astridberges-frisbey.blogspot.fr/2011/05/world-cup-2011-cricket-time-table.html
142.250.74.161302 Moved Temporarily 223 B URL HTTP/1.1 astridberges-frisbey.blogspot.fr/2011/05/world-cup-2011-cricket-time-table.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash db1c9671a8358634053f4e05437fcdd8
0e78caef3c435dadf920657e8d60495a552df331
68f51dee3ac382fc1041d3ebfad9ddb9f5e0e9fdb61f0347a727e737723167b1
GET /2011/05/world-cup-2011-cricket-time-table.html HTTP/1.1
Host: astridberges-frisbey.blogspot.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://astridberges-frisbey.blogspot.com/2011/05/world-cup-2011-cricket-time-table.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 07:59:41 GMT
Expires: Fri, 25 Nov 2022 07:59:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 223
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2525
Expires: Fri, 25 Nov 2022 08:41:46 GMT
Date: Fri, 25 Nov 2022 07:59:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3863
Cache-Control: max-age=99352
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:35:34 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9475
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 07:59:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 07:17:25 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2537
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p21q2HuiQJ91deZHILTJCXufDsXvCSwJWPqAKxgMlct5VFkjmWHttytUbT/UGYHB42e38uL01k0=
x-amz-request-id: C0CNDB5PXESXBRYM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 07:40:43 GMT
age: 1139
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 07:59:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
astridberges-frisbey.blogspot.com/2011/05/world-cup-2011-cricket-time-table.html
142.250.74.161200 OK 19 kB URL HTTP/1.1 astridberges-frisbey.blogspot.com/2011/05/world-cup-2011-cricket-time-table.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (19896)
Hash 23a245a9ab0bedc954f1637367181c2d
456ed2cb48af173dfe61a9e281c2d762f1a1bca7
8f955bcfc17c9f7335973bc07bab80f8e4f260d739f76aa08daea0792ce8b9e9
GET /2011/05/world-cup-2011-cricket-time-table.html HTTP/1.1
Host: astridberges-frisbey.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 25 Nov 2022 07:59:42 GMT
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 01 Dec 2021 13:42:40 GMT
ETag: W/"5b9c0f573cd11fbf45f5caef285e787224f97121d42663ccc7140943fadd4cd7"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 18816
Server: GSE
scripts.chitika.net/eminimalls/amm.js
143.204.55.6301 Moved Permanently 167 B URL HTTP/1.1 scripts.chitika.net/eminimalls/amm.js
IP 143.204.55.6:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /eminimalls/amm.js HTTP/1.1
Host: scripts.chitika.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 25 Nov 2022 07:59:42 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://scripts.chitika.net/eminimalls/amm.js
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Cq41pzY_FHSVALCNBZTgToytuFXrQf51oTglCNXQKqc1HVNis2JmQ==
astridberges-frisbey.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 astridberges-frisbey.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: astridberges-frisbey.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/2011/05/world-cup-2011-cricket-time-table.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 02:58:17 GMT
Expires: Wed, 30 Nov 2022 02:58:17 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 21:54:19 GMT
Content-Type: text/javascript
Age: 190885
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2a03384abe9f9728677b1f7b876b4694
41c1c401e79ac5b6edc6fc3cce8b4d085c565ac1
744b3562ef1851ca3c0413020ef5c40e71af514e6ff8da065f6ea9f846e70717
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 219599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 316659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 25 Nov 2022 07:59:42 GMT
expires: Fri, 25 Nov 2022 07:59:42 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 214024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
content-type: image/gif
age: 234947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.ad-u.com/ad.php
3.94.41.167302 Found 0 B IP 3.94.41.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad.php HTTP/1.1
Host: ad.ad-u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 302 Found
content-length: 0
date: Fri, 25 Nov 2022 07:59:42 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=ad-u.com
scripts.chitika.net/eminimalls/amm.js
143.204.55.6200 OK 0 B URL HTTP/2 scripts.chitika.net/eminimalls/amm.js
IP 143.204.55.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eminimalls/amm.js HTTP/1.1
Host: scripts.chitika.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 0
last-modified: Fri, 19 Apr 2019 16:37:52 GMT
server: AmazonS3
date: Thu, 24 Nov 2022 20:17:52 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YAMt2nmqyA6QaYAy-aKH7G41vQql96qAYi4cRQSB6J5u4A85ubu1Vg==
age: 42111
X-Firefox-Spdy: h2
3.bp.blogspot.com/_I66TKjh_WlU/SxUdI3SQ5iI/AAAAAAAAAHE/ZNwM_GPDyzA/s1600/Bangladesh-players-lift-u-001.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 3.bp.blogspot.com/_I66TKjh_WlU/SxUdI3SQ5iI/AAAAAAAAAHE/ZNwM_GPDyzA/s1600/Bangladesh-players-lift-u-001.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_I66TKjh_WlU/SxUdI3SQ5iI/AAAAAAAAAHE/ZNwM_GPDyzA/s1600/Bangladesh-players-lift-u-001.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 07:59:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 165804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6412
Cache-Control: max-age=96839
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:53:41 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.besthitsnow.com/b1.php?id=billymoon
95.211.219.66429 Too Many Requests 17 B URL HTTP/1.1 www.besthitsnow.com/b1.php?id=billymoon
IP 95.211.219.66:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash eeb13468b73d93fa8bcbe3ebae6df720
1f55c90d5ce61c6447e923443d496b137be35c63
802600d124464157037a2519acb3cff90b97670fd04809ea902fbb95497a12ca
GET /b1.php?id=billymoon HTTP/1.1
Host: www.besthitsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 429 Too Many Requests
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 17
date: Fri, 25 Nov 2022 07:59:42 GMT
server: nginx
set-cookie: sid=1e9b8122-6c97-11ed-ae45-d5bb74a23582; path=/; domain=.besthitsnow.com; expires=Wed, 13 Dec 2090 11:13:49 GMT; max-age=2147483647; HttpOnly
www.trendsarena.com/wp-content/uploads/2011/02/world-cup-2011.jpg
207.148.248.143404 Not Found 243 B URL HTTP/1.1 www.trendsarena.com/wp-content/uploads/2011/02/world-cup-2011.jpg
IP 207.148.248.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 57d3af0f3b2fc97b9c050681b6f2a7e7
6861b78de6347f498e44fa2ce2172bed28321af9
d10d15c5cb6c4ae90bdd71459993ed7e6b511376e00ae211e8a2860294401d78
GET /wp-content/uploads/2011/02/world-cup-2011.jpg HTTP/1.1
Host: www.trendsarena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 07:59:42 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.8
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 07:11:11 GMT
cache-control: public,max-age=3600
age: 2911
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
cdn1.staztic.com/screenshots/icc-cricket-worldcup-2011-10-1.jpg
54.227.185.202404 Not Found 77 B URL HTTP/1.1 cdn1.staztic.com/screenshots/icc-cricket-worldcup-2011-10-1.jpg
IP 54.227.185.202:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 90fe7f963baa0559e6815ad543fdb489
51adeb53eca2f5157ad0251eb9cadbd2f0bfa594
a1204c63d670022c3f06b06e2859baa7be687ad61db4c66376bf64523d72defa
GET /screenshots/icc-cricket-worldcup-2011-10-1.jpg HTTP/1.1
Host: cdn1.staztic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 07:59:42 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4b97049e8845524dc48668af75cf65a0
e45e34069b8ddf98bc0ecfe6721fa71f81b90f98
c3695833d8d0499c6600a056e7f0fccd696cdf07be287f6fd189c49523deb07b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4605
Cache-Control: max-age=93952
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:42 GMT
Etag: "637f2ff1-116"
Expires: Sat, 26 Nov 2022 10:05:34 GMT
Last-Modified: Thu, 24 Nov 2022 08:48:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
india-england-livescore.u2c.in/files/2011/02/6184-5350-2011-ICC-Cricket-World-Cup-India.png
185.53.178.53400 Bad Request 20 B URL HTTP/1.1 india-england-livescore.u2c.in/files/2011/02/6184-5350-2011-ICC-Cricket-World-Cup-India.png
IP 185.53.178.53:0
File type ASCII text, with no line terminators
Hash 64b3d0bcb16e406cdd665ec49fefb7f1
8da5d8ac9123e50bbd4293b111f6f640f864256b
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
GET /files/2011/02/6184-5350-2011-ICC-Cricket-World-Cup-India.png HTTP/1.1
Host: india-england-livescore.u2c.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 400 Bad Request
Server: nginx
Date: Fri, 25 Nov 2022 07:59:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Blocked: 11015.10
www.blogger.com/dyn-css/authorization.css?targetBlogID=6072607690950852570&zx=5411be7a-333a-438a-9da4-297a6c51c362
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=6072607690950852570&zx=5411be7a-333a-438a-9da4-297a6c51c362
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=6072607690950852570&zx=5411be7a-333a-438a-9da4-297a6c51c362 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 07:59:42 GMT
last-modified: Fri, 25 Nov 2022 07:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_AUHKi-o18kY/TTHRjIQsyNI/AAAAAAAAAGU/qtJKPnAX7gE/s1600/2011%252525252Bcricket%252525252Bworld%252525252Bcup%252525252Bvenues%252525252Bindia.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 2.bp.blogspot.com/_AUHKi-o18kY/TTHRjIQsyNI/AAAAAAAAAGU/qtJKPnAX7gE/s1600/2011%252525252Bcricket%252525252Bworld%252525252Bcup%252525252Bvenues%252525252Bindia.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_AUHKi-o18kY/TTHRjIQsyNI/AAAAAAAAAGU/qtJKPnAX7gE/s1600/2011%252525252Bcricket%252525252Bworld%252525252Bcup%252525252Bvenues%252525252Bindia.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 07:59:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
news.worldsnap.com/wp-content/uploads/2011/01/ICC_Cricket_World_Cup_2011_Logo-e1295265861832.png
162.214.80.58301 Moved Permanently 312 B URL HTTP/1.1 news.worldsnap.com/wp-content/uploads/2011/01/ICC_Cricket_World_Cup_2011_Logo-e1295265861832.png
IP 162.214.80.58:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d982e0407bc83eded6ee2a4d2934ec91
9f5fc2f589ad18680532a0a557eeb730d17ce4b1
c2a071a731b8952692f8b7370ce62b0f0f42e76bf2cd311bd37888f02a7fe007
GET /wp-content/uploads/2011/01/ICC_Cricket_World_Cup_2011_Logo-e1295265861832.png HTTP/1.1
Host: news.worldsnap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 07:59:42 GMT
Server: Apache
Location: https://news.worldsnap.com/wp-content/uploads/2011/01/ICC_Cricket_World_Cup_2011_Logo-e1295265861832.png
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 08:59:42 GMT
Content-Length: 312
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
4.bp.blogspot.com/-kZnRrflQgIU/TZq3gQxRvQI/AAAAAAAAHE0/LfECzasM-wk/s1600/1.jpg
142.250.74.161200 OK 59 kB URL HTTP/1.1 4.bp.blogspot.com/-kZnRrflQgIU/TZq3gQxRvQI/AAAAAAAAHE0/LfECzasM-wk/s1600/1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 400x301, components 3\012- data
Hash 9c0cd767229c3d7fdeb5362b8a5dae87
4d9a72cabc212fe6717f084e9fb824ecf3dd3fca
285d76a4bb1a06a2e4393a6d731eedf5be3a5b253846062a377c2280b766a229
GET /-kZnRrflQgIU/TZq3gQxRvQI/AAAAAAAAHE0/LfECzasM-wk/s1600/1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1c4d"
Expires: Sat, 26 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 07:59:42 GMT
Server: fife
Content-Length: 58818
X-XSS-Protection: 0
1.bp.blogspot.com/-CJnB-7UKPvs/TVZlRGijVMI/AAAAAAAAAgw/CjhM-xuxV2I/s1600/ICC%2Bcricket%2BWC%2B2011.jpg
142.250.74.161200 OK 28 kB URL HTTP/1.1 1.bp.blogspot.com/-CJnB-7UKPvs/TVZlRGijVMI/AAAAAAAAAgw/CjhM-xuxV2I/s1600/ICC%2Bcricket%2BWC%2B2011.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 488x420, components 3\012- data
Hash f6e2ec7f075476363d270acb62020fbe
a3c8cb96f5c8edde361a025410a95eb3c8d75d82
1b0f21a52ab84ce7a086aeaa0c6ba6ad89466c1720424b3277aa162b96230ede
GET /-CJnB-7UKPvs/TVZlRGijVMI/AAAAAAAAAgw/CjhM-xuxV2I/s1600/ICC%2Bcricket%2BWC%2B2011.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vf52"
Expires: Sat, 26 Nov 2022 07:59:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ICC cricket WC 2011.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 07:59:42 GMT
Server: fife
Content-Length: 28048
X-XSS-Protection: 0
img201.imageshack.us/img201/4038/capture1qn.png
38.99.77.16404 Not Found 168 B URL HTTP/1.1 img201.imageshack.us/img201/4038/capture1qn.png
IP 38.99.77.16:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img201/4038/capture1qn.png HTTP/1.1
Host: img201.imageshack.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Fri, 25 Nov 2022 07:59:42 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
push.services.mozilla.com/
54.149.156.115101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.156.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t7zBNat5pEm0NboJ6iig/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kGBOPOgSHz0f0xwp+b1lhKQvgsc=
media.onsugar.com/files/2011/04/17/2/1604/16042675/81/icc-cricket-world-cup-2011-calendar9.jpg
151.101.85.91200 OK 28 kB URL HTTP/1.1 media.onsugar.com/files/2011/04/17/2/1604/16042675/81/icc-cricket-world-cup-2011-calendar9.jpg
IP 151.101.85.91:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 448x290, components 3\012- data
Hash 4a207e7492437ca9dfeaff0933a9b7e2
3adbe500c0b5edb528327887b1935bff0fd8d56d
9bb721f5f6784fab02bad1729daea386fdf5ded161bf7f07afe936a7dd865cd0
GET /files/2011/04/17/2/1604/16042675/81/icc-cricket-world-cup-2011-calendar9.jpg HTTP/1.1
Host: media.onsugar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 27825
Last-Modified: Wed, 11 Jan 2017 08:10:18 GMT
ETag: "4a207e7492437ca9dfeaff0933a9b7e2"
Content-Type: image/jpeg
Server: AmazonS3
cache-control: max-age=2592000
Accept-Ranges: bytes
Date: Fri, 25 Nov 2022 07:59:43 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669363183.569312,VS0,VE552
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.777seo.com/seo.php?username=billymoon
103.224.182.251302 Found 0 B URL HTTP/1.1 www.777seo.com/seo.php?username=billymoon
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /seo.php?username=billymoon HTTP/1.1
Host: www.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 25 Nov 2022 07:59:43 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1669363183.6994018; expires=Mon, 22-Nov-2032 07:59:43 GMT; Max-Age=315360000
Location: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221125-1859-433a-9846-c05667fb93cd
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
media.onsugar.com/files/2011/04/15/5/1566/15666083/74/250px2011_Cricket_World_Cup_Logo.svg_thumb.png
151.101.85.91200 OK 94 kB URL HTTP/1.1 media.onsugar.com/files/2011/04/15/5/1566/15666083/74/250px2011_Cricket_World_Cup_Logo.svg_thumb.png
IP 151.101.85.91:0
File type PNG image data, 378 x 421, 8-bit/color RGBA, non-interlaced\012- data
Hash c0edef2c48f2cc393ffb683197d7e1ee
3ab126c8ff7dca3ed3b00c7d5932ad818cfdb06e
4d8cb64cd303f5d77d23822f0216e5e666d0b3482eb3a6e59e3fc44553d07647
GET /files/2011/04/15/5/1566/15666083/74/250px2011_Cricket_World_Cup_Logo.svg_thumb.png HTTP/1.1
Host: media.onsugar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 94458
Last-Modified: Wed, 11 Jan 2017 07:04:48 GMT
ETag: "c0edef2c48f2cc393ffb683197d7e1ee"
Content-Type: image/png
Server: AmazonS3
cache-control: max-age=2592000
Accept-Ranges: bytes
Date: Fri, 25 Nov 2022 07:59:43 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1654-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669363183.569383,VS0,VE659
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz
103.224.182.251302 Found 0 B URL HTTP/1.1 my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz HTTP/1.1
Host: my.blueadvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 25 Nov 2022 07:59:43 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1669363183.4635855; expires=Mon, 22-Nov-2032 07:59:43 GMT; Max-Age=315360000
Location: http://ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221125-1859-43cd-a96e-02971801aa53
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ww38.777seo.com/seo.php?username=billymoon&subid1=20221125-1859-433a-9846-c05667fb93cd
75.2.11.242200 OK 5.0 kB URL HTTP/1.1 ww38.777seo.com/seo.php?username=billymoon&subid1=20221125-1859-433a-9846-c05667fb93cd
IP 75.2.11.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2590)
Hash d74af539edda0becab717914cd568c76
78de7d322b77a747cdb9fd5628caa9988a501fd6
466f6380cfe5fd414bb5a1609fe4046c261b54e0799eca1e884b3f352b8c3e6a
GET /seo.php?username=billymoon&subid1=20221125-1859-433a-9846-c05667fb93cd HTTP/1.1
Host: ww38.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 07:59:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NJrm+C1dF/h7ZWNkpgzDTajthzIif26XQdRey8MFkC3UONEWSFuoMqJo+F0lb9ntrceEldpKQhr2vH8wKoQaiw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/themes/assets/style.css
54.230.245.138200 OK 343 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/style.css
IP 54.230.245.138:0
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Fri, 25 Nov 2022 00:33:18 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4RHDtWqlUkPwQje6ySipNUaS7RuKjWLMbWGcNGqcpOZKaMBv8FNwBw==
Age: 26785
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
54.230.245.138200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP 54.230.245.138:0
File type ASCII text, with very long lines (316)
Hash 3c7567521347bf95b105ffa7fdc7da86
08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29
Analyzer Verdict Alert fortinet Malware
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Thu, 24 Nov 2022 15:10:44 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TTLhtZfSMXYLXU1PwY3Rev3isSba4nKvnY9MV5JiiNE4tLTjeU7STQ==
Age: 60539
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
54.230.245.138200 OK 648 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
IP 54.230.245.138:0
Hash 706f944f821bc64dff4240a04251ff36
efcf7c46310be1b252baae8e2f4b5e9edfee9fe3
dc365466c780c2d5e58a10925db88facb0cae18cb5a077790c54561e8590b63b
GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Fri, 25 Nov 2022 03:12:44 GMT
Last-Modified: Fri, 21 Oct 2022 11:27:37 GMT
Content-Encoding: gzip
ETag: W/"63528229-63e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JZsvWObRyUTpmZwYSvfJuOrQz3P_-cFd3fSmY5Nj0F1d-L5MHhuBMw==
Age: 17219
ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221125-1859-43cd-a96e-02971801aa53
75.2.11.242200 OK 5.1 kB URL HTTP/1.1 ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221125-1859-43cd-a96e-02971801aa53
IP 75.2.11.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2614)
Hash 1976edc93181ec29d7c2e0c3c723ead1
7be1d2812b37a9476fc8f7f378e9d2efc669e03c
bda900d5cab407396e2edab18094f6c9e8c82d69cd2ee1f537108da289841f49
GET /__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221125-1859-43cd-a96e-02971801aa53 HTTP/1.1
Host: ww38.my.blueadvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 07:59:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_bVnvnDhaJl+mTj1wxl2JewNQs/EHwt3+3bMrx6QHUqmtUkdJ3OhoK18Pu7ystD9eOLYyQc2Y46CvBNYw77IKdg==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1885)
Hash a44ef3c4a7a9931f20e9683f32059b23
acb52c922f371a4a9ce2388815da2e5b7a9254ea
69091ab962a7a39bed19fd1a106dca60a6dfbc2162d6d0af5234949186777b40
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Fri, 25 Nov 2022 07:59:43 GMT
Expires: Fri, 25 Nov 2022 07:59:43 GMT
Cache-Control: private, max-age=3600
ETag: "5691164722343775337"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
ymads.com/banner.php?ad=t1rdrm&u=ahk845&w=728&h=90
34.224.152.49301 Moved Permanently 178 B URL HTTP/1.1 ymads.com/banner.php?ad=t1rdrm&u=ahk845&w=728&h=90
IP 34.224.152.49:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /banner.php?ad=t1rdrm&u=ahk845&w=728&h=90 HTTP/1.1
Host: ymads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 07:59:43 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Set-Cookie: AWSALB=Ps7M1YmmiLI+DZ7cMqgPumdURcAsjop2CTM+Sh8NK2yzknk7VybFUdM3lseRJZu9/hOd5S3UoYHjBZxS1DgC9oTZ5JiDOwRJZrzibjCVZkREqLDzMu0tSsKyjnl6; Expires=Fri, 02 Dec 2022 07:59:43 GMT; Path=/
AWSALBCORS=Ps7M1YmmiLI+DZ7cMqgPumdURcAsjop2CTM+Sh8NK2yzknk7VybFUdM3lseRJZu9/hOd5S3UoYHjBZxS1DgC9oTZ5JiDOwRJZrzibjCVZkREqLDzMu0tSsKyjnl6; Expires=Fri, 02 Dec 2022 07:59:43 GMT; Path=/; SameSite=None
Server: nginx/1.18.0 (Ubuntu)
Location: https://www.domainmarket.com/buynow/ymads.com
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2222631cbf3ca18f42a96389cc1a1d25
3fec466c3358a47570a2d46c19b21a8225522863
5f34a72afbe312ca759b52f4c256a9c0c0fc461b2c0553e30c5ca4d585f963da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1462
Cache-Control: max-age=119974
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:43 GMT
Etag: "637fa1df-118"
Expires: Sat, 26 Nov 2022 17:19:17 GMT
Last-Modified: Thu, 24 Nov 2022 16:54:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 07:59:43 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
www.spiderkerala.net/attachments/Resources/3759-12546-world-cup-2011-3.jpg
65.182.97.151200 OK 61 kB URL HTTP/1.1 www.spiderkerala.net/attachments/Resources/3759-12546-world-cup-2011-3.jpg
IP 65.182.97.151:0
ASN #33055 BCC-65-182-96-0-PHX
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x452, components 3\012- data
Hash d30226c54ebb1437b2017c8a06104a2d
158278b41a71e1de9a10b936dc210c2f8c773e27
15ae2dac932b4982b393f82f320a476ed07ea6bd326dad179ad459c1221df419
GET /attachments/Resources/3759-12546-world-cup-2011-3.jpg HTTP/1.1
Host: www.spiderkerala.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 12 Feb 2011 11:46:12 GMT
Accept-Ranges: bytes
ETag: "d2a3a772aacacb1:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Headers: accept, content-type
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
Date: Fri, 25 Nov 2022 07:59:43 GMT
Content-Length: 61274
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/bottom.png
54.230.245.138200 OK 3.4 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/bottom.png
IP 54.230.245.138:0
File type PNG image data, 459 x 156, 8-bit colormap, non-interlaced\012- data
Hash 8f00618489c9024bc741a161effb2e32
7e3146cfd561806169d6201b01ccbe37a256dfc5
ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355
GET /themes/cleanPeppermintBlack_657d9013/img/bottom.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3359
Connection: keep-alive
Server: nginx
Date: Fri, 25 Nov 2022 01:55:22 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-d1f"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TFkh3TD_7eV898sJmfAqofRRTQ-cwBQ0WVpdavch2SQ__RkHw2X8nA==
Age: 21861
www.domainmarket.com/buynow/ymads.com
172.66.43.135200 OK 16 kB URL HTTP/2 www.domainmarket.com/buynow/ymads.com
IP 172.66.43.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (785)
Hash 3c88363a9dacf9b7b7efceb2119bc756
9638ff8fbe9965f86704435870de772ed9466411
11df073ee09a19de6f726665433ed39e45d2def39ad0eea4e8ddc62e23182f12
GET /buynow/ymads.com HTTP/1.1
Host: www.domainmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:59:43 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Thu, 24 Nov 2022 14:07:57 GMT
cf-cache-status: HIT
age: 36558
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAmPTX25srsi%2FGHawxoeNq7owVfWgiPhJi0kJvebqYhu0SUrfQGOPgdFuzd5aYamQMeZzrvlUGjHULWyj2NUda%2BNIUkYT%2BMNlDffrFIGjGwzQ%2FkzoKpDgV2MV%2Bo4uhIbJcVpMv6s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f8d8b93ea6b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a52b4545281e15c229b5d2b5dc2efbf
fc2a8bf83313aef67e333662e967f6d516d2a11f
a0c7ba49bb7ca5792cd6ec017e43f840eac96b65731837fa19890bf462d8137f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0C7BA49BB7CA5792CD6EC017E43F840EAC96B65731837FA19890BF462D8137F"
Last-Modified: Thu, 24 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Fri, 25 Nov 2022 13:58:45 GMT
Date: Fri, 25 Nov 2022 07:59:43 GMT
Connection: keep-alive
d38psrni17bvxu.cloudfront.net/themes/saledefault.css
54.230.245.22200 OK 1.5 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/saledefault.css
IP 54.230.245.22:0
Hash 9f441d51d5e6a2a0b02892d00f3303bf
8c30ed35e6253bf2cf5182c777ae8108cde9dbbd
b877378e7dbdf82582548b802a62b2acdb0f149653360575621f527ec5c471c0
GET /themes/saledefault.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Fri, 25 Nov 2022 00:27:06 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-1348"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s_QHePqkADVtLIaB-EeArPzGkJj7K8hKFh2lPI01iATZQlLhGcDIPg==
Age: 27157
d38psrni17bvxu.cloudfront.net/themes/assets/zeropark.css
54.230.245.22200 OK 208 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/zeropark.css
IP 54.230.245.22:0
Hash be223301cce69116e7a473d42a863379
928aee49e0ddcbee8c410cdbd80d94820a6cafab
d7a8d561985ea3bb5e9433926fd9c103d4e6c041c19fa4c1dcaa2c0949be74d7
GET /themes/assets/zeropark.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 24 Nov 2022 23:21:27 GMT
Last-Modified: Tue, 25 Jan 2022 08:25:52 GMT
Content-Encoding: gzip
ETag: W/"61efb410-157"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ltRApSNyKDWHS1Bo7t1lZGko8Sr3m1yWhTTbo9uepADIkl_KMUuXWg==
Age: 31096
d38psrni17bvxu.cloudfront.net/themes/assets/style.css
54.230.245.22200 OK 343 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/style.css
IP 54.230.245.22:0
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Fri, 25 Nov 2022 00:33:18 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eFD7JUAiq1c5wIHEGtMZb17fWgi_ZbDvIJwogBcaoFzEgdvhzUZDDw==
Age: 26785
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 07:59:43 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
ww38.777seo.com/favicon.ico
75.2.11.242200 OK 0 B URL HTTP/1.1 ww38.777seo.com/favicon.ico
IP 75.2.11.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww38.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221125-1859-433a-9846-c05667fb93cd&_xafvr=NTlhOTYwOTBhZGQ0MDAzOWEyYzkwNjQ0MGViYTUyNzUwMDUyN2FjZCw2MzgwNzVlZjYwMTBh
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 07:59:44 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash aca84b71a5f4b714c075742c281b3d61
cbf2cd7643b58d042846d7a5a1363ec3b023da08
ee07089053c9450208bb1db56c02709ba4dcfba6f77b97cbecc9211f9728a426
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141538
Date: Fri, 25 Nov 2022 07:59:44 GMT
Etag: "637ffa89-1d7"
Expires: Sat, 26 Nov 2022 23:18:42 GMT
Last-Modified: Thu, 24 Nov 2022 23:13:13 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f0aPVF_1kd3_raqpZi7h7dI1D8RfPhc0YNWiPsU5jxQkyLVYZSYSBQ==
Age: 329
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5350
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:59:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5350
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:59:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5350
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:59:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5350
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:59:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5350
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 07:59:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05a92b9f554600c920e8b772eb16ee75
7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NCCF79BaJkG2j75ihGL9jd3gEE4zajsC9vmEKMmk9u7-wm2s5u4mVQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:43:09 GMT
age: 11795
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92171fa8fbc051aefeb8ceb6072848de
377775b7c7b085efa6dd653d285ba3a52af6a549
537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daiU0caUPDqn0vVDY_eK8eaMxgIenjmw1vLyUOtVYOs-FmuSIgY3Nw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:37:02 GMT
age: 73362
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 47294
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F012ad1d7-e278-4523-b537-853fcf51e3c0.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F012ad1d7-e278-4523-b537-853fcf51e3c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58d104a028a45c82a7310de66477b256
e94f119e32bcff525f9b1a1c239e77747b6fc101
84d79596f4a2c255d1ecb98f557cfa4a2a42230eb92228122df7db6662140250
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F012ad1d7-e278-4523-b537-853fcf51e3c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15116
x-amzn-requestid: 8babc46e-4964-4296-b13d-a3ad113d3095
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCDsiGC8oAMFwLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d7fe9-38b816f81940abb71ad60fdd;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:05:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FBWmZXoDHzX-tjUXMn4pkKwf1XU28Mz2JkuiikoIcKtYEqx3NFWpUw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 06:12:05 GMT
age: 6459
etag: "e94f119e32bcff525f9b1a1c239e77747b6fc101"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 35532
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 52937
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
44.195.142.43200 OK 11 kB URL HTTP/2 brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP 44.195.142.43:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1924)
Hash 0cff4af38905ff27fda9cdddcdcc123a
8b56c1e22e4bb80b5684c7da6f537ad97b056ef1
41d4369065440290e95d57bd0fc04f08e315582c37bdf4f0499ffb1550b0cf80
GET /lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww38.777seo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:59:44 GMT
content-type: text/html;charset=UTF-8
content-length: 10723
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brigi-jar.com/main.js
44.195.142.43200 OK 480 B IP 44.195.142.43:0
Hash 91558066fecbfc1f6f77842f6aa85a6c
6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e
efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed
GET /main.js HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:59:44 GMT
content-type: application/javascript
content-length: 480
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 23 Nov 2022 08:14:12 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brigi-jar.com/style.css
44.195.142.43200 OK 6.0 kB IP 44.195.142.43:0
Hash 2eb024ad11ef5f2e503bfb60117c25d8
235b5ca1205cc2ca3d0b8e4f98ce022512b05c0f
d8efc1d8e1100baf07f4105119fde6f8fe760a9efebf189adc5d9b3dfccc9e0a
GET /style.css HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:59:44 GMT
content-type: text/css
content-length: 5981
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 23 Nov 2022 08:14:12 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
brigi-jar.com/empty.gif
44.195.142.43200 OK 434 B IP 44.195.142.43:0
File type gzip compressed data, max compression\012- data
Hash 699207d91d9eb868f80562981231e135
43e0999a4077fb8dcaa3ea13d93577e41d4005a5
1932b3af91a1b4b3ba38d4cc1164fe567ab8e4d860bb4a1a3b30d717ceae243a
GET /empty.gif HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:59:45 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 23 Nov 2022 08:14:12 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://brigi-jar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:48:50 GMT
expires: Thu, 23 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 123055
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 46c6329d6c5ca7c9292e4f8f642fab64
2d38c58df497a4dbfd7677f45a1cac0909f19c12
74b7a3a12d41142fe0a3fab36c429c117f11e57f6c73e3135a4bbc4fc51a86e4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145988
Date: Fri, 25 Nov 2022 07:59:45 GMT
Etag: "6380017d-1d7"
Expires: Sun, 27 Nov 2022 00:32:53 GMT
Last-Modified: Thu, 24 Nov 2022 23:42:53 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lJOTerfcLIBrTUZi0eIQHco6EMgP0gqbrgr0X7_Ljs_xgZuaQ6nX1w==
Age: 3000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 07:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assetscdn.com/img/arrows.png
143.204.55.93200 OK 24 kB URL HTTP/2 assetscdn.com/img/arrows.png
IP 143.204.55.93:0
File type PNG image data, 1500 x 584, 8-bit/color RGBA, non-interlaced\012- data
Hash c97abaaf2fb3de553aa0531e97dff187
155d7ac68e4f3d8ba8cfac4c7a5c060b3f161483
c006478400bae991f05dde9341cf45cdf392cb06688eb8a58589eb993d376379
GET /img/arrows.png HTTP/1.1
Host: assetscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 24415
date: Thu, 04 Aug 2022 10:10:09 GMT
last-modified: Thu, 04 Aug 2022 10:09:47 GMT
etag: "c97abaaf2fb3de553aa0531e97dff187"
cache-control: public, max-age=31556926
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LwsA9l-YE30jidMugLceI279kLS1fHvPPBqunUuzYhMN9emoxX2W6w==
age: 9755377
X-Firefox-Spdy: h2
www.hugedomains.com/domain_profile.cfm?d=ad-u.com
104.26.7.37200 OK 0 B URL HTTP/2 www.hugedomains.com/domain_profile.cfm?d=ad-u.com
IP 104.26.7.37:0
GET /domain_profile.cfm?d=ad-u.com HTTP/1.1
Host: www.hugedomains.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 07:59:42 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Mon, 20-Nov-2023 07:59:43 GMT; path=/
site_version=HDv3; expires=Mon, 20-Nov-2023 07:59:43 GMT; path=/
captcha-tracker=; expires=Thu, 24-Nov-2022 07:59:43 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86LSWr9bOKdgYsdS0JotStj6SoDdtNLS35sZZOVGlfzxSRzJYo6MEhIGg2z%2Bo%2FdehzmcntTPGCBehjFurbt1mzgCuR1%2FEKPLUgF0xKe%2BE51DKaGq7XZ5OW6rSeismjIfutPctYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f8d8b49a05b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300
IP 142.250.74.10:0
GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 07:59:44 GMT
date: Fri, 25 Nov 2022 07:59:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2