5LUxgA4kJfitT0StZjV9iVkUKlX0L
etag: W/"01ae3267166375e6313f7597671b4041"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KGBOlid0kI1Rak3LlF3IGYrr1WujB0IBI4wJkC5JKDAnMszC4NwGpQ==
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guidetoline.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 03:11:31 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+110; expires=Thu, 26-Sep-2024 03:11:31 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2