detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 26 Nov 2022 03:45:47 GMT
Age: 53437
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d94527128fae270ee4525c4e302f1274
e386f0db32390b44b1f4052cfd3b7c14dac5ea4b
5b8fb44c87c4d5b85bfcfb96a72bfe83adf8b9e043cb35ae3dea411c0a8e34c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B8FB44C87C4D5B85BFCFB96A72BFE83ADF8B9E043CB35AE3DEA411C0A8E34C6"
Last-Modified: Sat, 26 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6848
Expires: Sat, 26 Nov 2022 20:30:33 GMT
Date: Sat, 26 Nov 2022 18:36:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12611
Expires: Sat, 26 Nov 2022 22:06:36 GMT
Date: Sat, 26 Nov 2022 18:36:25 GMT
Connection: keep-alive
blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
142.250.74.161301 Moved Permanently 204 B URL HTTP/1.1 blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2abf757d21705dfc8f3a16fb53a976b7
7f697f50f07f3887a7deb86ceddc57256c0c1431
422dad26505e1b333f4339091264b7cc88426435dd3971283246819ad2e0f32d
GET /2022/11/12-needle-blight-5e.html HTTP/1.1
Host: blaytonhayder.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 18:36:25 GMT
Expires: Sat, 26 Nov 2022 18:36:25 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 204
Server: GSE
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5c3cd7c57c0eee1e192f3c8491a500cc
568f56adf1e1c3e73ce7de18161c37ff30a0c9e1
359976baf19c7c13405a3e7a76057e12bb2a1fdf21edd5f3d1ac80753640c359
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: EV98IJbtrVpZKDhMqob58Q7aGz_UVzdjT4LNKAJwc5fUK_guymCJUA==
content-encoding: gzip
via: 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 18:22:06 GMT
age: 859
content-type: application/json
content-length: 42439
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Sat, 26 Nov 2022 19:53:55 GMT
Date: Sat, 26 Nov 2022 18:36:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h/zJMcoZoVVZ42HqmUZ+372a/J8b7Uh2usy2U4FWnuZ1BCYtllVMGAXOAWaBU/CK/44sehAg8H0=
x-amz-request-id: RJ5HEMNPDZNYXATP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 18:24:11 GMT
age: 734
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 18:36:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4228
Cache-Control: max-age=147911
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:41:36 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 18:19:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1031
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
142.250.74.161200 OK 57 kB URL HTTP/2 blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12186)
Hash a6d195e7f6d0632ea79407d13332e166
8cf42b9f1810aa8a8e8ad683f60fae0110a9d7e7
19c48730de34a8022f6a00efc388e99386328fd9b67c9aee58197319d9f44cd7
GET /2022/11/12-needle-blight-5e.html HTTP/1.1
Host: blaytonhayder.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 26 Nov 2022 18:36:25 GMT
date: Sat, 26 Nov 2022 18:36:25 GMT
cache-control: private, max-age=0
last-modified: Sat, 26 Nov 2022 10:43:12 GMT
etag: W/"73e04bf90fed5a6b439a9d276d79ed5169dea366004382879c0acd4c433d1901"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 56552
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 579c5055711abbbba8ff3b1e65e7052a
f4aae256ccf9a7de307d43c572d544ab182e62c8
67bbce66f27e9aa01790cb11b928a758694ee9789b3a62c6dd1c8ea8936c474e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5422
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Last-Modified: Sat, 26 Nov 2022 17:06:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f5a1c6157a515daa93c2ffb1ae1c33b9
71c0a501dd86e8b718bf742cfc5ab3927dc349a4
ba91a3a06a45e42d21fe3e738925a29287c74455812eb37d0ed93d76efdc3967
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161292
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Etag: "63822fb5-117"
Expires: Mon, 28 Nov 2022 15:24:37 GMT
Last-Modified: Sat, 26 Nov 2022 15:24:37 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f5a1c6157a515daa93c2ffb1ae1c33b9
71c0a501dd86e8b718bf742cfc5ab3927dc349a4
ba91a3a06a45e42d21fe3e738925a29287c74455812eb37d0ed93d76efdc3967
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=161292
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Etag: "63822fb5-117"
Expires: Mon, 28 Nov 2022 15:24:37 GMT
Last-Modified: Sat, 26 Nov 2022 15:24:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f5a1c6157a515daa93c2ffb1ae1c33b9
71c0a501dd86e8b718bf742cfc5ab3927dc349a4
ba91a3a06a45e42d21fe3e738925a29287c74455812eb37d0ed93d76efdc3967
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=161292
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Etag: "63822fb5-117"
Expires: Mon, 28 Nov 2022 15:24:37 GMT
Last-Modified: Sat, 26 Nov 2022 15:24:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f5a1c6157a515daa93c2ffb1ae1c33b9
71c0a501dd86e8b718bf742cfc5ab3927dc349a4
ba91a3a06a45e42d21fe3e738925a29287c74455812eb37d0ed93d76efdc3967
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3255
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Last-Modified: Sat, 26 Nov 2022 17:42:10 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:25 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 333094
expires: Thu, 16 Nov 2023 18:36:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQQWHQT19xWQ%2F2%2FXwi4eWF6%2FWBCDN05njJJEqzHoZ9%2FauSe99ggfxaWz9cZTFQgzibYW9E6EUFA%2BVV25q3f%2FCRZ7P3XOFO4tYHfHDHXpPoBlaQy2QlolVsa63CilCLJlZxI49yiV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7704bac5de9bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 0 B URL HTTP/2 bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:25 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 15:05:23 GMT
last-modified: Tue, 22 Nov 2022 07:22:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 271862
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AqyXZ6XXjfdsGd2UNdSyifUWpYpji04ZzZa8NVlRInhkmoKFNxnyrsMWHaLnfQ6p6vvz4ASn%2BHEYPiLDLfyf944%2BcyAPCQFpOiY1ykMCFwyZDtak9%2BFbFWyCnVdAIM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7704bac60a720b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bayupras.com/ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 484 B URL HTTP/2 bayupras.com/ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
Hash eb76d0a8f942d775ea6bb049dd390bc3
aeb8b8c16d3404cb8f1a99ce0f095d0ed511035a
2aa3652e057307b77198a1de6a94fdb64b9a3b2a5811f7e22a7cabab9412e3c8
GET /ars/directpop.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 15:05:23 GMT
last-modified: Wed, 23 Nov 2022 12:51:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 271862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEU5qX7NSQIHDHQaOXFUD5nsj7q%2FDlBaJ%2BqYqTtuUcFeQ9ZBsFAas4Ui1XEOR5ySRjpYDknxTl4H4Pyt9rEPwCNJShYMXBLuC%2B1lZNQhnORyLZcmVa9ZZE9fAN%2BQ%2F%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7704bac5fa410b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bayupras.com/ars/tengah.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 675 B URL HTTP/2 bayupras.com/ars/tengah.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
Hash 4bf24e360b91859ac5edf9f246007a02
bc1594be15979bf92b8b159d896b9f5e621b1a86
09aa73de20005c06569780def8920f347fb6267b86887c00b414d1eb460fb569
GET /ars/tengah.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 15:05:23 GMT
last-modified: Thu, 17 Nov 2022 16:23:21 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 271862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deuuq2ISAmxWp3CxA%2FZikxUxaTqxHyAik6KFw3xmM4%2Biv7SHbG9ibxe3ElbNdkQ2Pa3dGZr1KZo6vYJ%2B8JNno4wX5MJbYdIWiHLKPKbfo1yoKuaUd6JBAtCPqiL9%2Bt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7704bac5ca1f0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sat, 26 Nov 2022 18:36:26 GMT
expires: Sat, 26 Nov 2022 18:36:26 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f5a1c6157a515daa93c2ffb1ae1c33b9
71c0a501dd86e8b718bf742cfc5ab3927dc349a4
ba91a3a06a45e42d21fe3e738925a29287c74455812eb37d0ed93d76efdc3967
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161292
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:25 GMT
Etag: "63822fb5-117"
Expires: Mon, 28 Nov 2022 15:24:37 GMT
Last-Modified: Sat, 26 Nov 2022 15:24:37 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 081f1c1107dc245174f5f51b62329340
4a2dcd32d3ccdb9900b30365b97de1c2f9e82faa
36857ac3d18dbb47ee07c9ad784dd16587c5653d3e27bdcf2bcce3c4d54c9e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=105026
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Etag: "638140b7-118"
Expires: Sun, 27 Nov 2022 23:46:52 GMT
Last-Modified: Fri, 25 Nov 2022 22:24:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1CkRiTpHShv9x4PtmV2fR-gBpYe4p0Dkex2M7bn4583usQDjXOh0nWbaRqOF4rHgRc_Vp3Bv0ieIruRd6DA80QAZdh6BnYP3oUFpVDPvM087FXtzlhZ2Q=w72-h72-pd
142.250.74.33200 OK 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1CkRiTpHShv9x4PtmV2fR-gBpYe4p0Dkex2M7bn4583usQDjXOh0nWbaRqOF4rHgRc_Vp3Bv0ieIruRd6DA80QAZdh6BnYP3oUFpVDPvM087FXtzlhZ2Q=w72-h72-pd
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 4b3fb9aec31873d55571d92864f2112c
dc2028e6d08adf6342ddcb24992be7da2d8315f4
a25e5c3f4ae17ec45080524fdeb28976576051c4e01aa84f0d56d92107a96ebf
GET /blogger_img_proxy/ANbyha1CkRiTpHShv9x4PtmV2fR-gBpYe4p0Dkex2M7bn4583usQDjXOh0nWbaRqOF4rHgRc_Vp3Bv0ieIruRd6DA80QAZdh6BnYP3oUFpVDPvM087FXtzlhZ2Q=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 18:36:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 18:36:26 GMT
server: fife
content-length: 1846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 441263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 290408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=8553976266783138760&zx=e6e5e24d-e6b5-4bc5-aa72-257a9379c12a
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8553976266783138760&zx=e6e5e24d-e6b5-4bc5-aa72-257a9379c12a
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8553976266783138760&zx=e6e5e24d-e6b5-4bc5-aa72-257a9379c12a HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 18:36:26 GMT
last-modified: Sat, 26 Nov 2022 18:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha37lmFVPyjm-tDk3qE-sLsZAsa9GLlzkg0Si28F4iOQGkf9PnqjGjmBkukVCQkBfh374Q4KNgfM62GRWH4-bwfE-wr3D0Y5ygT8o4mDuY946waQb7Bl7mwXJGbWZfDHMtiBlSxtQfrUaoiNOLsSS0om-b0skCFuxP1aKq55Cpxdn6mDRmMwaQ_N0yhydTqlFCWCR7xj5YL-07H_SsOQNnt5NmWsKjqHEvV9rDoNjhBObV8aZNV0kVc2MeUI_OSY=w72-h72-p-k-no-nu
142.250.74.33200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha37lmFVPyjm-tDk3qE-sLsZAsa9GLlzkg0Si28F4iOQGkf9PnqjGjmBkukVCQkBfh374Q4KNgfM62GRWH4-bwfE-wr3D0Y5ygT8o4mDuY946waQb7Bl7mwXJGbWZfDHMtiBlSxtQfrUaoiNOLsSS0om-b0skCFuxP1aKq55Cpxdn6mDRmMwaQ_N0yhydTqlFCWCR7xj5YL-07H_SsOQNnt5NmWsKjqHEvV9rDoNjhBObV8aZNV0kVc2MeUI_OSY=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash dea3745e064b3b9cd20b6ba712808eaf
8b8f6fc68e01c7465b8162dcc59fe416b3bc87d3
e6d266b51fc607c6e23322d24db32e1d4f6ca32869690f461a17c615a6041ca2
GET /blogger_img_proxy/ANbyha37lmFVPyjm-tDk3qE-sLsZAsa9GLlzkg0Si28F4iOQGkf9PnqjGjmBkukVCQkBfh374Q4KNgfM62GRWH4-bwfE-wr3D0Y5ygT8o4mDuY946waQb7Bl7mwXJGbWZfDHMtiBlSxtQfrUaoiNOLsSS0om-b0skCFuxP1aKq55Cpxdn6mDRmMwaQ_N0yhydTqlFCWCR7xj5YL-07H_SsOQNnt5NmWsKjqHEvV9rDoNjhBObV8aZNV0kVc2MeUI_OSY=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 18:36:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 18:36:26 GMT
server: fife
content-length: 4573
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 081f1c1107dc245174f5f51b62329340
4a2dcd32d3ccdb9900b30365b97de1c2f9e82faa
36857ac3d18dbb47ee07c9ad784dd16587c5653d3e27bdcf2bcce3c4d54c9e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=105026
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Etag: "638140b7-118"
Expires: Sun, 27 Nov 2022 23:46:52 GMT
Last-Modified: Fri, 25 Nov 2022 22:24:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
i0.wp.com/dmdave.com/wp-content/uploads/2018/08/ivy-monster.jpg?fit=980%2C551&ssl=1
192.0.77.2200 OK 78 kB URL HTTP/2 i0.wp.com/dmdave.com/wp-content/uploads/2018/08/ivy-monster.jpg?fit=980%2C551&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 980x551, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aba3ccff68028360136862e86637f50a
bf334179948ad0015938116bfdf239f2d8e43ef4
275336f74a85c629b2b1a3ab5b8bac3ceb42e7d97e1f68ccc7efa883acf80cc1
GET /dmdave.com/wp-content/uploads/2018/08/ivy-monster.jpg?fit=980%2C551&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 18:36:26 GMT
content-type: image/webp
content-length: 77624
last-modified: Thu, 03 Nov 2022 01:56:19 GMT
expires: Sat, 02 Nov 2024 13:56:19 GMT
cache-control: public, max-age=63115200
link: <https://dmdave.com/wp-content/uploads/2018/08/ivy-monster.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5335e64de0d9cb8c"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
5e.tools/img/adventure/OotA/057-06-01.webp
104.26.9.201200 OK 626 kB URL HTTP/2 5e.tools/img/adventure/OotA/057-06-01.webp
IP 104.26.9.201:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 626 kB (625618 bytes)
Hash 90d7901e9738c53b45f6bcfa7a5dad22
0ce1afaa082b357fc4acb319024a35e25ab78d86
87db7077f212d68043fd0e77978340a118aafc44b5d7a8143674a0c598af389c
GET /img/adventure/OotA/057-06-01.webp HTTP/1.1
Host: 5e.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:26 GMT
content-type: image/webp
content-length: 625618
last-modified: Sat, 26 Feb 2022 22:28:15 GMT
etag: "621aa97f-98bd2"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=691200
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8HEn%2B3aMoWR4oQ8YePqVaKUMjQNa4yxS%2FLWO%2BLiQapIgpJWMqRa7oZ%2FmI3yJ8UG6ACI9xOu3O3jREqdMleCy1uRxoMxhYFk7JTKCdHnNoRpBxD3dvxlFoGA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7704bac70e6a0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 081f1c1107dc245174f5f51b62329340
4a2dcd32d3ccdb9900b30365b97de1c2f9e82faa
36857ac3d18dbb47ee07c9ad784dd16587c5653d3e27bdcf2bcce3c4d54c9e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: max-age=105026
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Etag: "638140b7-118"
Expires: Sun, 27 Nov 2022 23:46:52 GMT
Last-Modified: Fri, 25 Nov 2022 22:24:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 18:11:12 GMT
cache-control: public,max-age=3600
age: 1514
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
142.250.74.10200 OK 2.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
IP 142.250.74.10:0
Hash c4f9ff722d9e5595b8d37cf4c9fa8d3d
9170972d367e84d867e7bc3c11f264fe23ad6c2a
4ec3bbb30bf1fb0d6703eb31d55d8cd3a3beaff7ec567d922d7c0c80513262b6
GET /css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 18:36:25 GMT
date: Sat, 26 Nov 2022 18:36:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
216.58.211.2200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 216.58.211.2:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Fri, 25 Nov 2022 20:43:35 GMT
expires: Fri, 09 Dec 2022 20:43:35 GMT
cache-control: public, max-age=1209600
age: 78771
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3320
Cache-Control: max-age=141945
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:02:11 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e59be1467e8da7d1ac080f7ce53029e4
922db51cf911ce91a74fd554192d1e2a9af30ca8
8a237a564b4adf864d5c61775f1110e391f727a0e5979dbefc3cd4e1722921bd
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 18:36:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 20:08:40 GMT
Expires: Sat, 26 Nov 2022 20:08:40 GMT
ETag: "922db51cf911ce91a74fd554192d1e2a9af30ca8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
i.ytimg.com/vi/HHPrVl954gI/maxresdefault.jpg
142.250.74.150200 OK 191 kB URL HTTP/2 i.ytimg.com/vi/HHPrVl954gI/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 191 kB (190953 bytes)
Hash 2f0e52fa9826124149406ea00bd17a72
7d9ebb68b7134da8d464f765477a6270b5cb2e1f
63e86e653e7597920d76918b1e298046a93546e1bcd56654be37bba03c79751c
GET /vi/HHPrVl954gI/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 190953
date: Sat, 26 Nov 2022 18:36:26 GMT
expires: Sat, 26 Nov 2022 20:36:26 GMT
cache-control: public, max-age=7200
etag: "1550809027"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/J7dgp6h2w9I/maxresdefault.jpg
142.250.74.150200 OK 115 kB URL HTTP/2 i.ytimg.com/vi/J7dgp6h2w9I/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 115 kB (115361 bytes)
Hash 2a372b47ce892c023b9019c8e3b1f741
f29bf0e011ef3df677bb666d9ea1f83f4c499f91
1bb5b7a2399b6a8818490ad7b1292296e3ed70702eef16a470d3dc5da3b598de
GET /vi/J7dgp6h2w9I/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 115361
date: Sat, 26 Nov 2022 18:36:26 GMT
expires: Sat, 26 Nov 2022 20:36:26 GMT
cache-control: public, max-age=7200
etag: "1621191155"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/5f4AhZaqyhI/maxresdefault.jpg
142.250.74.150200 OK 102 kB URL HTTP/2 i.ytimg.com/vi/5f4AhZaqyhI/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 102 kB (102086 bytes)
Hash 86fccf2cebce85666d42dde6704ce586
78884a427403b4ef682bb03d42ffb57ef4700fe6
dc4822fae402c81719515916c5dbf1bf9a70d1347f9aae07cc3f31e6efbfde56
GET /vi/5f4AhZaqyhI/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 102086
date: Sat, 26 Nov 2022 18:36:26 GMT
expires: Sat, 26 Nov 2022 20:36:26 GMT
cache-control: public, max-age=7200
etag: "1604517025"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e59be1467e8da7d1ac080f7ce53029e4
922db51cf911ce91a74fd554192d1e2a9af30ca8
8a237a564b4adf864d5c61775f1110e391f727a0e5979dbefc3cd4e1722921bd
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 18:36:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 20:08:40 GMT
Expires: Sat, 26 Nov 2022 20:08:40 GMT
ETag: "922db51cf911ce91a74fd554192d1e2a9af30ca8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
online.anyflip.com/eqxhe/kqhs/files/mobile/2.jpg?1609188450
143.204.55.95200 OK 758 kB URL HTTP/2 online.anyflip.com/eqxhe/kqhs/files/mobile/2.jpg?1609188450
IP 143.204.55.95:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1391x1800, components 3\012- data
Size 758 kB (758066 bytes)
Hash 1ec33e3ef84e4ef8b52bd8d2e763e88a
c2c69bebdb3cd55addba9c106fb6d17328b2b82d
04777c19d5f27c2f9e7a117621435b83257b80dec011bdf40433362a847fc380
GET /eqxhe/kqhs/files/mobile/2.jpg?1609188450 HTTP/1.1
Host: online.anyflip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 758066
date: Sat, 26 Nov 2022 12:10:20 GMT
last-modified: Mon, 28 Dec 2020 20:47:08 GMT
etag: "1ec33e3ef84e4ef8b52bd8d2e763e88a"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jTxRZZsjL2oOdZNMdTCkFK1dHxUxEWNhuGnblEN0RP3iHemygJPIwQ==
age: 23167
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
52.36.92.75200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 52.36.92.75:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Sat, 26 Nov 2022 18:36:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/wM7nzks/1dsUs.png
162.19.58.160200 OK 32 kB URL HTTP/2 i.ibb.co/wM7nzks/1dsUs.png
IP 162.19.58.160:0
File type PNG image data, 384 x 450, 8-bit/color RGBA, non-interlaced\012- data
Hash 825217e78f43257c1da34ffbf9cc5939
2b198be9a50c275ea1e597173d49d8d6ef21ba5d
b538d5df34dbdbf81594a747c9ae46765658b0657173675a0654ba5656a70b63
GET /wM7nzks/1dsUs.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 18:36:26 GMT
content-type: image/png
content-length: 32516
last-modified: Tue, 07 Sep 2021 16:03:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45b14f4191abfc0829aed1c4b99c3278
d19ff4c53189929c9cd1e7ebd45c95935eb1411a
802e17abe6b9389a55528979c3e5028c94d031dc8bf2633171c7dd16a4d7f7a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "802E17ABE6B9389A55528979C3E5028C94D031DC8BF2633171C7DD16A4D7F7A6"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1960
Expires: Sat, 26 Nov 2022 19:09:06 GMT
Date: Sat, 26 Nov 2022 18:36:26 GMT
Connection: keep-alive
online.anyflip.com/eqxhe/kqhs/files/mobile/1.jpg?1609188450
143.204.55.95200 OK 791 kB URL HTTP/2 online.anyflip.com/eqxhe/kqhs/files/mobile/1.jpg?1609188450
IP 143.204.55.95:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1391x1800, components 3\012- data
Size 791 kB (791189 bytes)
Hash dc902cef088b038755228c6f91e272fd
b7cc4f55952b709680829bbc164f9a6f82ce7dc7
0a5a4998154702f8bdfaee8f0fdcf5be90a91c24cffa995b478e13044c7861a3
GET /eqxhe/kqhs/files/mobile/1.jpg?1609188450 HTTP/1.1
Host: online.anyflip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 791189
date: Sat, 26 Nov 2022 12:10:20 GMT
last-modified: Mon, 28 Dec 2020 20:47:08 GMT
etag: "dc902cef088b038755228c6f91e272fd"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zqj4Rro6sPIZOmKshhySUTRChDJq04TxUaGKKqNfidiCA42WNXylkw==
age: 23167
X-Firefox-Spdy: h2
online.anyflip.com/eqxhe/kqhs/files/mobile/3.jpg?1609188450
143.204.55.95200 OK 1.1 MB URL HTTP/2 online.anyflip.com/eqxhe/kqhs/files/mobile/3.jpg?1609188450
IP 143.204.55.95:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1391x1800, components 3\012- data
Size 1.1 MB (1066409 bytes)
Hash ecf2e9e36ac9d7595712545b2c63a3f4
4ab4d170c2f8bf2d9ffe0fd61598ca65e63bb45b
3e0ba4eb74d992b2e6f351534ca65a68b2bfa1bbe6a40cc6b21811693fdf3975
GET /eqxhe/kqhs/files/mobile/3.jpg?1609188450 HTTP/1.1
Host: online.anyflip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1066409
date: Sat, 26 Nov 2022 12:10:20 GMT
last-modified: Mon, 28 Dec 2020 20:47:08 GMT
etag: "ecf2e9e36ac9d7595712545b2c63a3f4"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uzdaTJHD859ir5HGQQQkynNiAwMJvFFkI-TANLzm2A5YcHKLqiJdUA==
age: 23167
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=8553976266783138760&blogName=BlaytonHayder&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://blaytonhayder.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://blaytonhayder.blogspot.com/&targetPostID=5863032757462387199&blogPostOrPageUrl=https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html&vt=-1302426497873491196&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.105200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=8553976266783138760&blogName=BlaytonHayder&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://blaytonhayder.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://blaytonhayder.blogspot.com/&targetPostID=5863032757462387199&blogPostOrPageUrl=https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html&vt=-1302426497873491196&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3154)
Hash a3864f16569efba25c16b478986457af
c8ff8cb9e6b2fd03cb1431be365f01429324d1df
239ec0d75946903cf0bef689133c2298518bc65a3c50b3765aacadc3df0f981e
GET /navbar.g?targetBlogID=8553976266783138760&blogName=BlaytonHayder&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://blaytonhayder.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://blaytonhayder.blogspot.com/&targetPostID=5863032757462387199&blogPostOrPageUrl=https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html&vt=-1302426497873491196&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 18:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.94.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.94.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RKN72dCoVVOEyCL3M9ADjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IRV0u5N0OrNprgYffP11adCAXXM=
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 098e8dcc09f38de29860ae89b28c21b1
3c5ccfe3b71efef6f3acfb7f5ee213f22a96e8a8
8383c98bb3e318bb531d1079ec8d16bd83f0332c707d99805d54289eb65b6b89
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 18:36:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:28:28 GMT
Expires: Sat, 03 Dec 2022 15:28:27 GMT
Etag: "3c5ccfe3b71efef6f3acfb7f5ee213f22a96e8a8"
Cache-Control: max-age=592920,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7704bacb6efab4fd-OSL
vlry5l4j5gbn.com/57a0c67745db5b2b0e01092b4ababddf/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/57a0c67745db5b2b0e01092b4ababddf/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash 4e9a229e88537f967f37b6d809222128
bd6694c9336ce695a960f308950f72955938c933
3b6dcaabca83cad84fe855c5fb03f82af664734acca6af9186c7a5274d947bc8
GET /57a0c67745db5b2b0e01092b4ababddf/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 18:36:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e3b0a6471736f0548c4b9370cf46606
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
res.cloudinary.com/grow-me/image/fetch/c_fill,h_200,q_auto,w_200/f_auto,fl_lossy/https://explorednd.com/wp-content/uploads/2022/09/aura_of_vitality_5e_guide.png
151.101.85.137200 OK 9.3 kB URL HTTP/2 res.cloudinary.com/grow-me/image/fetch/c_fill,h_200,q_auto,w_200/f_auto,fl_lossy/https://explorednd.com/wp-content/uploads/2022/09/aura_of_vitality_5e_guide.png
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 22432d4df4bb002e12bccf5752772361
91b81f37e6bbdc3db77139c71df65e970c4ad92b
f412bb7322fe60716d96e580e59f9a53bf784c46373a4ba54091981441d283a7
GET /grow-me/image/fetch/c_fill,h_200,q_auto,w_200/f_auto,fl_lossy/https://explorednd.com/wp-content/uploads/2022/09/aura_of_vitality_5e_guide.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="aura_of_vitality_5e_guide.webp"
content-type: image/webp
etag: "22432d4df4bb002e12bccf5752772361"
last-modified: Mon, 14 Nov 2022 04:28:00 GMT
date: Sat, 26 Nov 2022 18:36:26 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=180;cpu=0;start=2022-11-26T18:36:26.670Z;desc=miss,rtt;dur=15,cloudinary;dur=79;start=2022-11-26T18:36:26.723Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 9342
X-Firefox-Spdy: h2
external-preview.redd.it/OMWB8FnPGM6MgBAdlSyeDR3QzuX_l9JcTyvNyEaDY9c.jpg?width=640&crop=smart&auto=webp&s=60945572b4c60834dfb48f3a749e76dfac95fb8c
151.101.85.140200 OK 114 kB URL HTTP/2 external-preview.redd.it/OMWB8FnPGM6MgBAdlSyeDR3QzuX_l9JcTyvNyEaDY9c.jpg?width=640&crop=smart&auto=webp&s=60945572b4c60834dfb48f3a749e76dfac95fb8c
IP 151.101.85.140:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x411, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 114 kB (114084 bytes)
Hash 757f3a0d9b3c7373a27b9eb1e21350ed
3aeb4f5af7b2c0a0d15f74d7828481948439fcb5
23849240cb6887ae788567989fa9e9579732aace8c897d6800ddfe874c7aebf9
GET /OMWB8FnPGM6MgBAdlSyeDR3QzuX_l9JcTyvNyEaDY9c.jpg?width=640&crop=smart&auto=webp&s=60945572b4c60834dfb48f3a749e76dfac95fb8c HTTP/1.1
Host: external-preview.redd.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
etag: "RhwU00H2aFoO+R9+ENsc7jbquV8vS+JyXSUBahvBTUA"
fastly-io-info: ifsz=193561 idim=800x514 ifmt=jpeg ofsz=114084 odim=640x411 ofmt=webp
fastly-stats: io=1
fastly-transform-stats: tus=52398 cr=1.70
via: 1.1 varnish, 1.1 varnish
server: snooserv
cache-control: public, max-age=604800
accept-ranges: bytes
date: Sat, 26 Nov 2022 18:36:26 GMT
vary: Accept,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5}
content-length: 114084
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 26 Nov 2022 03:45:47 GMT
Age: 53439
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
explorednd.com/wp-content/uploads/2022/08/Twig-Blight.jpg
172.67.71.162200 OK 61 kB URL HTTP/2 explorednd.com/wp-content/uploads/2022/08/Twig-Blight.jpg
IP 172.67.71.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x630, components 3\012- data
Hash 83fb9ac7d152b06a3097bc2cf6c67d11
03214326c7f0c22930e9cbb41b2298a1d9d9c245
e597c2cf9af0291c99f57e45aaff3022073eb49d49ca45957d768ecfa2685d97
GET /wp-content/uploads/2022/08/Twig-Blight.jpg HTTP/1.1
Host: explorednd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:26 GMT
content-type: image/jpeg
content-length: 61200
access-control-allow-origin: *
cache-control: max-age=315360000
etag: "630656bc-ef10"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 24 Aug 2022 16:50:04 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=17.9
ki-edge-o2o: yes
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FdBX62pnFqnotDJ67OBPGD0uPjmzH%2FKDX0XNwhmnvhTR8w1dMpYqC%2B6cGXebDbGLKq%2F4gnHIIxNB9J%2F%2B4IdSkyuOdddQiLFtyZeBjMRq5mgUqUoXdz7W%2BozzJVsAEPm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7704bac7ea18b4f9-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669481833579%22
34.102.187.140200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669481833579%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash 5f85b84ea04b88c3b1635906ad86f1b9
d05a19806b258398e65f5b38015be32ea19abee8
1c8be7d2dff73caa40243a90bd852f216b3828bb6282aea97a559d610f9da80b
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221669481833579%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Sat, 26 Nov 2022 18:02:09 GMT
cache-control: public,max-age=3600
age: 2057
last-modified: Sat, 26 Nov 2022 16:57:13 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
imgv2-2-f.scribdassets.com/img/document/38436395/149x198/8c69b70122/1598808664?v=1
151.101.86.152200 OK 5.0 kB URL HTTP/2 imgv2-2-f.scribdassets.com/img/document/38436395/149x198/8c69b70122/1598808664?v=1
IP 151.101.86.152:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 27475d2d104a0cdc2be99df215b64886
ed66273085a99ab6750739f58bc007528b3e46b0
f5faff95fa92fbb2a4a2bd42b652e6d99f7a02d0383cdc367ecf35eb44664f2c
GET /img/document/38436395/149x198/8c69b70122/1598808664?v=1 HTTP/1.1
Host: imgv2-2-f.scribdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=864000,stale-while-revalidate=86400,stale-if-error=86400
content-type: image/webp
etag: "YZr5+zQ5Fumv4vWdzwT1INAtWbZjbyN4RS8noIlqM7k"
fastly-io-info: ifsz=10625 idim=149x198 ifmt=png ofsz=5028 odim=149x198 ofmt=webp
fastly-stats: io=1
fastly-transform-stats: tus=6889 cr=2.11
x-scribd-default-image: false
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 26 Nov 2022 18:36:26 GMT
age: 0
x-served-by: cache-chi-klot8100117-CHI, cache-bma1621-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669487787.750099,VS0,VE249
vary: Accept
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5028
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22
34.102.187.140200 OK 6.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (6593), with no line terminators
Hash 173414a662e4d0d6c29b893819284fcc
e7823586afc7d40c1ffd732e3f0f98d22f9cb6b6
28a589a49cbca81692eb7cc6bb2725f5d56b11238143a58c97f33260a81eb750
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6593
via: 1.1 google
date: Sat, 26 Nov 2022 18:25:37 GMT
cache-control: public,max-age=3600
age: 650
last-modified: Mon, 21 Nov 2022 18:37:18 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/00951b37a5a3e0e60f8b3678d13a9282/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/00951b37a5a3e0e60f8b3678d13a9282/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
GET /00951b37a5a3e0e60f8b3678d13a9282/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 18:36:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f843774e10a7717364e9f775935edfba
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5f45f2219b89c94d3238db3fc02ddf7
dd2cd30360575e807dfce2a287ddbd64ed9e041c
68977c682e7270c18d795678e0c1f0518fe5666c19773fe558085eb98386e517
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68977C682E7270C18D795678E0C1F0518FE5666C19773FE558085EB98386E517"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11550
Expires: Sat, 26 Nov 2022 21:48:57 GMT
Date: Sat, 26 Nov 2022 18:36:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ZfhdLY18Ui3eEhN26fp8MCj/C8kaUMcsfenpv/Cvwv8a+t9gswZ8yOHmBzAOpcuy53/HF7nRYlQBB0sc8fxj1Q==
x-amz-request-id: P40VCC6C3KRE640V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 17:41:18 GMT
age: 3309
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2060ca95481c79cb61632611086459f2
512d39d358ae11f9b6bd896cdb51546ff1218db0
ee734b358a89ba9577c3f2c6185d1d859e1f7bac62f8d0b709e6651984759a6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=131075
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:26 GMT
Etag: "6381b9ad-1d7"
Expires: Mon, 28 Nov 2022 07:01:02 GMT
Last-Modified: Sat, 26 Nov 2022 07:01:01 GMT
Server: nginx
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158752
Date: Sat, 26 Nov 2022 18:36:27 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:42:19 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Sn0tLSDAbnvttkJWMto_8pVChl7owRq_o5iy4d3S94BE8NFIHsCHOg==
Age: 4276
vlry5l4j5gbn.com/d22a13db9420b0963edab10cbc0f747a/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/d22a13db9420b0963edab10cbc0f747a/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
GET /d22a13db9420b0963edab10cbc0f747a/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16fdabffe03a80e85a4cc81597a398c9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 2503cf29d39301ee0679cfb64019dd37
1795fd201bd49c08b513d25b863537b144cb1a63
612bc1e8c2160e36c14a775a8a20e1f98a12806f5fafd0af7164cbe3175f186c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://blaytonhayder.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=f1392094-731f-491f-8e91-b443e82161c5:1:1; expires=Tue, 23 Nov 2032 18:36:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 2503cf29d39301ee0679cfb64019dd37
1795fd201bd49c08b513d25b863537b144cb1a63
612bc1e8c2160e36c14a775a8a20e1f98a12806f5fafd0af7164cbe3175f186c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Cookie: uid_id2=f1392094-731f-491f-8e91-b443e82161c5:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://blaytonhayder.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
boardgames-bg.com/images/thumbnails/250/250/detailed/24/15187__1_.jpg
164.138.217.8200 OK 20 kB URL HTTP/2 boardgames-bg.com/images/thumbnails/250/250/detailed/24/15187__1_.jpg
IP 164.138.217.8:0
ASN #201200 SuperHosting.BG Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 89", baseline, precision 8, 250x250, components 3\012- data
Hash 6cfb04001bdce62395ee1c68eb30e35a
82d7a904d3d8a10185053b935a47b4c060e12767
2caa6fc494aaef50cf11c60316a8bb1e82fbd7724733e8c06ee41f735b0991f8
GET /images/thumbnails/250/250/detailed/24/15187__1_.jpg HTTP/1.1
Host: boardgames-bg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 20 Jan 2022 13:36:10 GMT
accept-ranges: bytes
content-length: 19933
cache-control: max-age=2592000, public
expires: Mon, 26 Dec 2022 18:36:29 GMT
access-control-allow-origin: *
vary: User-Agent
content-type: image/jpeg
date: Sat, 26 Nov 2022 18:36:29 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159365
Date: Sat, 26 Nov 2022 18:36:27 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:52:32 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7EC8)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -1WIpY6x_Qb5t9SoEEdn3E3hy2wFPR0_WdkZSh4nVnumvtHqYbaopA==
Age: 4889
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/04236ba8-38d0-4177-a92e-e9ece2becc59/de68877-972d8b83-3853-4d89-8090-4b9adc555357.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7InBhdGgiOiJcL2ZcLzA0MjM2YmE4LTM4ZDAtNDE3Ny1hOTJlLWU5ZWNlMmJlY2M1OVwvZGU2ODg3Ny05NzJkOGI4My0zODUzLTRkODktODA5MC00YjlhZGM1NTUzNTcucG5nIn1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmZpbGUuZG93bmxvYWQiXX0.SepNr4TxArcou9qTA_yRXlsojv4XAkNFlGZOinEBBXA
34.96.91.138200 OK 404 kB URL HTTP/2 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/04236ba8-38d0-4177-a92e-e9ece2becc59/de68877-972d8b83-3853-4d89-8090-4b9adc555357.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7InBhdGgiOiJcL2ZcLzA0MjM2YmE4LTM4ZDAtNDE3Ny1hOTJlLWU5ZWNlMmJlY2M1OVwvZGU2ODg3Ny05NzJkOGI4My0zODUzLTRkODktODA5MC00YjlhZGM1NTUzNTcucG5nIn1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmZpbGUuZG93bmxvYWQiXX0.SepNr4TxArcou9qTA_yRXlsojv4XAkNFlGZOinEBBXA
IP 34.96.91.138:0
File type PNG image data, 750 x 750, 8-bit/color RGBA, non-interlaced\012- data
Size 404 kB (404501 bytes)
Hash cc8a06dedb3e9c92f2ce987c30f6c1b1
c638fdc5a574bf55b7a30a9777e3a77c79236d23
bec5b3a3045560837703d5495b5de5516877e8acadab2410c5fe993933444684
GET /f/04236ba8-38d0-4177-a92e-e9ece2becc59/de68877-972d8b83-3853-4d89-8090-4b9adc555357.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7InBhdGgiOiJcL2ZcLzA0MjM2YmE4LTM4ZDAtNDE3Ny1hOTJlLWU5ZWNlMmJlY2M1OVwvZGU2ODg3Ny05NzJkOGI4My0zODUzLTRkODktODA5MC00YjlhZGM1NTUzNTcucG5nIn1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmZpbGUuZG93bmxvYWQiXX0.SepNr4TxArcou9qTA_yRXlsojv4XAkNFlGZOinEBBXA HTTP/1.1
Host: images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
content-length: 404501
content-type: image/png
wix-tracer: 2I62bunbnBFAeJ8LTGSe1kcHdWr
x-seen-by: image-manipulator-554998d6f5-plvsb
date: Sat, 26 Nov 2022 18:36:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 853f30b849065eddf6b542a5e7aa9959
dc4a41d2dfcf077d22226ff1036ca0f77f511033
5f34f3d14e3bd56748eb998685a7b351edba190253c863a44725e55b75c5c675
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://blaytonhayder.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; expires=Tue, 23 Nov 2032 18:36:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/88cd4cb71a4a075d33bfe174be93ce56/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/88cd4cb71a4a075d33bfe174be93ce56/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 064ecd0f8b09812054fb6e6468ae81d1
bef0947280a0f2fb278903e4a67da4aada434d63
e849984280e71fa15f25ef210551cdf0eae1a528aab4c0eb21429bbb90e61d7e
GET /88cd4cb71a4a075d33bfe174be93ce56/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f81c2157dc3a87451255f0944a61a674
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22
34.102.187.140200 OK 51 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (51208), with no line terminators
Hash 21b6a1c29930dd71addd901f726cce7d
fb0e9b091e6f6f41bbf72a4857653745b9f7ddba
7f75908497bee301b1803d7ec5a6ca5301de05da4c89832be9ab6e4f5e4884df
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51208
via: 1.1 google
date: Sat, 26 Nov 2022 18:16:27 GMT
cache-control: public,max-age=3600
age: 1200
last-modified: Fri, 25 Nov 2022 15:35:57 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 098e8dcc09f38de29860ae89b28c21b1
3c5ccfe3b71efef6f3acfb7f5ee213f22a96e8a8
8383c98bb3e318bb531d1079ec8d16bd83f0332c707d99805d54289eb65b6b89
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:28:28 GMT
Expires: Sat, 03 Dec 2022 15:28:27 GMT
Etag: "3c5ccfe3b71efef6f3acfb7f5ee213f22a96e8a8"
Cache-Control: max-age=592919,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7704bacd696db4fd-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669315595212&_since=%221666279968541%22
34.102.187.140200 OK 27 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669315595212&_since=%221666279968541%22
IP 34.102.187.140:0
File type ASCII text, with very long lines (27155), with no line terminators
Hash ac619cf3864a0cc124ef2d8917355b2c
e7deb60297e8951331382468d8ad9b1804e51139
5c5aad45a1d663bbb00d9021e9920bfa636f15fd04fbf35fd58bffc22ef865aa
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669315595212&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 27155
via: 1.1 google
date: Sat, 26 Nov 2022 18:28:47 GMT
cache-control: public,max-age=3600
age: 460
last-modified: Thu, 24 Nov 2022 18:46:35 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/e124288d5715c53f7d5b4e18d450019d/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/e124288d5715c53f7d5b4e18d450019d/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 3dca9164aad934077ca86dad68ec4b1f
e16c60b3061b149b9b3310adee0f85869a06d1e0
cabddcef537a7d14ff48ac30cea80206a026e997a1e98163d98be62af9e6354b
GET /e124288d5715c53f7d5b4e18d450019d/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d96d1258c3a70a7e0dbf277b5a8faee5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/ANbyha20ObMqXBVMXvZJYM5OiZPxHidZ9n4EtAWpLC6dOB78Q_uYtO0mF_kEatd43BLIB5gxLYLMIuJLvhOyoL9Jfs0h1QFnw33isw15YS6fZPsic1xWuH1zx0NFVqHuF8DfKYmifxK0VicUUcLi4KkTLA=w72-h72-p-k-no-nu
142.250.74.33200 OK 2.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha20ObMqXBVMXvZJYM5OiZPxHidZ9n4EtAWpLC6dOB78Q_uYtO0mF_kEatd43BLIB5gxLYLMIuJLvhOyoL9Jfs0h1QFnw33isw15YS6fZPsic1xWuH1zx0NFVqHuF8DfKYmifxK0VicUUcLi4KkTLA=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 123ca9625ffc47ee4e285f7802092dbd
de8b0f3d7fcfacdc627c7d5a4dfb7de70e0c6744
dc43790bd7d25abb268ae85e6459d0c0f599481e98c8ab554390e086ad952297
GET /blogger_img_proxy/ANbyha20ObMqXBVMXvZJYM5OiZPxHidZ9n4EtAWpLC6dOB78Q_uYtO0mF_kEatd43BLIB5gxLYLMIuJLvhOyoL9Jfs0h1QFnw33isw15YS6fZPsic1xWuH1zx0NFVqHuF8DfKYmifxK0VicUUcLi4KkTLA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 18:36:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 18:36:27 GMT
server: fife
content-length: 2660
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
34.102.187.140200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 673c0c8594251318f6ddab69439200f0
dfdfdbaa6ea4d5e1f2b58917573fa74c84b73f96
26808cb3b91051a2e383451dad0b069836788756c6a97faba58fc23d11a88477
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Sat, 26 Nov 2022 17:57:24 GMT
cache-control: public,max-age=3600
age: 2343
last-modified: Mon, 31 Oct 2022 17:42:02 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9dd99424d7fdef2ba07ed2df5e93e5ba
8cbad8b675aa34acf63f8244d9a35c4fe7a6e960
fb2c1e21824f9e5486f33c27233d69216011008c7055f590f2a5c8dcea468d47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB2C1E21824F9E5486F33C27233D69216011008C7055F590F2A5C8DCEA468D47"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11695
Expires: Sat, 26 Nov 2022 21:51:22 GMT
Date: Sat, 26 Nov 2022 18:36:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:13:13 GMT
expires: Tue, 21 Nov 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 422594
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:30:59 GMT
expires: Thu, 23 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 255928
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0433c0d31b980656a8b4a86040cb97f
3d0d0bd1d92bbd79f134a6fa2450aa5fecb6bf85
71e50b52054bc0b5b5da7dfa37e92059c326457eb179ef0a66a5c42372b58d3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71E50B52054BC0B5B5DA7DFA37E92059C326457EB179EF0A66A5C42372B58D3E"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Sat, 26 Nov 2022 19:59:05 GMT
Date: Sat, 26 Nov 2022 18:36:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb94e995a767b935ba97c3206755939f
c9d8a9aa86dc38d51e5edc11eb4741e9d0ea6e7e
f8b5fa3f58fafbb8816194fd31588550529e8e7f4f674e994f250c4828b131af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B5FA3F58FAFBB8816194FD31588550529E8E7F4F674E994F250C4828B131AF"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17412
Expires: Sat, 26 Nov 2022 23:26:39 GMT
Date: Sat, 26 Nov 2022 18:36:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb94e995a767b935ba97c3206755939f
c9d8a9aa86dc38d51e5edc11eb4741e9d0ea6e7e
f8b5fa3f58fafbb8816194fd31588550529e8e7f4f674e994f250c4828b131af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B5FA3F58FAFBB8816194FD31588550529E8E7F4F674E994F250C4828B131AF"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17412
Expires: Sat, 26 Nov 2022 23:26:39 GMT
Date: Sat, 26 Nov 2022 18:36:27 GMT
Connection: keep-alive
parkingridiculous.com/watch.239908860339.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 parkingridiculous.com/watch.239908860339.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.239908860339.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://parkingridiculous.com/watch.239908860339.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=922dab6a994c3da3313b032bb47b6f600e2828b9338439fcf329c8ef39f7604004f726a29f5943a7a4208a876988799b5801a943a067703ac470c425e64e8125c9aab3a19e70a09768a35c235e9435fc6f0659dc&pst=1669487847&rmtc=t
Set-Cookie: u_pl=17710511; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8yMDIyLzExLzEyLW5lZWRsZS1ibGlnaHQtNWUuaHRtbCJ9fQ.IxngmcRb1MIEZMrxIFMs6RSRs5mbnWmOsoSMEo3y7VA; expires=Sat, 26 Nov 2022 18:37:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3cf12b22cd44571f7dff76e32baddb84
Strict-Transport-Security: max-age=0; includeSubdomains
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1482), with no line terminators
Hash 151df207a4786253007ead8264c7a9fe
ef39481d3f610c25b27836fb375e24ac0f3c6b47
352e05fd634451861f76ed1790e01b4f9f8d8fe3993464263f846ada17eb343e
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1482
via: 1.1 google
date: Sat, 26 Nov 2022 17:42:30 GMT
cache-control: public,max-age=3600
age: 3237
last-modified: Wed, 16 Nov 2022 14:02:20 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0HCiVPYbGVm1MgYSSy44pa1BrTSD3oTwyEEVSgPu1PB3GrXY5SViNUixOUF513YqbFdTJSboUUkEj4XNkEV91j4dqYuhdi79VpXWGx=s0-d
142.250.74.33200 OK 182 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0HCiVPYbGVm1MgYSSy44pa1BrTSD3oTwyEEVSgPu1PB3GrXY5SViNUixOUF513YqbFdTJSboUUkEj4XNkEV91j4dqYuhdi79VpXWGx=s0-d
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 655x850, components 3\012- data
Size 182 kB (181980 bytes)
Hash 6263c2154a44b6ed8b8e2733c283e807
076b31051f6e0350e009ce826746fe73e059ef16
efe3806dc627d575be28443224fc668f2abccdca05d375a99fdfc61d9cb090e3
GET /blogger_img_proxy/ANbyha0HCiVPYbGVm1MgYSSy44pa1BrTSD3oTwyEEVSgPu1PB3GrXY5SViNUixOUF513YqbFdTJSboUUkEj4XNkEV91j4dqYuhdi79VpXWGx=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 18:36:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 18:36:27 GMT
server: fife
content-length: 181980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
majorityevaluatewiped.com/watch.1667160895880.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 majorityevaluatewiped.com/watch.1667160895880.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1667160895880.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1 HTTP/1.1
Host: majorityevaluatewiped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://majorityevaluatewiped.com/watch.1667160895880.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=cd0ac1b12561ae8d87d49e1124254ef7dccc2f31f1e1d542271fb29a760860e0516221a0e6d4223308804d3fbeccf404d11a1006d69f329c599c85251e46dc42fdbfdcaa6a5eefc2bb04ac2eec89892c0de90efb&pst=1669487847&rmtc=t
Set-Cookie: u_pl=17710833; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8yMDIyLzExLzEyLW5lZWRsZS1ibGlnaHQtNWUuaHRtbCJ9fQ.cAokr8V1XT6hfE4HtjMyJgu5CpqeV8QCbWLV5cBsCHw; expires=Sat, 26 Nov 2022 18:37:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 222e0bbe14b16f7258f829417896b849
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 15442b0808c5d6324d8abbcf530fd024
6345943f61f535f9ce1e95911cc1746df8c289cc
0c52e416df30432ba5857bdbdc0a6fa9bcf0c9c8d829c5e75e865a6d834444bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C52E416DF30432BA5857BDBDC0A6FA9BCF0C9C8D829C5E75E865A6D834444BB"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7702
Expires: Sat, 26 Nov 2022 20:44:49 GMT
Date: Sat, 26 Nov 2022 18:36:27 GMT
Connection: keep-alive
parkingridiculous.com/watch.239908860339.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=922dab6a994c3da3313b032bb47b6f600e2828b9338439fcf329c8ef39f7604004f726a29f5943a7a4208a876988799b5801a943a067703ac470c425e64e8125c9aab3a19e70a09768a35c235e9435fc6f0659dc&pst=1669487847&rmtc=t
192.243.59.20200 OK 2.1 kB URL HTTP/1.1 parkingridiculous.com/watch.239908860339.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=922dab6a994c3da3313b032bb47b6f600e2828b9338439fcf329c8ef39f7604004f726a29f5943a7a4208a876988799b5801a943a067703ac470c425e64e8125c9aab3a19e70a09768a35c235e9435fc6f0659dc&pst=1669487847&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2617)
Hash 18a47b536e250c2f5152fe803f7ed58a
53b8660f3db506681abba2e1fc50ebb97a2c132a
b3e5d80812dbb49d451a2a833474e864f0808f68382a4398e7ee15cfedaf6814
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.239908860339.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=922dab6a994c3da3313b032bb47b6f600e2828b9338439fcf329c8ef39f7604004f726a29f5943a7a4208a876988799b5801a943a067703ac470c425e64e8125c9aab3a19e70a09768a35c235e9435fc6f0659dc&pst=1669487847&rmtc=t HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Referer: https://blaytonhayder.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17710511; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8yMDIyLzExLzEyLW5lZWRsZS1ibGlnaHQtNWUuaHRtbCJ9fQ.IxngmcRb1MIEZMrxIFMs6RSRs5mbnWmOsoSMEo3y7VA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f1392094-731f-491f-8e91-b443e82161c5:1:1; expires=Sat, 03 Dec 2022 18:36:27 GMT; secure; SameSite=None
iprcc02861e256cb26ec81d7725befa3dcff=3569807; expires=Sat, 26 Nov 2022 22:36:27 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
uncs27=1; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afb85b9dd9cb18957a4143d9c1ff00f2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.1083243078590.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 specialistinsensitive.com/watch.1083243078590.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1083243078590.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://specialistinsensitive.com/watch.1083243078590.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&shu=fa2adf9e5100ab60be673a0bdd82501ff3ae45cdd235892da42f0c725d502fb5a3a09eb8b5a10682efaa0a60c7aad8d90b786af480a0d99e28b9a801714ab16d56e14f12e3cadd601ddd0a822146ec69c4eb40e8&pst=1669487847&rmtc=t
Set-Cookie: u_pl=17710782; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDc4MiwiayI6IjAwOTUxYjM3YTVhM2UwZTYwZjhiMzY3OGQxM2E5MjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJzNnJxYnA0NWppIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmxheXRvbmhheWRlci5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMi1uZWVkbGUtYmxpZ2h0LTVlLmh0bWwifX0.PEGTT9bCPZxN9h86fdA9wUDyEudFTy3iJuDWvLq_hmU; expires=Sat, 26 Nov 2022 18:37:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 451e10eb78e1278f2b2dd951ebc7a8e0
Strict-Transport-Security: max-age=0; includeSubdomains
specialistinsensitive.com/watch.1454292572132.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 specialistinsensitive.com/watch.1454292572132.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1454292572132.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://specialistinsensitive.com/watch.1454292572132.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=08b947f975adc2ac016b5210f2b90a48a2185aeab85e3ca63460b211233401de7215aa1667d384b677a5c56d77a2169ab01b3a98f522b521b5f7ee004a87daee0f4a000c0858d33e6a6b448065f28819659543&pst=1669487847&rmtc=t
Set-Cookie: u_pl=17710463; expires=Sun, 27 Nov 2022 18:36:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JsYXl0b25oYXlkZXIuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMTItbmVlZGxlLWJsaWdodC01ZS5odG1sIn19.iSogapqoN_quCVCYrWN7NriBEJHN_nLD66eEdXIlBs0; expires=Sat, 26 Nov 2022 18:37:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a62ec9051b7a1c8ac5cc92e264af88ea
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10125
Expires: Sat, 26 Nov 2022 21:25:13 GMT
Date: Sat, 26 Nov 2022 18:36:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10125
Expires: Sat, 26 Nov 2022 21:25:13 GMT
Date: Sat, 26 Nov 2022 18:36:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10125
Expires: Sat, 26 Nov 2022 21:25:13 GMT
Date: Sat, 26 Nov 2022 18:36:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10125
Expires: Sat, 26 Nov 2022 21:25:13 GMT
Date: Sat, 26 Nov 2022 18:36:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 48720
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 40982
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LDrq5UcFhG63XFZhmeS5Z_mEkwrvuQ2bLfT8hV9I3E1s1lJLZF5Dww==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
age: 75004
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 74243
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 75172
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 72199
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/watch.61327369742.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 whiskerssituationdisturb.com/watch.61327369742.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.61327369742.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://whiskerssituationdisturb.com/watch.61327369742.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&shu=af780aa0dbd0b75da90c58334f0f6f07a289349547434b2d28b2b377bf6c0c43c6252efb85852ca8ba31884161b016195e072e3bda4c3f2030ee7219c43e51f7d0e85de09bf417f4c20b7adbaabdd92459d3fca2abf4015b4b8e99ab3d6669&pst=1669487848&rmtc=t
Set-Cookie: u_pl=17857670; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8yMDIyLzExLzEyLW5lZWRsZS1ibGlnaHQtNWUuaHRtbCJ9fQ.O7yN6AGF8yqzDw_ZvP-oaZI_lSeu6chVXsd7hUVPQ9M; expires=Sat, 26 Nov 2022 18:37:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c743071cc3fa9dbf1004d19e02a5bf7a
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d544e647515cb189a384f9c20ec9bd24
b7b52713f8f4c02a47192ef56456e16d0ca408a9
375fc9ebeb579498db5f3df773f4a94debbab4b0f809abc2fa414e9c2bea052c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375FC9EBEB579498DB5F3DF773F4A94DEBBAB4B0F809ABC2FA414E9C2BEA052C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3785
Expires: Sat, 26 Nov 2022 19:39:33 GMT
Date: Sat, 26 Nov 2022 18:36:28 GMT
Connection: keep-alive
specialistinsensitive.com/watch.1454292572132.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=08b947f975adc2ac016b5210f2b90a48a2185aeab85e3ca63460b211233401de7215aa1667d384b677a5c56d77a2169ab01b3a98f522b521b5f7ee004a87daee0f4a000c0858d33e6a6b448065f28819659543&pst=1669487847&rmtc=t
192.243.61.225200 OK 642 B URL HTTP/1.1 specialistinsensitive.com/watch.1454292572132.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=08b947f975adc2ac016b5210f2b90a48a2185aeab85e3ca63460b211233401de7215aa1667d384b677a5c56d77a2169ab01b3a98f522b521b5f7ee004a87daee0f4a000c0858d33e6a6b448065f28819659543&pst=1669487847&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 0babb26e91112bad4dd7f6c99eac7bbd
e14632363983ed23a308e3c059426c9ad3e1e6cf
1ec853351db224a3c6d12eb4c96c34210d378c466a256752757e4a2503d1bab2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1454292572132.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f1392094-731f-491f-8e91-b443e82161c5%3A1%3A1&shu=08b947f975adc2ac016b5210f2b90a48a2185aeab85e3ca63460b211233401de7215aa1667d384b677a5c56d77a2169ab01b3a98f522b521b5f7ee004a87daee0f4a000c0858d33e6a6b448065f28819659543&pst=1669487847&rmtc=t HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blaytonhayder.blogspot.com
Referer: https://blaytonhayder.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17710463; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JsYXl0b25oYXlkZXIuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMTItbmVlZGxlLWJsaWdodC01ZS5odG1sIn19.iSogapqoN_quCVCYrWN7NriBEJHN_nLD66eEdXIlBs0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f1392094-731f-491f-8e91-b443e82161c5:1:1; expires=Sat, 03 Dec 2022 18:36:28 GMT; secure; SameSite=None
iprc2d5e57af754e0fad58a88f6dd08ecc92=2717340; expires=Sun, 27 Nov 2022 20:36:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a49b051b9e3ccc845dada5be3cd1044
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
34.102.187.140200 OK 681 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash eaee4fcc2a30b5cb65768e7228765063
a618faa6e4c7c412584de1dbc760a8067e32b7d7
20565fc5642a0bc063da8706ee310dd2512ee2a096a39976c34056a13a2bc2f6
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Sat, 26 Nov 2022 18:11:27 GMT
cache-control: public,max-age=3600
age: 1501
last-modified: Sun, 20 Nov 2022 16:36:52 GMT
etag: "1668962212585"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
specialistinsensitive.com/watch.1083243078590?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
192.243.61.225200 OK 1.2 kB URL HTTP/1.1 specialistinsensitive.com/watch.1083243078590?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (530)
Hash 5cbf41838f47c736a5cbdca1d2a6121b
d63aaaa91af55d78211fe646bdde6b9943568c37
3430c2afc74bbb3645fc525f49c8ee47d4f9dd0ba2f84abd11c45369af12b4ca
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1083243078590?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Cookie: u_pl=17710463; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JsYXl0b25oYXlkZXIuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMTItbmVlZGxlLWJsaWdodC01ZS5odG1sIn19.iSogapqoN_quCVCYrWN7NriBEJHN_nLD66eEdXIlBs0; uid_id2=f1392094-731f-491f-8e91-b443e82161c5:1:1; iprc2d5e57af754e0fad58a88f6dd08ecc92=2717340; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17710463,17710782; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDc4MiwiayI6IjAwOTUxYjM3YTVhM2UwZTYwZjhiMzY3OGQxM2E5MjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJzNnJxYnA0NWppIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmxheXRvbmhheWRlci5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMi1uZWVkbGUtYmxpZ2h0LTVlLmh0bWwifX0.kKU6rDhCMBOWOm8uvnhRhXeNreqaWXL4s5oxcVpKpd0; expires=Sat, 26 Nov 2022 18:37:28 GMT; secure; SameSite=None
uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; expires=Sat, 03 Dec 2022 18:36:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3dd3cddda1692ddb529cccdbeaa29fc8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 202f8030219491c4a368c475aaa98861
b3f7120107465db6e1eb7a21efb451253a30e31e
379786244e20b5c0d5ed80b9f3c03e9a964615c7df36764c9d96528290754de4
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Sat, 26 Nov 2022 18:18:48 GMT
cache-control: public,max-age=3600
age: 1060
last-modified: Thu, 27 Oct 2022 18:14:21 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1f6b302933d460ab447356556838501c
00d2123ec7f0ef5bf0d648bf4d15e69cd9902f4e
8240f397607869e239c216ca93f78f84e25299c0ad4e7483b2bd53f7861142f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8240F397607869E239C216CA93F78F84E25299C0AD4E7483B2BD53F7861142F0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3592
Expires: Sat, 26 Nov 2022 19:36:20 GMT
Date: Sat, 26 Nov 2022 18:36:28 GMT
Connection: keep-alive
specialistinsensitive.com/watch.1083243078590?shu=34dfeb763cebf8c9782c442c44823b36b3cbcd60d2488b5328b4bf758dde7e0dc81e35bc405e684cf8644e326ff8d4d27c190dfff727fe8c3bdbd7c1b538e619c09c97a68709482b5b20d1540b91491112f64d78&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=00951b37a5a3e0e60f8b3678d13a9282&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&tz=0&dev=e&res=12.1055
192.243.61.225200 OK 1.8 kB URL HTTP/1.1 specialistinsensitive.com/watch.1083243078590?shu=34dfeb763cebf8c9782c442c44823b36b3cbcd60d2488b5328b4bf758dde7e0dc81e35bc405e684cf8644e326ff8d4d27c190dfff727fe8c3bdbd7c1b538e619c09c97a68709482b5b20d1540b91491112f64d78&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=00951b37a5a3e0e60f8b3678d13a9282&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2572)
Hash e19ca6528f628f3cb32f08893a515c44
86f4804ea88b3b14445cf7d1e0bf85619ce00b79
82a1a5b6572f400a4924dce7092f634b8a89f5f24e78886c251a89f0a0084922
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1083243078590?shu=34dfeb763cebf8c9782c442c44823b36b3cbcd60d2488b5328b4bf758dde7e0dc81e35bc405e684cf8644e326ff8d4d27c190dfff727fe8c3bdbd7c1b538e619c09c97a68709482b5b20d1540b91491112f64d78&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=00951b37a5a3e0e60f8b3678d13a9282&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://specialistinsensitive.com/watch.1083243078590?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
Cookie: u_pl=17710463,17710782; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDc4MiwiayI6IjAwOTUxYjM3YTVhM2UwZTYwZjhiMzY3OGQxM2E5MjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJzNnJxYnA0NWppIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmxheXRvbmhheWRlci5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMi1uZWVkbGUtYmxpZ2h0LTVlLmh0bWwifX0.kKU6rDhCMBOWOm8uvnhRhXeNreqaWXL4s5oxcVpKpd0; uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; iprc2d5e57af754e0fad58a88f6dd08ecc92=2717340; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; expires=Sat, 03 Dec 2022 18:36:28 GMT; secure; SameSite=None
uncs=2; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
uncs32=1; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d1e595672f92c0c94b762f5250b7e3a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
majorityevaluatewiped.com/watch.1667160895880?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
192.243.59.13200 OK 1.2 kB URL HTTP/1.1 majorityevaluatewiped.com/watch.1667160895880?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (530)
Hash ec86d7fd99f896b4b4fe08bb1f440300
822c12667ec9817542313b58301a1c0082830ba6
afa747b6456c46245126b56ca8a4270386e219e1d7e6932fdf21ff269de2a6f6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1667160895880?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1 HTTP/1.1
Host: majorityevaluatewiped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Cookie: u_pl=17710833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8yMDIyLzExLzEyLW5lZWRsZS1ibGlnaHQtNWUuaHRtbCJ9fQ.cAokr8V1XT6hfE4HtjMyJgu5CpqeV8QCbWLV5cBsCHw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmxheXRvbmhheWRlci5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMi1uZWVkbGUtYmxpZ2h0LTVlLmh0bWwifX0.IO9-H9Me4Nwx7jRR_qrgpVEm9asUTjckZxDmJtYAtKw; expires=Sat, 26 Nov 2022 18:37:28 GMT; secure; SameSite=None
uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; expires=Sat, 03 Dec 2022 18:36:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae7efa49cfd5b122b1ff728d7856215e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
whiskerssituationdisturb.com/watch.61327369742?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 whiskerssituationdisturb.com/watch.61327369742?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (530)
Hash cbd47effbdb6483c46fd8d0b6cf66f38
294abb781f9633c9aeee538726b4b2d0d1b4ec39
07cfe38755937935ca06ad99b031d6664e36f696efa60ecdb254623a0498c2d4
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.61327369742?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Cookie: u_pl=17857670; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8yMDIyLzExLzEyLW5lZWRsZS1ibGlnaHQtNWUuaHRtbCJ9fQ.O7yN6AGF8yqzDw_ZvP-oaZI_lSeu6chVXsd7hUVPQ9M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmxheXRvbmhheWRlci5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMi1uZWVkbGUtYmxpZ2h0LTVlLmh0bWwifX0.T4kF2Yk2u0xMf_YbD9f5CyOBxPoLqIuVJE6l_Ug6tiE; expires=Sat, 26 Nov 2022 18:37:28 GMT; secure; SameSite=None
uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; expires=Sat, 03 Dec 2022 18:36:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 57eb1baa0c4e7a8c8c4423afcc135fe0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/5f/51/a1/5f51a11c755e0d77cf76814914ae3d2f/1632783496.jpg
45.133.44.10200 OK 36 kB URL HTTP/2 cdn.cloudimagesb.com/bi/5f/51/a1/5f51a11c755e0d77cf76814914ae3d2f/1632783496.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.5 (Windows), datetime=2021:09:24 13:02:27], baseline, precision 8, 320x50, components 3\012- data
Hash a03c34ae75f1b7cc818ef592b944c213
32ac96f009dc518193b5c75945c7a83346e997be
e7d9e0de7f4db4aafd3dca00c54c34578739861a07147ef37cb98ebda26212b0
GET /bi/5f/51/a1/5f51a11c755e0d77cf76814914ae3d2f/1632783496.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://specialistinsensitive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:28 GMT
content-type: image/jpeg
content-length: 35925
server: nginx/1.17.6
last-modified: Mon, 27 Sep 2021 22:58:26 GMT
etag: "61524c92-8c55"
expires: Mon, 28 Nov 2022 18:36:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710463
192.243.61.227200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710463
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3d600bb72f0b023fd73392b2651d4184
ac49aa4f6050832f09ad95f62b11f29fba245719
e336c93db6fece9197f95d0657f8239b5917714dfe3402632cc2cb311ee4ad68
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710463 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sun, 27 Nov 2022 18:36:28 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3MTA0NjMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8ifX0.IjRnPIhGwRxqDRjBddomn1TMjsJx0I5R3yOoA2jkdC0; expires=Sat, 26 Nov 2022 18:37:28 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd2873220c5863cee40bae5c947389d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
majorityevaluatewiped.com/watch.1667160895880?shu=5f0bd10fed00b2dae4983a8b3071ef8cff98a5698b855bbb1357877fa40c9407b32d299d2fa3517616953f73cda6eddb22247b5d9af369c0462bc9462e6a354c773ac753ef427acbadaf4dfe24766ce7ce1048&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=57a0c67745db5b2b0e01092b4ababddf&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 majorityevaluatewiped.com/watch.1667160895880?shu=5f0bd10fed00b2dae4983a8b3071ef8cff98a5698b855bbb1357877fa40c9407b32d299d2fa3517616953f73cda6eddb22247b5d9af369c0462bc9462e6a354c773ac753ef427acbadaf4dfe24766ce7ce1048&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=57a0c67745db5b2b0e01092b4ababddf&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2504)
Hash 1243388c0f6d233d659ad85e6c8b5482
6598ef31ae9633af21ae19dfe46573fe5e831efd
bb2097cd09e39de40d90f90296a8f2d6e643b0fae72992c9b2af3c7c67a27cc6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1667160895880?shu=5f0bd10fed00b2dae4983a8b3071ef8cff98a5698b855bbb1357877fa40c9407b32d299d2fa3517616953f73cda6eddb22247b5d9af369c0462bc9462e6a354c773ac753ef427acbadaf4dfe24766ce7ce1048&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=57a0c67745db5b2b0e01092b4ababddf&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D HTTP/1.1
Host: majorityevaluatewiped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://majorityevaluatewiped.com/watch.1667160895880?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
Cookie: u_pl=17710833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmxheXRvbmhheWRlci5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMi1uZWVkbGUtYmxpZ2h0LTVlLmh0bWwifX0.IO9-H9Me4Nwx7jRR_qrgpVEm9asUTjckZxDmJtYAtKw; uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; expires=Sat, 03 Dec 2022 18:36:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d2e82e9707494edbc199e09b1a51317
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
whiskerssituationdisturb.com/watch.61327369742?shu=cd4bc9b97ece996762081664bf95875b02c011d82699f2a3b484fc6bc2f23110a3aa69b512b5b3042c93cb28620d2e2430431d05e78bf4762dbb6dbfd9dcee6c1b214ca82dbba47f7937edfc631a6c06ee0c20741ac289cc24867b81511f7a&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=e124288d5715c53f7d5b4e18d450019d&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D
192.243.59.20200 OK 1.8 kB URL HTTP/1.1 whiskerssituationdisturb.com/watch.61327369742?shu=cd4bc9b97ece996762081664bf95875b02c011d82699f2a3b484fc6bc2f23110a3aa69b512b5b3042c93cb28620d2e2430431d05e78bf4762dbb6dbfd9dcee6c1b214ca82dbba47f7937edfc631a6c06ee0c20741ac289cc24867b81511f7a&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=e124288d5715c53f7d5b4e18d450019d&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2459)
Hash e7595ee88d492dad6e427d2f55a468fe
e2812cf20d67686a39a7e6babb867c9795a9f71a
6af33c78832bacdc01469bc167d97dccca28b10f0b43cb940e02a4814c804518
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.61327369742?shu=cd4bc9b97ece996762081664bf95875b02c011d82699f2a3b484fc6bc2f23110a3aa69b512b5b3042c93cb28620d2e2430431d05e78bf4762dbb6dbfd9dcee6c1b214ca82dbba47f7937edfc631a6c06ee0c20741ac289cc24867b81511f7a&pst=1669487848&rmtc=t&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1&pii=&in=false&key=e124288d5715c53f7d5b4e18d450019d&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiskerssituationdisturb.com/watch.61327369742?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2212%2B%22%2C%22needle%22%2C%22blight%22%2C%225e%22%2C%22-%22%2C%22blaytonhayder%22%5D&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F2022%2F11%2F12-needle-blight-5e.html&tz=0&dev=e&res=12.1055&uuid=f9034a7c-48a0-4f69-a093-a225926db2d2%3A3%3A1
Cookie: u_pl=17857670; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmxheXRvbmhheWRlci5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMi1uZWVkbGUtYmxpZ2h0LTVlLmh0bWwifX0.T4kF2Yk2u0xMf_YbD9f5CyOBxPoLqIuVJE6l_Ug6tiE; uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 18:36:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
Access-Control-Allow-Origin: https://blaytonhayder.blogspot.com/2022/11/12-needle-blight-5e.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f9034a7c-48a0-4f69-a093-a225926db2d2:3:1; expires=Sat, 03 Dec 2022 18:36:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
pdhtkv26=true; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
uncs26=1; expires=Sun, 27 Nov 2022 18:36:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f495184262e054310b21d2f9d28829bf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=4782fefcefce3470a5e9e2398530a12ee167c89d4fc9d78354205d624fb17d974b1938f949a1967b4c8d8e2c7606ae83ac22ed82705dddcb9fd0436efcc44073cec6f367bd1646fa1b3e313914f40903bd074ae2&pst=1669487848&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F&psid=17710463
192.243.61.227302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=4782fefcefce3470a5e9e2398530a12ee167c89d4fc9d78354205d624fb17d974b1938f949a1967b4c8d8e2c7606ae83ac22ed82705dddcb9fd0436efcc44073cec6f367bd1646fa1b3e313914f40903bd074ae2&pst=1669487848&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F&psid=17710463
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=4782fefcefce3470a5e9e2398530a12ee167c89d4fc9d78354205d624fb17d974b1938f949a1967b4c8d8e2c7606ae83ac22ed82705dddcb9fd0436efcc44073cec6f367bd1646fa1b3e313914f40903bd074ae2&pst=1669487848&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fblaytonhayder.blogspot.com%2F&psid=17710463 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3MTA0NjMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ibGF5dG9uaGF5ZGVyLmJsb2dzcG90LmNvbS8ifX0.IjRnPIhGwRxqDRjBddomn1TMjsJx0I5R3yOoA2jkdC0; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c0ec445a44233bfb711e0b67221924&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
Set-Cookie: iprcf8443d67fc89071e54e5119f0202352c=3806410; expires=Sun, 27 Nov 2022 18:36:29 GMT
pdhtkv=true; expires=Sun, 27 Nov 2022 18:36:29 GMT
uncs=1; expires=Sun, 27 Nov 2022 18:36:29 GMT
pdhtkv28=true; expires=Sun, 27 Nov 2022 18:36:29 GMT
uncs28=1; expires=Sun, 27 Nov 2022 18:36:29 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1d9c97557bfa29cba274637322943770
Strict-Transport-Security: max-age=0; includeSubdomains
spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c0ec445a44233bfb711e0b67221924&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
78.46.92.254302 Found 0 B URL HTTP/1.1 spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c0ec445a44233bfb711e0b67221924&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c0ec445a44233bfb711e0b67221924&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other HTTP/1.1
Host: spo76rt28r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h917vc373y; expires=Sun, 27-Nov-2022 18:36:29 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h917vc373y-h917vc373y-17dz-166o-ir8n-bza7-oje8-e6c6dc; expires=Sun, 27-Nov-2022 18:36:29 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://bo2217ok3tro9.com/1/?lpkey=160469d9488680d089&uclick=h917vc373y&uclickhash=h917vc373y-h917vc373y-17dz-166o-ir8n-bza7-oje8-e6c6dc
Strict-Transport-Security: max-age=31536000
bo2217ok3tro9.com/1/?lpkey=160469d9488680d089&uclick=h917vc373y&uclickhash=h917vc373y-h917vc373y-17dz-166o-ir8n-bza7-oje8-e6c6dc
78.46.92.254200 OK 1.4 kB URL HTTP/1.1 bo2217ok3tro9.com/1/?lpkey=160469d9488680d089&uclick=h917vc373y&uclickhash=h917vc373y-h917vc373y-17dz-166o-ir8n-bza7-oje8-e6c6dc
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0bbb113ff85b78b6485a9783946e6948
8663005f0ad88c2a768937edb56177387103594d
70c7e9fa94eb5b8fb5b61e0ee25167ace062bea13773331f7d02814822fbf004
GET /1/?lpkey=160469d9488680d089&uclick=h917vc373y&uclickhash=h917vc373y-h917vc373y-17dz-166o-ir8n-bza7-oje8-e6c6dc HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c68738619a804148d1c723255009198
aa5b458f6fce0c4f4aef0623f3bf5d8c6f6cfafd
9707f3ee6320844cad2474031ec9651e771581031ca5b9d2fb21f899847b2892
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6440
Cache-Control: max-age=165951
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:30 GMT
Etag: "638228c5-117"
Expires: Mon, 28 Nov 2022 16:42:21 GMT
Last-Modified: Sat, 26 Nov 2022 14:55:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 26 Nov 2022 18:36:30 GMT
date: Sat, 26 Nov 2022 18:36:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.122.175302 Found 524 B URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.122.175:0
Hash 87a170d9eed5e4f9bc6b591a4d172850
b4643f94463bdc5cafc7745255c9de7f0d426da0
1b8a4a2c53e0712953c268a1824d0304f850fe706ddc79daee843702df445784
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 18:36:30 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJTKGGBGNYDEFMM17C1V6BFY-fra
cf-cache-status: HIT
age: 117
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7704bae03a8fb4f1-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e9605710b08ee6de2fd8d10bd09745bd
00c2031d3f037da54ad90b99a652d5b2c3776462
af775a56412f3ee226a84cbe81fd9d653f5dfd2326131b52b3d21f84dec066ad
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 18:36:30 GMT
expires: Sat, 26 Nov 2022 18:36:30 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bo2217ok3tro9.com/1/bg.png
78.46.92.254200 OK 61 kB URL HTTP/1.1 bo2217ok3tro9.com/1/bg.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 400 x 299, 8-bit grayscale, non-interlaced\012- data
Hash d7096ad35844972e015e865729d13235
42c79d98b50275dcc447bd61d845ee2ed52ae45e
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
GET /1/bg.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=160469d9488680d089&uclick=h917vc373y&uclickhash=h917vc373y-h917vc373y-17dz-166o-ir8n-bza7-oje8-e6c6dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:30 GMT
Content-Type: image/png
Content-Length: 61362
Last-Modified: Wed, 13 Jul 2022 07:58:38 GMT
Connection: keep-alive
ETag: "62ce7b2e-efb2"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
bo2217ok3tro9.com/favicon.png
78.46.92.254404 Not Found 114 B URL HTTP/1.1 bo2217ok3tro9.com/favicon.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /favicon.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=160469d9488680d089&uclick=h917vc373y&uclickhash=h917vc373y-h917vc373y-17dz-166o-ir8n-bza7-oje8-e6c6dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 18:36:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 18:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bo2217ok3tro9.com
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:12:22 GMT
expires: Sat, 25 Nov 2023 08:12:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 123848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 21873
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 0 B URL HTTP/2 bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
GET /ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 15:05:23 GMT
last-modified: Wed, 23 Nov 2022 12:52:13 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 271862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3r%2BTMr%2FwhhydG1FRcjvdB9Nqg%2BuUcZPgTQOwuv0uS5%2F9zsO9OeEwDyazE%2FY6dqwBYMowvNbphPS5Jt21Pfq6Uj0zfgOfc5pf6UkTEYDxXFiP42yhd4vTO7izD4bJKo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7704bac5ea3b0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/axios@1.2.0/dist/axios.min.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/axios@1.2.0/dist/axios.min.js
IP 104.16.122.175:0
GET /axios@1.2.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bo2217ok3tro9.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7396-Wc6sdIzlj1RsovoMRKQah8UZFhA"
via: 1.1 fly.io
fly-request-id: 01GJGC0D1SRCGJTEVMAF435H8Z-ams
cf-cache-status: HIT
age: 343528
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7704bae04aa5b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
104.21.28.72200 OK 0 B URL HTTP/2 bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 104.21.28.72:0
GET /ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:25 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 15:05:23 GMT
last-modified: Wed, 12 Oct 2022 12:23:53 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 271862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrH7FAjm0slmi8JmHQPNNAS8hkS58%2B15%2BAELQsO9ylPVfjWTovHDUFEfXFeRuOn5Ti7727YnnQP8WhwSl31oTgVDlMmVMwkDCSK29gz0V5Cccd5gtTStS4YlRU6NQoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7704bac5ba0e0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
5e.tools/img/adventure/DIP/039-blights-v3-corrected-foot.png
104.26.9.201200 OK 0 B URL HTTP/2 5e.tools/img/adventure/DIP/039-blights-v3-corrected-foot.png
IP 104.26.9.201:0
GET /img/adventure/DIP/039-blights-v3-corrected-foot.png HTTP/1.1
Host: 5e.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blaytonhayder.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 18:36:26 GMT
content-type: image/png
last-modified: Sat, 18 Sep 2021 10:18:13 GMT
vary: Accept-Encoding
etag: W/"6145bce5-587e8"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=691200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wO0nA9CBZKP8%2Bz3o4BOii2Fzr2bmGKJ287eqcfeiSwnKhdvIIU8iSSfQMcOgvLzZ64YG5dYp7J6aX2CLJIYxg%2BSdQFYiyxs2Bcp7XiXQS1Gvpxw47st4gDD2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7704bac89ffa0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2