spurspurious1712.blogspot.com.ar/2011/12/matthew-alexander-t-balcom-was-born-on.html
142.250.74.65302 Moved Temporarily 223 B URL HTTP/1.1 spurspurious1712.blogspot.com.ar/2011/12/matthew-alexander-t-balcom-was-born-on.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4079144775fd912038a93151df2c07b0
62bc4e54f5848e26299c72c8b154b006c1a1c957
c8018cadeaa460a03c5621240da7d22d837237e1103f9db4ead02ad03b681f4b
Analyzer Verdict Alert fortinet Malware
GET /2011/12/matthew-alexander-t-balcom-was-born-on.html HTTP/1.1
Host: spurspurious1712.blogspot.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 25 Mar 2023 17:10:04 GMT
Expires: Sat, 25 Mar 2023 17:10:04 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 223
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Sat, 25 Mar 2023 19:24:29 GMT
Date: Sat, 25 Mar 2023 17:10:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9778
Expires: Sat, 25 Mar 2023 19:53:02 GMT
Date: Sat, 25 Mar 2023 17:10:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 16:27:45 GMT
content-type: application/json
age: 2539
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4114
Expires: Sat, 25 Mar 2023 18:18:38 GMT
Date: Sat, 25 Mar 2023 17:10:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 96hzb1V4Nmv3dHHBIx8yFde1AmB4DfD2mM7iGQ7uykQFQkkimuGGZ9L9poj8R5Os+1CfAfUOZcg=
x-amz-request-id: PDTRJ3CBJCAANHRA
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 16:54:59 GMT
age: 905
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 17:10:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html
142.250.74.65200 OK 14 kB URL HTTP/1.1 spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6137)
Hash a9faeefb21a2bc2b00bf6a4c06375f12
f30ce9924ac2dc0c699dcbae4d841eed6f436e23
74b7b412620cfec8431cceb3b0ccb17f09b1c20c26b8cc57bcf033abf6595abb
Analyzer Verdict Alert fortinet Malware
GET /2011/12/matthew-alexander-t-balcom-was-born-on.html HTTP/1.1
Host: spurspurious1712.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sat, 25 Mar 2023 17:10:04 GMT
Date: Sat, 25 Mar 2023 17:10:04 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 25 Mar 2023 15:08:07 GMT
ETag: W/"7833802709cc6dc5b7bb5f539e1c990caf60e383a556deffbda116c00b0e8cf4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 14487
Server: GSE
spurspurious1712.blogspot.com/js/cookienotice.js
142.250.74.65200 OK 2.0 kB URL HTTP/1.1 spurspurious1712.blogspot.com/js/cookienotice.js
IP 142.250.74.65:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: spurspurious1712.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Sat, 25 Mar 2023 17:10:05 GMT
Expires: Sat, 01 Apr 2023 17:10:05 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 25 Mar 2023 14:50:51 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 16:17:24 GMT
age: 3161
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d07e2a90120308a9342331ca6981f8fe
a1fe88aaf673e01eed4b0dbf4582bbe743cd44a9
cdc679cd03cf1faea64fbd0482ed165401e09e42865cafca4f854a5bebce3487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d0c8b5fc43c71eae416ea2b97e52f08c
3af586da4f6a0b773ac1109eb2971cf09ec4597b
97f95d46cc8f0420dd3f61970ec299c5e3038f0acd8e04485c6f22baa83d3237
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 43af77eba85b20fd2149239d5090eccc
ea8295db4a453c7f94579d5b57ced78f97ba13ba
2b2f233ecbc037d24ca63bd69de70d7f49dff9f36228ee63d796287de0c9650b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d0c8b5fc43c71eae416ea2b97e52f08c
3af586da4f6a0b773ac1109eb2971cf09ec4597b
97f95d46cc8f0420dd3f61970ec299c5e3038f0acd8e04485c6f22baa83d3237
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Sat, 25 Mar 2023 19:22:59 GMT
Date: Sat, 25 Mar 2023 17:10:05 GMT
Connection: keep-alive
img.photobucket.com/albums/v15/Joni76/snow1.jpg
54.230.111.82301 Moved Permanently 167 B URL HTTP/1.1 img.photobucket.com/albums/v15/Joni76/snow1.jpg
IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/v15/Joni76/snow1.jpg HTTP/1.1
Host: img.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 25 Mar 2023 17:10:05 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://img.photobucket.com/albums/v15/Joni76/snow1.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EU7UqguS0iaddFX_pBjYKeVDXefU1yb5XQj7MPPyLWM-B1ddgA-kDg==
Vary: Origin
apis.google.com/js/platform.js
216.58.207.238200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (1429)
Hash 3161bcab6d00af494c239ab853923a64
3a9c842aa0b2fc894aea7a308a56cc09fce0def3
2b5444c3782c761e5ddb30bd733e9f746f49b3442c5d787b0a7b0c10434fe81f
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21022
date: Sat, 25 Mar 2023 17:10:05 GMT
expires: Sat, 25 Mar 2023 17:10:05 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a817d6f6a95ec85f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/976584016-comment_from_post_iframe.js
216.58.207.233200 OK 6.8 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/976584016-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1720)
Hash 6257474fb561cbfe96fe59a4bf03c9db
5341cee7f12a49010b004ad7e2a5d6d775db57c6
32b2fb9167f78dfc0c2309c8928b7971468a60bc2b8cce9b2690aba73e464c19
GET /static/v1/jsbin/976584016-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 12:51:17 GMT
expires: Thu, 21 Mar 2024 12:51:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 06:49:57 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 274728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
midnightmatineephotography.files.wordpress.com/2011/02/pink_debs_final.jpg
192.0.72.24301 Moved Permanently 162 B URL HTTP/1.1 midnightmatineephotography.files.wordpress.com/2011/02/pink_debs_final.jpg
IP 192.0.72.24:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2011/02/pink_debs_final.jpg HTTP/1.1
Host: midnightmatineephotography.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 25 Mar 2023 17:10:05 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://midnightmatineephotography.files.wordpress.com/2011/02/pink_debs_final.jpg
www.ofcelebrity.net/photos/hayden-panettiere-58.jpg
104.21.6.60301 Moved Permanently 0 B URL HTTP/1.1 www.ofcelebrity.net/photos/hayden-panettiere-58.jpg
IP 104.21.6.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /photos/hayden-panettiere-58.jpg HTTP/1.1
Host: www.ofcelebrity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 17:10:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 25 Mar 2023 18:10:05 GMT
Location: https://www.ofcelebrity.net/photos/hayden-panettiere-58.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkoX2kjwHBsjyMfD4YQF05fts99FS0oVrutBPoaiVI38JVwt63KCOU4q%2B9p4%2FIeQ680GKakjgisOx6cUNUdi7Kutvyi36gsjZHDoDOac10konp7TtAmGW3N9OU%2Bh9B1vK1k6lbbY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7ad8c3eb0b5a0b69-OSL
alt-svc: h2=":443"; ma=60
www.blogger.com/static/v1/widgets/3855953344-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3855953344-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 0b4fa1144018f3ac4c94ef3025feddba
bfb265fb34cf2ddf45913b8d4d21005da524c70e
059211c83ff1b35abf766cb0ad462b1cd9737aef054b04da279b6261d448e869
GET /static/v1/widgets/3855953344-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 22:29:05 GMT
expires: Thu, 21 Mar 2024 22:29:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 21 Mar 2023 22:29:47 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 240060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.maedchen.de/webspace/incoming/109128/553c29dc3f212f262ee7f7c28334e283_1d47d0b06b.jpg
151.101.66.16301 Moved Permanently 0 B URL HTTP/1.1 www.maedchen.de/webspace/incoming/109128/553c29dc3f212f262ee7f7c28334e283_1d47d0b06b.jpg
IP 151.101.66.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webspace/incoming/109128/553c29dc3f212f262ee7f7c28334e283_1d47d0b06b.jpg HTTP/1.1
Host: www.maedchen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://www.maedchen.de/webspace/incoming/109128/553c29dc3f212f262ee7f7c28334e283_1d47d0b06b.jpg
Accept-Ranges: bytes
Date: Sat, 25 Mar 2023 17:10:05 GMT
x-backend-user: true
x-content-type-options: nosniff
X-Served-By: cache-bma1647-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1679764205.293107,VS0,VE0
Strict-Transport-Security: max-age=31557600
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 18 Mar 2023 20:17:37 GMT
expires: Sun, 17 Mar 2024 20:17:37 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 18 Mar 2023 16:49:42 GMT
content-type: text/css
vary: Accept-Encoding
age: 593548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 15:48:58 GMT
expires: Wed, 29 Mar 2023 15:48:58 GMT
cache-control: public, max-age=604800
last-modified: Tue, 21 Mar 2023 21:23:18 GMT
content-type: image/gif
age: 264067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
janethillstudio.com/blog/wp-content/uploads/2010/11/sweet-as-meringue-sl-800x1024.jpg
23.227.38.65301 Moved Permanently 0 B URL HTTP/1.1 janethillstudio.com/blog/wp-content/uploads/2010/11/sweet-as-meringue-sl-800x1024.jpg
IP 23.227.38.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /blog/wp-content/uploads/2010/11/sweet-as-meringue-sl-800x1024.jpg HTTP/1.1
Host: janethillstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 17:10:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 60
X-Sorting-Hat-ShopId: 17875755
X-Storefront-Renderer-Rendered: 1
Location: https://janethillstudio.com/blog/wp-content/uploads/2010/11/sweet-as-meringue-sl-800x1024.jpg
X-Redirect-Reason: https_required
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
X-ShopId: 17875755
X-ShardId: 60
Vary: Accept
X-Shopify-Stage: production
X-Dc: gcp-europe-north1,gcp-europe-west1,gcp-europe-west1
X-Request-ID: 53600102-62fa-4c25-a27d-396c29d65773
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKPw8sEChnaNyar3pnfaeTuhhezOKx3r18VWfzMDZqlMRwRssIW8fmXR8pH%2BGBhSwvE1oO3G2D7BoKKCvHgC8mbng2l5tJIBAhWSGQIeQ%2BL8exQPMuNjP3S3siank4gxT4KbniM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: processing;dur=7, db;dur=3, asn;desc="50304", edge;desc="OSL", country;desc="NO", pageType;desc="404", cfRequestDuration;dur=89.999914
Server: cloudflare
CF-RAY: 7ad8c3eafce4b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
216.58.207.238200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
IP 216.58.207.238:0
File type ASCII text, with very long lines (1530)
Hash 36a46584cf5844d36f358524bdb8f81c
bdffe8f2e18bbb8209fdfa54149728a8d5244e41
1ae488515a1c92a1c028bad7172b69b96f0a03dd921ea3c2baafac1345cfdef3
GET /_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 61154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 08:04:00 GMT
expires: Fri, 22 Mar 2024 08:04:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 09 Mar 2023 16:31:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 205565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f0f306ea49f1bd3f358f7579513e7377
c2845c696f6685a211bc040895d28ebf23fa1bc0
cda7588d5040ef3c8e83955838618a0ed0a6ee242d24abf5af697b2289fc8bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/img/share_buttons_20_3.png
216.58.207.233200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 216.58.207.233:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 15:13:54 GMT
expires: Wed, 29 Mar 2023 15:13:54 GMT
cache-control: public, max-age=604800
last-modified: Wed, 22 Mar 2023 04:51:43 GMT
content-type: image/png
age: 266171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d0c8b5fc43c71eae416ea2b97e52f08c
3af586da4f6a0b773ac1109eb2971cf09ec4597b
97f95d46cc8f0420dd3f61970ec299c5e3038f0acd8e04485c6f22baa83d3237
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nyrealestatelawblog.com/phobos_photo_nasa_2010_nyreblog_com_.jpg
199.46.34.127404 Not Found 25 kB URL HTTP/1.1 www.nyrealestatelawblog.com/phobos_photo_nasa_2010_nyreblog_com_.jpg
IP 199.46.34.127:0
ASN #213120 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7335), with CRLF, LF line terminators
Hash 8a599cab4ca9d9938a631e529fba4b3c
a353824e124d159eec3146ebc212d319b4877bec
93dad3179af9135c7025534d3d39de81c8a7616f2e5d2326fe319174c1f7f96a
GET /phobos_photo_nasa_2010_nyreblog_com_.jpg HTTP/1.1
Host: www.nyrealestatelawblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: blob: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Date: Sat, 25 Mar 2023 17:10:04 GMT
Content-Length: 24895
Set-Cookie: TS01308e6b=0184cfe7a684a1a0a83d8d2da65bacc35df1335803a45100255c1bf38133066e7b801fb2d90fd19e1e708a0df887711547b6d3d392; Path=/; Domain=.www.nyrealestatelawblog.com; HTTPOnly
img.electro-maniacs.net/52023.jpg
199.59.243.223200 OK 744 B URL HTTP/1.1 img.electro-maniacs.net/52023.jpg
IP 199.59.243.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (955), with no line terminators
Hash 93074b9e0a8b011503f092e655c94fb0
27d9998ef5b2fa2f76ce77082f0a4afebe688482
86b8a672acdaa4f55b70e6aef00ade3198fa27fbf01e6e82888c8e52e560c145
GET /52023.jpg HTTP/1.1
Host: img.electro-maniacs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=36e76244-a098-b20e-6f4f-faadbb502ac8; expires=Sat, 25-Mar-2023 17:25:05 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Ga89ZGUgkhyt8iLP57g6l8Wtk9Zls0DegcJEsF+tWW7teeUVXp5MaSkFH/5aUvwnhd4xphP+Myinfa78CkKY2w==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sat, 25 Mar 2023 16:24:59 GMT
Expires: Sat, 08 Apr 2023 16:24:59 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 2706
img.electro-maniacs.net/20651.jpg
199.59.243.223200 OK 749 B URL HTTP/1.1 img.electro-maniacs.net/20651.jpg
IP 199.59.243.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (955), with no line terminators
Hash b66d7ea98ecfe8920bf863f55dce38cb
e7f54d11884d80599a4242854ede6f2971707185
5eb79572a5ffb541a8ed77efe976469ed29aa65ce3f23e2a5ca04451d6cb1048
GET /20651.jpg HTTP/1.1
Host: img.electro-maniacs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=d1cc7301-5cd8-7ab6-940c-4023fd4b9a39; expires=Sat, 25-Mar-2023 17:25:05 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BUoNzH7uGSQgeRKin9nqTTZR+N6L/u1Wv7PjVKQ6GVg9JDiQ6NCXlmfHePfSSl96XE78CQsOUOzlmJhDsmvdBg==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d0c8b5fc43c71eae416ea2b97e52f08c
3af586da4f6a0b773ac1109eb2971cf09ec4597b
97f95d46cc8f0420dd3f61970ec299c5e3038f0acd8e04485c6f22baa83d3237
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nyrealestatelawblog.com/j0438449.jpg
199.46.34.127404 Not Found 25 kB URL HTTP/1.1 www.nyrealestatelawblog.com/j0438449.jpg
IP 199.46.34.127:0
ASN #213120 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7335), with CRLF, LF line terminators
Hash 8a599cab4ca9d9938a631e529fba4b3c
a353824e124d159eec3146ebc212d319b4877bec
93dad3179af9135c7025534d3d39de81c8a7616f2e5d2326fe319174c1f7f96a
GET /j0438449.jpg HTTP/1.1
Host: www.nyrealestatelawblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: blob: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Date: Sat, 25 Mar 2023 17:10:04 GMT
Content-Length: 24895
Set-Cookie: TS01308e6b=0184cfe7a68b81211c269b40c1cf42c218df30eaf75190b7a7cfeeaa324750ea20bd17a52241253a04ed0afdbf3e7bc2131e55ca43; Path=/; Domain=.www.nyrealestatelawblog.com; HTTPOnly
www.nyrealestatelawblog.com/j0403646.jpg
199.46.34.127404 Not Found 25 kB URL HTTP/1.1 www.nyrealestatelawblog.com/j0403646.jpg
IP 199.46.34.127:0
ASN #213120 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7335), with CRLF, LF line terminators
Hash 8a599cab4ca9d9938a631e529fba4b3c
a353824e124d159eec3146ebc212d319b4877bec
93dad3179af9135c7025534d3d39de81c8a7616f2e5d2326fe319174c1f7f96a
GET /j0403646.jpg HTTP/1.1
Host: www.nyrealestatelawblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: blob: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Date: Sat, 25 Mar 2023 17:10:04 GMT
Content-Length: 24895
Set-Cookie: TS01308e6b=0184cfe7a6d1b25a6ad69a638d47df95cc218d94d4780ae1c6bba7565cc3b9aae91dbac0ea10430ab9e0aa382c31a7b25e80f11b3c; Path=/; Domain=.www.nyrealestatelawblog.com; HTTPOnly
www.blogger.com/img/logo-16.png
216.58.207.233200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 216.58.207.233:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 23 Mar 2023 05:25:52 GMT
Expires: Thu, 30 Mar 2023 05:25:52 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 23 Mar 2023 00:00:42 GMT
Content-Type: image/png
Age: 215053
push.services.mozilla.com/
54.149.242.38101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.242.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ht8c22EDeIzqnk/yh7URHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PNlCuPy4RNTCWGO5+Hd1TA70Hx0=
velocityresults.com/images/493.jpg
198.185.159.144301 Moved Permanently 0 B URL HTTP/1.1 velocityresults.com/images/493.jpg
IP 198.185.159.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/493.jpg HTTP/1.1
Host: velocityresults.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 301 Moved Permanently
Age: 7242
Content-Length: 0
Date: Sat, 25 Mar 2023 15:09:23 GMT
Location: https://velocityresults.com/images/493.jpg
Server: Squarespace
Set-Cookie: crumb=BfKbCDc0Q+zkN2FlMmViMGY4NjAzODlkN2U2YThmZTFmMjRmNjNj;Path=/
X-Contextid: 5UT5q7Rv/w9jE5L0h
www.maedchen.de/webspace/incoming/109128/553c29dc3f212f262ee7f7c28334e283_1d47d0b06b.jpg
151.101.66.16404 Not Found 253 B URL HTTP/2 www.maedchen.de/webspace/incoming/109128/553c29dc3f212f262ee7f7c28334e283_1d47d0b06b.jpg
IP 151.101.66.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 3492d9a08c534b1515cab4e43019013a
07c03f55ee262fb3859743117dfb6c4975d90154
ecf550988d7a772135781205100583c1f023588e61aecc9c8053a922e65a818a
GET /webspace/incoming/109128/553c29dc3f212f262ee7f7c28334e283_1d47d0b06b.jpg HTTP/1.1
Host: www.maedchen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: max-age=16588800, public
content-language: de
etag: "1679764205"
last-modified: Sat, 25 Mar 2023 17:10:05 GMT
x-frame-options: SAMEORIGIN
x-grace: 3600
x-ttl: 2629746
x-varnish-cache: MISS
accept-ranges: bytes
date: Sat, 25 Mar 2023 17:10:05 GMT
age: 0
x-backend-user: true
x-content-type-options: nosniff
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 0, 1
x-timer: S1679764205.479855,VS0,VE173
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=31557600
content-length: 253
X-Firefox-Spdy: h2
lh5.ggpht.com/-QFHLj2Ltwao/SC0NiaSGeYI/AAAAAAAAACk/u2ZRWh76I_Y/100_1454.JPG
142.250.74.161200 OK 70 kB URL HTTP/1.1 lh5.ggpht.com/-QFHLj2Ltwao/SC0NiaSGeYI/AAAAAAAAACk/u2ZRWh76I_Y/100_1454.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 512x385, components 3\012- data
Hash 7249d155a13f9de3f3778ed1a3b3fa84
4badbd18a50a81165be40aa6e8aca24521f88d4b
37c46b2b9f4cf1dfbee654c89486398b4ad6b6fa14cca1190dd617b30a3ed244
GET /-QFHLj2Ltwao/SC0NiaSGeYI/AAAAAAAAACk/u2ZRWh76I_Y/100_1454.JPG HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v29"
Expires: Sun, 26 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="100_1454.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 25 Mar 2023 17:10:05 GMT
Server: fife
Content-Length: 69701
X-XSS-Protection: 0
midnightmatineephotography.files.wordpress.com/2011/02/pink_debs_final.jpg
192.0.72.24200 OK 215 kB URL HTTP/2 midnightmatineephotography.files.wordpress.com/2011/02/pink_debs_final.jpg
IP 192.0.72.24:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1699x1669, components 3\012- data
Size 215 kB (214589 bytes)
Hash 291af1752952eb57e6c02a7f3d238509
a38b6f8bfd2aa898084c52172217c69669815605
42b61299d81bf718a4de3ffb06b6d24c927e1fea927909a19ae1f88d30e82b77
GET /2011/02/pink_debs_final.jpg HTTP/1.1
Host: midnightmatineephotography.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 17:10:05 GMT
content-type: image/jpeg
content-length: 214589
last-modified: Wed, 16 Feb 2011 21:11:32 GMT
expires: Mon, 17 Apr 2023 19:28:38 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://midnightmatineephotography.wordpress.com
vary: Origin
x-nc: MISS arn 24 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
image.made-in-china.com/2f0j00peBtsSVqbcgY/Serving-Tray.jpg
104.18.29.187200 OK 82 kB URL HTTP/1.1 image.made-in-china.com/2f0j00peBtsSVqbcgY/Serving-Tray.jpg
IP 104.18.29.187:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1200, components 3\012- data
Hash 2f33e1ca882ca709cb17babf122e254b
e447432d50d5579489922a1957fe1c882bee59ab
7bcb747b4fdd578bd21758da47e6b3e0e416686536fb8283a491a9318fb29530
GET /2f0j00peBtsSVqbcgY/Serving-Tray.jpg HTTP/1.1
Host: image.made-in-china.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 17:10:05 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cf-Bgj: h2pri
Expires: Fri, 28 Sep 2970 06:00:00 GMT
Last-Modified: Wed, 21 May 2014 15:10:56 GMT
Origin-Agent-Cluster: ?0
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Cache-Control: public, max-age=29900580595
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad8c3eb5fad1bfa-OSL
3.bp.blogspot.com/-2Wwi7-zaozU/TjF48Mqn4xI/AAAAAAAAB2o/xUQ7WY3FmfY/s1600/2d.jpg
142.250.74.161200 OK 820 kB URL HTTP/1.1 3.bp.blogspot.com/-2Wwi7-zaozU/TjF48Mqn4xI/AAAAAAAAB2o/xUQ7WY3FmfY/s1600/2d.jpg
IP 142.250.74.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 1000x1000, components 3\012- data
Size 820 kB (819940 bytes)
Hash f85ab483a2aab12afd86c93f96b524eb
24dd13bf19bcbb8403e0e549711f12b89575b05f
c104834bbef7d6fdd50f8f8fa04a4fceb8f98627c7f3227c7b7d1b47d92155f3
GET /-2Wwi7-zaozU/TjF48Mqn4xI/AAAAAAAAB2o/xUQ7WY3FmfY/s1600/2d.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v8c4"
Expires: Sun, 26 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2d.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 25 Mar 2023 17:10:05 GMT
Server: fife
Content-Length: 819940
X-XSS-Protection: 0
velocityresults.com/images/145.jpg
198.185.159.144301 Moved Permanently 0 B URL HTTP/1.1 velocityresults.com/images/145.jpg
IP 198.185.159.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/145.jpg HTTP/1.1
Host: velocityresults.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 301 Moved Permanently
Age: 0
Date: Sat, 25 Mar 2023 17:10:05 GMT
Location: https://velocityresults.com/images/145.jpg
Server: Squarespace
Set-Cookie: crumb=BV1pyhz733hdNGVlOGVkNDQ0ZmE5YjM4NzRiYjU0MjU2NDkyNzk0;Path=/
X-Contextid: zXcwDrJQ/WB78Z9iw
Content-Length: 0
lh5.ggpht.com/-D-55vz1ltp8/RkHOGkChyrI/AAAAAAAAAXc/ST5ZoQV_s0M/DSC05589.JPG
142.250.74.161200 OK 62 kB URL HTTP/1.1 lh5.ggpht.com/-D-55vz1ltp8/RkHOGkChyrI/AAAAAAAAAXc/ST5ZoQV_s0M/DSC05589.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 512x384, components 3\012- data
Hash 39a11243aaf2b48177e8a1a8867c4ac1
c6e514bd5111a837bd7bd09419f79c28e7641f0a
81ea63504f79cac1f42d140cdf984d0172307a6e5402c40847bdbe0823e5b848
GET /-D-55vz1ltp8/RkHOGkChyrI/AAAAAAAAAXc/ST5ZoQV_s0M/DSC05589.JPG HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v177"
Expires: Sun, 26 Mar 2023 17:10:05 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC05589.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sat, 25 Mar 2023 17:10:05 GMT
Server: fife
Content-Length: 61551
X-XSS-Protection: 0
lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html&ref=&l=celebrity
216.245.197.44200 OK 629 B URL HTTP/1.1 lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html&ref=&l=celebrity
IP 216.245.197.44:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (629), with no line terminators
Hash 2ae68ce15e5bde1b13c1f0742f99e258
7c766b51d06e92db12b7f2365e7d3f5edb78a851
473414ab4dabf00279f2caac0474f99c7e13bae3704de16a1ac49fc02624e502
GET /?if=1&scr_w=1280&scr_h=1024&blog=http%3A//spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html&ref=&l=celebrity HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 629
content-type: text/html; charset=utf-8
date: Sat, 25 Mar 2023 17:10:05 GMT
server: nginx
set-cookie: sid=e371409e-cb2f-11ed-8356-4c6d02f5d026; path=/; domain=.lostwebtracker.com; expires=Thu, 12 Apr 2091 20:24:12 GMT; max-age=2147483647; HttpOnly
images4.wikia.nocookie.net/__cb20110427023040/smallville/images/6/66/709Smallville0923.jpg
151.101.128.194200 OK 4.8 kB URL HTTP/1.1 images4.wikia.nocookie.net/__cb20110427023040/smallville/images/6/66/709Smallville0923.jpg
IP 151.101.128.194:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x113, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 13a2ba7024319b14d660ec69a00c2443
112a003987e9c887df2b3ce644395f2d33b83a08
b5d93986ab0c77a53d4fada03509fc3180e977bcaceda59b48462f956336bfd1
GET /__cb20110427023040/smallville/images/6/66/709Smallville0923.jpg HTTP/1.1
Host: images4.wikia.nocookie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 4752
content-disposition: inline; filename="709Smallville0923.webp"; filename*=UTF-8''709Smallville0923.webp
content-type: image/webp
etag: CK6IjbX+peECEAI=
x-thumbnailer: Thumblr
access-control-allow-origin: *
access-control-allow-headers: Range
x-envoy-upstream-service-time: 226
X-Cacheable: YES
Accept-Ranges: bytes
Date: Sat, 25 Mar 2023 17:10:06 GMT
Age: 0
X-Served-By: thumblr-6fb87d6898-xrfxf, cache-wk-sjc11420-SJC, cache-bma1666-BMA
X-Cache: ORIGIN, MISS, MISS
X-Cache-Hits: ORIGIN, 0, 0
X-Timer: S1679764206.597132,VS0,VE407
Vary: Accept
Timing-Allow-Origin: *
Cache-Control: max-age=31536000, public
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f0f306ea49f1bd3f358f7579513e7377
c2845c696f6685a211bc040895d28ebf23fa1bc0
cda7588d5040ef3c8e83955838618a0ed0a6ee242d24abf5af697b2289fc8bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
media.onsugar.com/files/2011/02/05/2/335/3355655/65450081456d75b6_Sanaa_Nia_and_Regina.jpg
151.101.65.91200 OK 268 kB URL HTTP/1.1 media.onsugar.com/files/2011/02/05/2/335/3355655/65450081456d75b6_Sanaa_Nia_and_Regina.jpg
IP 151.101.65.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1066, components 3\012- data
Size 268 kB (267711 bytes)
Hash c670c61af117f021ad88f507595a7b1d
f8822ac24f57f0af7340140b44f3a8b6d25fbc24
8fa6b2ffd2bbf0659b5dd0abb5067abc673d5330ebb16fc19d3b574d903c48d1
GET /files/2011/02/05/2/335/3355655/65450081456d75b6_Sanaa_Nia_and_Regina.jpg HTTP/1.1
Host: media.onsugar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 267711
Last-Modified: Wed, 11 Jan 2017 00:39:41 GMT
ETag: "c670c61af117f021ad88f507595a7b1d"
Content-Type: image/jpeg
Server: AmazonS3
cache-control: max-age=2592000
Accept-Ranges: bytes
Date: Sat, 25 Mar 2023 17:10:06 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1656-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1679764205.285584,VS0,VE721
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 25 Mar 2023 17:10:06 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+396; expires=Mon, 24-Mar-2025 17:10:06 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Mar 2023 17:10:06 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3000
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 25 Mar 2023 17:10:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+157; expires=Mon, 24-Mar-2025 17:10:06 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Mar 2023 17:10:06 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9b762efe5751eb25cd26ca67ad6dcf22
661f1247ecc842236957d05747967ec4f20835a2
c51c54e54ffc33cc7643bb0a64da2265f93efaf38838351ec0f2a2fe102efa2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
216.58.211.4200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 216.58.211.4:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 27a9e27f0dfe79c7eb792dbe1197a9c8
d1adb3d5418aa8e1505c4c511de3e877b5bbe8c8
f76d0fa991e09132570f8fbf0cd3481568445e70e4dd7d82ea1039df33fe7bc1
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 25 Mar 2023 17:10:06 GMT
date: Sat, 25 Mar 2023 17:10:06 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
velocityresults.com/images/493.jpg
198.185.159.144404 Not Found 11 kB URL HTTP/2 velocityresults.com/images/493.jpg
IP 198.185.159.144:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (13801)
Hash 6495104ee2606bfe7c2457748c31d574
954ba8ca412b1d3bae590dd43674b710a41452d7
93fc270699c43498a7363198020405c44f0400314ac4f800f4796070829767ba
GET /images/493.jpg HTTP/1.1
Host: velocityresults.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
age: 0
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 25 Mar 2023 17:10:05 GMT
etag: W/"184b4fb544ba3406d88eb770ef6e338e"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BeTU6GSr3dANYTIzNDU3NTMwNzk4ODk5NjFiMzBmYTI2NmQ4NTBj;Path=/
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: 8ye6cKSd/h1OJdS4p
content-length: 11026
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d9bd24c30fef0dee5e8950047e40035
6b0f55e55b55b3e714ea60d9aebee99bafe5b7aa
483af005c375c1624b20a7d561c758721d52bba3e974a5b948f42d81c8e01971
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
216.58.207.195200 OK 415 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
IP 216.58.207.195:0
File type HTML document, ASCII text, with very long lines (597)
Size 415 kB (415172 bytes)
Hash 733e4a30889fa7c9947958423e21e810
16a2cced6035295476141f8ac1cd928114cafebf
7d2c1727a32a92776f9a3078abb845bbeb77e6603c40a318f12ea1e1b5a040d7
GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 415172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 12:18:44 GMT
expires: Sun, 24 Mar 2024 12:18:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 17482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.photobucket.com/albums/v15/Joni76/snow1.jpg
54.230.111.82200 OK 64 kB URL HTTP/2 img.photobucket.com/albums/v15/Joni76/snow1.jpg
IP 54.230.111.82:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 467767ff47ebf49f3f17552c5bfa5119
80ebeeac4cefa2e9dab01280b90668860ec46c3f
b993221707b45832284bf36c3890f086a170ffe4d4f46a1055a5bc0beb963bfd
GET /albums/v15/Joni76/snow1.jpg HTTP/1.1
Host: img.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 64406
date: Sat, 25 Mar 2023 17:10:06 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="snow1.webp"
content-security-policy: script-src 'none'
expires: Sun, 24 Mar 2024 17:10:06 GMT
server: photobucket
x-amzn-trace-id: Root=1-641f2aed-7b2459c23877fe3f625bd234
x-request-id: izePa4LfBol5oIJbXqEVF
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p9BBQYgmjEjpmm1TvKvat0G-HH4IkRwwOZi9j9DU2NG4annPBx4gUQ==
vary: Accept, Origin
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 110605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:42 GMT
expires: Sat, 23 Mar 2024 10:26:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 110604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
spurspurious1712.blogspot.com/favicon.ico
142.250.74.65200 OK 412 B URL HTTP/1.1 spurspurious1712.blogspot.com/favicon.ico
IP 142.250.74.65:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: spurspurious1712.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/2011/12/matthew-alexander-t-balcom-was-born-on.html
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Sat, 25 Mar 2023 17:10:06 GMT
Date: Sat, 25 Mar 2023 17:10:06 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 25 Mar 2023 15:08:07 GMT
ETag: W/"7833802709cc6dc5b7bb5f539e1c990caf60e383a556deffbda116c00b0e8cf4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
www.blogger.com/followers.g?blogID=2458641927235026976&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=7869298845309321803&origin=http://spurspurious1712.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.zUi2Oiqh0cQ.O/d%3D1/rs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%3D__features__&bpli=1
216.58.207.233302 Moved Temporarily 474 B URL HTTP/1.1 www.blogger.com/followers.g?blogID=2458641927235026976&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=7869298845309321803&origin=http://spurspurious1712.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.zUi2Oiqh0cQ.O/d%3D1/rs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%3D__features__&bpli=1
IP 216.58.207.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (511)
Hash c469d1f0c6248a3cbb7a0775bee2226d
1263f913e25aa646223470617ba9afb997329247
a904a928af48a4f43b5ac7acb20f6d444e495091d4f9aca8c4306a4f89690209
GET /followers.g?blogID=2458641927235026976&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=7869298845309321803&origin=http://spurspurious1712.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.zUi2Oiqh0cQ.O/d%3D1/rs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%3D__features__&bpli=1 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://www.blogger.com/followers.g?blogID=2458641927235026976&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=7869298845309321803&origin=http://spurspurious1712.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.zUi2Oiqh0cQ.O/d%3D1/rs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%3D__features__&bpli=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 25 Mar 2023 17:10:06 GMT
Expires: Sat, 25 Mar 2023 17:10:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 474
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10558
Expires: Sat, 25 Mar 2023 20:06:05 GMT
Date: Sat, 25 Mar 2023 17:10:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10558
Expires: Sat, 25 Mar 2023 20:06:05 GMT
Date: Sat, 25 Mar 2023 17:10:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10558
Expires: Sat, 25 Mar 2023 20:06:05 GMT
Date: Sat, 25 Mar 2023 17:10:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10558
Expires: Sat, 25 Mar 2023 20:06:05 GMT
Date: Sat, 25 Mar 2023 17:10:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tMnTFkK-AtSlEsQskvoxwwCjddndz5GBLHiV5RHi3QumyL6MVC9ovg==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 70179
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ogff88YPb_ia9BPyBI0afIy9cWym7eDnXHKykpTS3NVG4EY_SUENDA==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
age: 70179
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02e0767e0c72d95e30337ad42f5d15b3
79aa21ca35c9d98ea7d0713d219e9b67083bdc05
7991a0c4d409cca49259cb626d0de39684635f14fad72e074b303235026673a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 38d33f4d-2b85-4666-b778-04f4b4dfdf10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihSFIdIAMFRjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a1-036a28e75189d05209396933;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eYAgUDZFGkaskq0A77VgX54hvvjtQtClrFyED3COkankS76uD7hTAQ==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 70179
etag: "79aa21ca35c9d98ea7d0713d219e9b67083bdc05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:18 GMT
age: 70189
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww1.lostwebtracker.com/
199.59.243.223200 OK 716 B IP 199.59.243.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (927), with no line terminators
Hash b0b3d4d332a2496f8e623d1140994060
25f836cc0ce718b52db8ea7cf736e79eed97ee35
4a331b5d43ebfda1f5b4d425cb24aec2b089da95ca99aa66985d0c5ca98f760e
GET / HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lostwebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=30ad13a1-c103-2aa4-f2cb-c65b238c5629; expires=Sat, 25-Mar-2023 17:25:07 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BTQ6cSsBQzLx3zBKetgSI8dHJVb2L9mBW1+HHXyOs7F+LjgjF6WXL5MdfkDCqaVLcplk0r1fWKREvuM8z2Q0qQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 70179
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 08:51:06 GMT
age: 29941
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww1.lostwebtracker.com/js/parking.2.104.0.js
199.59.243.223200 OK 22 kB URL HTTP/1.1 ww1.lostwebtracker.com/js/parking.2.104.0.js
IP 199.59.243.223:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 290c0966cc738f53a147252a87f1a91a
e6e38e3a98b711b47a4f636339dec051364ba6f7
836975c1814b6dd7cf8cc9ed9b542ad8e592ec4874537d7726381b84d8609a46
Analyzer Verdict Alert fortinet Malware
GET /js/parking.2.104.0.js HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:07 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 22 Mar 2023 19:54:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ofcelebrity.net/
172.67.134.139301 Moved Permanently 54 kB IP 172.67.134.139:0
File type gzip compressed data, max compression\012- data
Hash 33a303de4587283138be86dd3b4ce295
586447b51b740e4a322f05f4472cbcec68770bf3
adb6ba3ea00b43c4edc86def8916031c528f74ccb4558f97a6a9f79f99748a84
GET / HTTP/1.1
Host: ofcelebrity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 17:10:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 25 Mar 2023 18:10:07 GMT
Location: https://ofcelebrity.net/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhrLSsjtoGLP0PGLTd3uSVSMdghXvy4uV1J%2BD3TZSuuesfdDSe3os2UHWnKKJUAEblKLWR10S9oTPP%2BzEcNe1nOjjiawacnu7JnK56ySyL7dm9TlLAewy%2FYPfdl0jFb7KYw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7ad8c3f76816b4f4-OSL
alt-svc: h2=":443"; ma=60
ww1.lostwebtracker.com/_fd
199.59.243.223200 OK 2.5 kB URL HTTP/1.1 ww1.lostwebtracker.com/_fd
IP 199.59.243.223:0
File type ASCII text, with very long lines (4681), with no line terminators
Hash 05104d2733164491f7e8c1a20feaef14
e887cb4d410d4e6599f47e3b32a7a955000ec68b
5507739d933fdb7e7d4bb564ba1000af3ca33f086c3c33c3c80d83b84a757cb4
Analyzer Verdict Alert fortinet Phishing
POST /_fd HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 25 Mar 2023 17:10:07 GMT
X-Version: 2.104.0
Set-Cookie: parking_session=1b693209-91b5-4b7f-b7c7-4acbcbadb6fc; expires=Sat, 25-Mar-2023 17:25:07 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/px.gif?ch=1&rn=10.53166811067028
199.59.243.223200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=1&rn=10.53166811067028
IP 199.59.243.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=10.53166811067028 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:07 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww1.lostwebtracker.com/px.gif?ch=2&rn=10.53166811067028
199.59.243.223200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=2&rn=10.53166811067028
IP 199.59.243.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=10.53166811067028 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:07 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a229e13ab0262306e8233705569c7866
d389ff1fc114c031f85a57a9ebf1845ead515e38
9865a8767eed63858b778ab5774d5ae48fc46d0adcb1693c76eabb9ad9e81bc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a229e13ab0262306e8233705569c7866
d389ff1fc114c031f85a57a9ebf1845ead515e38
9865a8767eed63858b778ab5774d5ae48fc46d0adcb1693c76eabb9ad9e81bc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 402cbe860d64ae2e13145e34cbc7889c
7af4691dc306b7583365b9ff2ead0c1f6db017c5
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa
GET /s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:30:39 GMT
expires: Sat, 23 Mar 2024 10:30:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
content-type: font/woff2
age: 110368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
216.58.207.193200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
IP 216.58.207.193:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash ab1acb76dd408583614a7a6cedf41866
e2d2d7074479023d37474ab62755b658d22d4ab1
8622edbe2503910e3cbeecef073a09e662fd2507436c3aabf885d155afd96565
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 11:43:26 GMT
expires: Sun, 26 Mar 2023 10:43:26 GMT
cache-control: public, max-age=82800
age: 19601
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
216.58.207.193200 OK 278 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP 216.58.207.193:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Hash bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 01:16:55 GMT
expires: Sun, 26 Mar 2023 00:16:55 GMT
cache-control: public, max-age=82800
age: 57192
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Michroma&display=swap
142.250.74.138200 OK 751 B URL HTTP/2 fonts.googleapis.com/css?family=Michroma&display=swap
IP 142.250.74.138:0
Hash 04812397e6cef611e758efd1017d2d66
a687f79fb2e3c92d8b4a53cd79830b6717c58c9f
2312d7552024d841d556c82d7fef28158b6f910e6975f9ba4b889d473ccd0cee
GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 17:10:07 GMT
date: Sat, 25 Mar 2023 17:10:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6bf50de33fa4848356df525bdb17a561
27b65ad48ed6b14b616579a54fb53f1ddd69e399
3f8b5445c77d3191ac7d9729fa0898620185af043f8e353d9db1349a6bea49f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.lostwebtracker.com/
199.59.243.223200 OK 1.1 kB IP 199.59.243.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (931)
Hash f9da4b6d5b3a86f7803374ddabaaee9c
ce4c998a70c11a5340d3f05e5601a2818c5d7e35
df39caa013e87d44092605257596bb600746ba27be7c978b757e727e1b6cd54c
GET / HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7; expires=Sat, 25-Mar-2023 17:25:08 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BTQ6cSsBQzLx3zBKetgSI8dHJVb2L9mBW1+HHXyOs7F+LjgjF6WXL5MdfkDCqaVLcplk0r1fWKREvuM8z2Q0qQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/js/parking.2.104.0.js
199.59.243.223200 OK 22 kB URL HTTP/1.1 ww1.lostwebtracker.com/js/parking.2.104.0.js
IP 199.59.243.223:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 290c0966cc738f53a147252a87f1a91a
e6e38e3a98b711b47a4f636339dec051364ba6f7
836975c1814b6dd7cf8cc9ed9b542ad8e592ec4874537d7726381b84d8609a46
Analyzer Verdict Alert fortinet Malware
GET /js/parking.2.104.0.js HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:08 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 22 Mar 2023 19:54:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/_fd
199.59.243.223200 OK 2.5 kB URL HTTP/1.1 ww1.lostwebtracker.com/_fd
IP 199.59.243.223:0
File type ASCII text, with very long lines (4681), with no line terminators
Hash 2c57646089dfed9ff490ea584c258b05
0ea1e7d9952212eca67557d051e77ed50f564c41
11a507a758f2a3321065b7ce6726c4cf776f2b4fbda484a9f413280815026c37
Analyzer Verdict Alert fortinet Phishing
POST /_fd HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 25 Mar 2023 17:10:08 GMT
X-Version: 2.104.0
Set-Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7; expires=Sat, 25-Mar-2023 17:25:08 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/px.gif?ch=1&rn=7.8101261573375655
199.59.243.223200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=1&rn=7.8101261573375655
IP 199.59.243.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=7.8101261573375655 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:08 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww1.lostwebtracker.com/px.gif?ch=2&rn=7.8101261573375655
199.59.243.223200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=2&rn=7.8101261573375655
IP 199.59.243.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=7.8101261573375655 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:08 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9b762efe5751eb25cd26ca67ad6dcf22
661f1247ecc842236957d05747967ec4f20835a2
c51c54e54ffc33cc7643bb0a64da2265f93efaf38838351ec0f2a2fe102efa2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.lostwebtracker.com/favicon.ico
199.59.243.223200 OK 0 B URL HTTP/1.1 ww1.lostwebtracker.com/favicon.ico
IP 199.59.243.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 25 Mar 2023 17:10:08 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-158.ec2.internal
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9211052ef1bbc2fb3ff962abc8255c84
8710df14581fd8ddcb77bb70994eda60906200a7
7dc5595fcaaeb86b0c23cd0c43242c435213f697063c64c5b273b782a50bf918
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ww1.lostwebtracker.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 249 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww1.lostwebtracker.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:0
File type ASCII text, with very long lines (376), with no line terminators
Hash f93b2b8f63124bba0451b8a5d3da526a
b0d48ec8d0744da976952316a77f7b28d221c880
1adee6ef761c2f6b84cac66d569c9cad47d0f7e9d6be12ca61dac9829e5332cd
GET /gampad/cookie.js?domain=ww1.lostwebtracker.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 25 Mar 2023 17:10:08 GMT
server: cafe
cache-control: private
content-length: 249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9211052ef1bbc2fb3ff962abc8255c84
8710df14581fd8ddcb77bb70994eda60906200a7
7dc5595fcaaeb86b0c23cd0c43242c435213f697063c64c5b273b782a50bf918
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6bf50de33fa4848356df525bdb17a561
27b65ad48ed6b14b616579a54fb53f1ddd69e399
3f8b5445c77d3191ac7d9729fa0898620185af043f8e353d9db1349a6bea49f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a229e13ab0262306e8233705569c7866
d389ff1fc114c031f85a57a9ebf1845ead515e38
9865a8767eed63858b778ab5774d5ae48fc46d0adcb1693c76eabb9ad9e81bc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Michroma&display=swap
142.250.74.138200 OK 552 B URL HTTP/2 fonts.googleapis.com/css?family=Michroma&display=swap
IP 142.250.74.138:0
File type ASCII text, with very long lines (390)
Hash 3ae821533645aa6e503e21990703c050
7f98fde15e93e75afad6c3b8738e9d6ae7e53e46
2cad3d8109f565218b15713f3c3992b8301f949fc73dd8b28b8bb2a41887350f
GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 17:10:08 GMT
date: Sat, 25 Mar 2023 17:10:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
216.58.207.193200 OK 278 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP 216.58.207.193:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Hash bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 01:16:55 GMT
expires: Sun, 26 Mar 2023 00:16:55 GMT
cache-control: public, max-age=82800
age: 57193
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 17:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 402cbe860d64ae2e13145e34cbc7889c
7af4691dc306b7583365b9ff2ead0c1f6db017c5
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa
GET /s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:30:39 GMT
expires: Sat, 23 Mar 2024 10:30:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
content-type: font/woff2
age: 110369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
142.250.74.163200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13888, version 1.0\012- data
Hash 099548fac114f5f6498c5c75b943581d
7505fcaf9f4fe36634352b322a9f5fed1256a9f6
e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05
GET /s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:27:35 GMT
expires: Sat, 23 Mar 2024 10:27:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:12:09 GMT
content-type: font/woff2
age: 110554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ww1.lostwebtracker.com/_tr
199.59.243.223200 OK 22 B URL HTTP/1.1 ww1.lostwebtracker.com/_tr
IP 199.59.243.223:0
File type ASCII text, with no line terminators
Hash 5cfde9b47de2d84bd26fc473632647c0
fd53c70631b6068328be57daec71bd94bf004d41
47fd05ef74fef5da03fa22483e63fc977cad8e026ae41dadbbcc3745907f306b
Analyzer Verdict Alert fortinet Phishing
POST /_tr HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Content-Length: 1665
Connection: keep-alive
Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7; __gsas=ID=c4a602216ee8d457:T=1679764208:S=ALNI_MbQFQMaHoXLGFQnZQEbiJckmrEZzg
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 25 Mar 2023 17:10:09 GMT
X-Version: 2.104.0
Set-Cookie: parking_session=cf0966ba-e070-c732-a0ae-b98641ed22b7; expires=Sat, 25-Mar-2023 17:25:09 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.ofcelebrity.net/photos/hayden-panettiere-58.jpg
104.21.6.60301 Moved Permanently 0 B URL HTTP/2 www.ofcelebrity.net/photos/hayden-panettiere-58.jpg
IP 104.21.6.60:0
GET /photos/hayden-panettiere-58.jpg HTTP/1.1
Host: www.ofcelebrity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 25 Mar 2023 17:10:06 GMT
content-type: text/html; charset=UTF-8
location: https://ofcelebrity.net/photos/hayden-panettiere-58.jpg
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
x-redirect-by: WordPress
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDsnx2iJpfCC9iSmfTSMRyTfRs%2F4%2BM6lctPdzBANLpsZSI49xuK8GyX7ysFReB%2Br4sKe%2BKmmbPcalTTTNHfmcoitReOKX%2FcPlZVLv1GQL5ranuQgm9PCtVTmzOXE%2BP7EMVHB5OgC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ad8c3ec189c0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
janethillstudio.com/blog/wp-content/uploads/2010/11/sweet-as-meringue-sl-800x1024.jpg
23.227.38.65404 Not Found 0 B URL HTTP/2 janethillstudio.com/blog/wp-content/uploads/2010/11/sweet-as-meringue-sl-800x1024.jpg
IP 23.227.38.65:0
GET /blog/wp-content/uploads/2010/11/sweet-as-meringue-sl-800x1024.jpg HTTP/1.1
Host: janethillstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 25 Mar 2023 17:10:05 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 60
x-sorting-hat-shopid: 17875755
x-storefront-renderer-rendered: 1
set-cookie: keep_alive=9dff3e14-5a6d-48e6-b59c-39e998d3c78a; path=/; expires=Sat, 25 Mar 2023 17:40:05 GMT; HttpOnly; SameSite=Lax
cart_currency=USD; path=/; expires=Sat, 08 Apr 2023 17:10:05 GMT
_cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22CA%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=janethillstudio.com; path=/; expires=Sun, 26 Mar 2023 17:10:05 GMT; SameSite=Lax
_y=a5a816f6-aa13-459f-9798-2602b1b09338; Expires=Sun, 24-Mar-24 17:10:05 GMT; Domain=janethillstudio.com; Path=/; SameSite=Lax
_s=93b4bfda-ac8f-410a-a5e6-1713a45bec00; Expires=Sat, 25-Mar-23 17:40:05 GMT; Domain=janethillstudio.com; Path=/; SameSite=Lax
_shopify_y=a5a816f6-aa13-459f-9798-2602b1b09338; Expires=Sun, 24-Mar-24 17:10:05 GMT; Domain=janethillstudio.com; Path=/; SameSite=Lax
_shopify_s=93b4bfda-ac8f-410a-a5e6-1713a45bec00; Expires=Sat, 25-Mar-23 17:40:05 GMT; Domain=janethillstudio.com; Path=/; SameSite=Lax
content-encoding: gzip
etag: cacheable:24811647043a1348110f00d1715f3217
x-alternate-cache-key: cacheable:28daff1ea6ea4b3251d3db33b9bd5ed0
x-cache: hit, server
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 17875755
x-shardid: 60
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-europe-north1,gcp-europe-west1,gcp-europe-west1
x-request-id: 307b816c-2d59-4baf-b2ff-66102cb01e8c
x-xss-protection: 1; mode=block
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHBBa3%2BgMW54xfAQ7aN5KdDvKS0uWLSYidOSqNfexsWqns5z7NJ8YvsPGmxBZRHN%2BK2cRSaW%2Fs3RK2WFVKXPOm9PjuneggyadHum6bhsrSgwO8YO0CBaSQX4aPGeFiaRT%2BMHGeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=21, db;dur=11, asn;desc="50304", edge;desc="OSL", country;desc="NO", theme;desc="Canopy", pageType;desc="404", cfRequestDuration;dur=82.999945
server: cloudflare
cf-ray: 7ad8c3ec7eb40b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
velocityresults.com/images/145.jpg
198.185.159.144404 Not Found 0 B URL HTTP/2 velocityresults.com/images/145.jpg
IP 198.185.159.144:0
GET /images/145.jpg HTTP/1.1
Host: velocityresults.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spurspurious1712.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
age: 0
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 25 Mar 2023 17:10:05 GMT
etag: W/"184b4fb544ba3406d88eb770ef6e338e"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BeyjLze8ASaMNWFkNWY1ZGM5MDcxODRjMjJiYWVlNDk5OGIwNGVk;Path=/
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: 8ye6cKSd/23gKwynN
content-length: 11026
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
216.58.211.4200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 216.58.211.4:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 25 Mar 2023 17:10:08 GMT
expires: Sat, 25 Mar 2023 17:10:08 GMT
cache-control: private, max-age=3600
etag: "15648507436981654811"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/2458641927235026976?po=7869298845309321803&hl=en-GB&blogspotRpcToken=5140354
216.58.207.233200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/2458641927235026976?po=7869298845309321803&hl=en-GB&blogspotRpcToken=5140354
IP 216.58.207.233:0
GET /comment/frame/2458641927235026976?po=7869298845309321803&hl=en-GB&blogspotRpcToken=5140354 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spurspurious1712.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 25 Mar 2023 17:10:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-k7F63_EqFKJJG9hzq8yFSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=QnDdUhojZ1l1ftb4KP7ojI8iaYCTSr9iGWGsHD7IvF4ekjzmyKKVZyVH1HG3YZ-6jhj6fI4GU6oKaQCq8CA9PqQrkt3DKVeK6N9NEHN-7G0Zq5hSQSw36nDLlE7mkE2fSyKfVFvxLqb2poSjmOnJsvfJig8JW02-M5EF0Wm-HAk; expires=Sun, 24-Sep-2023 17:10:05 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2