pornstars-rock.blogspot.si/
302 Moved Temporarily 182 B URL HTTP/1.1 pornstars-rock.blogspot.si/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6c454dabde7c328a4320cdbfbbd92193
d146ac1cfb2913d660f02006e66a5f2d1ff545ed
4569a7ed8fe12db7f84ad6082a2bc2b2fed30aedda7c7a612ac41c1be5cf7973
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: pornstars-rock.blogspot.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://pornstars-rock.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 06 Oct 2022 08:43:38 GMT
Expires: Thu, 06 Oct 2022 08:43:38 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 182
Server: GSE
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mkR1mTd-azZ6qwmszqDqmcEPXn1DG64GWeHgEb_pGENwtOM2loU2UQ==
Age: 60980
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2548
Expires: Thu, 06 Oct 2022 09:26:06 GMT
Date: Thu, 06 Oct 2022 08:43:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CROMTnCRfzx__3VlZgyGRtv9LcZ2zoUyei2g5fEkD8gjZTFO-XVUPw==
age: 16866
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 08:43:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pornstars-rock.blogspot.com/
200 OK 19 kB URL HTTP/1.1 pornstars-rock.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3309)
Hash 4bad4f91fa35101ab038acef7883bc60
410d9748acd28eba2616f8d42d42df61f9c313f2
367bb699a3bb76162855c286c267cf19223e1370585b1a790f20cf7af7fc0875
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: pornstars-rock.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 06 Oct 2022 08:43:38 GMT
Date: Thu, 06 Oct 2022 08:43:38 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 17 Aug 2022 23:51:17 GMT
ETag: W/"95eab6e9d3c3df6918ce2f084cac974c1d6d0bc8e5e4670c5c3cad32f2898bb4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 18958
Server: GSE
pornstars-rock.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 pornstars-rock.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: pornstars-rock.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 21:31:21 GMT
Expires: Wed, 12 Oct 2022 21:31:21 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 17:03:17 GMT
Content-Type: text/javascript
Age: 40337
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 047374e90c9a1e02eb7294c0a9a316a2
3d043355314c0c408f547f1faafd3acd6d481f63
e01b0fb379931c35fd707f8cc75e2d6079f77fd5174c30b75934e130d68ed2a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Thu, 06 Oct 2022 08:43:38 GMT
expires: Thu, 06 Oct 2022 08:43:38 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/792789798-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/792789798-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 02e6bf311e18828a522b4d3a4079084f
a63cd373fa23b4fe11f938d57737e6bfa1ebe789
25d469843aa09be2473931d33aaa37b65ac371874bd98ca84ec780bead3e33e4
GET /static/v1/widgets/792789798-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 22:56:10 GMT
expires: Thu, 05 Oct 2023 22:56:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 04 Oct 2022 09:10:01 GMT
content-type: text/javascript
age: 35248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/_an09DaJ47B0/Si4HSMHe-9I/AAAAAAAAAAM/Z8fxI7hqAuQ/S220-s80/Buck.jpg
200 OK 3.7 kB URL HTTP/1.1 3.bp.blogspot.com/_an09DaJ47B0/Si4HSMHe-9I/AAAAAAAAAAM/Z8fxI7hqAuQ/S220-s80/Buck.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x73, components 3\012- data
Hash a3366433e1f7a6f8f66f959036081942
0daceac0eb5fae3747c64da1f066355f4a2d1725
16e305b8f55f94fb38e767a3b8f892368b29a61e4d9a0d3587ea2764a9f5c81d
GET /_an09DaJ47B0/Si4HSMHe-9I/AAAAAAAAAAM/Z8fxI7hqAuQ/S220-s80/Buck.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Buck.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3723
X-XSS-Protection: 0
Date: Thu, 06 Oct 2022 08:25:45 GMT
Expires: Thu, 06 Oct 2022 21:31:22 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1074
ETag: "v3"
Content-Type: image/jpeg
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 04:43:17 GMT
expires: Thu, 05 Oct 2023 04:43:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 04 Oct 2022 12:57:07 GMT
content-type: text/css
age: 100821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/_an09DaJ47B0/SkKnJgg9bTI/AAAAAAAAABQ/jRz9BSheulg/S670/GYPO-contributor.gif
200 OK 10 kB URL HTTP/1.1 4.bp.blogspot.com/_an09DaJ47B0/SkKnJgg9bTI/AAAAAAAAABQ/jRz9BSheulg/S670/GYPO-contributor.gif
IP
File type GIF image data, version 89a, 376 x 85\012- data
Hash bea2c48b0476a857981024a71e14c40a
5adcc485b84897e35984b454da414ef4c745007a
69e637e6e40af23dc1fbae301d0ab0058fdd0275dfc9dcb652fe743c6aac960a
GET /_an09DaJ47B0/SkKnJgg9bTI/AAAAAAAAABQ/jRz9BSheulg/S670/GYPO-contributor.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="GYPO-contributor.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 10297
X-XSS-Protection: 0
Date: Thu, 06 Oct 2022 08:25:45 GMT
Expires: Thu, 06 Oct 2022 21:31:22 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1074
ETag: "v43"
Content-Type: image/gif
www.getyourpornon.com/plp/1016/058.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1016/058.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1016/058.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1016/015.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1016/015.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1016/015.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1012/004.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1012/004.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1012/004.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/images/clear.gif
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/images/clear.gif
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/clear.gif HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1012/011.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1012/011.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1012/011.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1014/016.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1014/016.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1014/016.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1014/071.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1014/071.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1014/071.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1012/015.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1012/015.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1012/015.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1012/024.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1012/024.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1012/024.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/library/banners-blogs-vert.js
200 OK 7.3 kB URL HTTP/1.1 www.getyourpornon.com/library/banners-blogs-vert.js
IP
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (18045)
Hash 8bc1e812b09d78baf3ffaeb4488a19d7
3176099e0ec8eea7509ddff065bf1cc5940f0cdc
9aad6228d744beb93c7747b54a32d21520ca102c354a0246b951cc17a5ec3207
Analyzer Verdict Alert fortinet Malware
GET /library/banners-blogs-vert.js HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
X-Powered-By: PHP/7.2.34
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.getyourpornon.com/plp/1010/007.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1010/007.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1010/007.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1014/105.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1014/105.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1014/105.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1010/010.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1010/010.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1010/010.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.getyourpornon.com/plp/1010/019.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1010/019.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1010/019.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1011/001.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1011/001.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1011/001.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1011/027.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1011/027.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1011/027.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1011/026.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1011/026.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1011/026.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1001/017.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1001/017.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1001/017.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/images/GYPO-Fantasy-Blogs.gif
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/images/GYPO-Fantasy-Blogs.gif
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/GYPO-Fantasy-Blogs.gif HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
www.getyourpornon.com/plp/1000/013.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/plp/1000/013.jpg
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plp/1000/013.jpg HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 08:29:41 GMT
Expires: Thu, 06 Oct 2022 09:00:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZZWfdyWhB2QL5d9fh6w6907UP0UohsXzhMAKu5oNK31JINJcGzuBjg==
Age: 838
www.getyourpornon.com/images/blog-backgrounds/003-blog-bg-pornstar.gif
301 Moved Permanently 0 B URL HTTP/1.1 www.getyourpornon.com/images/blog-backgrounds/003-blog-bg-pornstar.gif
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/blog-backgrounds/003-blog-bg-pornstar.gif HTTP/1.1
Host: www.getyourpornon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://sex-paradise.com.ua/frontend/assets/images/main-logo.png
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 12:52:19 GMT
Expires: Wed, 19 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 71480
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a381864b7f4ceaed586564964b96037a
68c68c4f6af349fd1f620720600015a822d4ff9e
7d6b8355e09fcb5e58ff9ce7c985b4e64cff749d0953b7269c1dfb1fb9fd9f9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D6B8355E09FCB5E58FF9CE7C985B4E64CFF749D0953B7269C1DFB1FB9FD9F9E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2782
Expires: Thu, 06 Oct 2022 09:30:01 GMT
Date: Thu, 06 Oct 2022 08:43:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a381864b7f4ceaed586564964b96037a
68c68c4f6af349fd1f620720600015a822d4ff9e
7d6b8355e09fcb5e58ff9ce7c985b4e64cff749d0953b7269c1dfb1fb9fd9f9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D6B8355E09FCB5E58FF9CE7C985B4E64CFF749D0953B7269C1DFB1FB9FD9F9E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2782
Expires: Thu, 06 Oct 2022 09:30:01 GMT
Date: Thu, 06 Oct 2022 08:43:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a381864b7f4ceaed586564964b96037a
68c68c4f6af349fd1f620720600015a822d4ff9e
7d6b8355e09fcb5e58ff9ce7c985b4e64cff749d0953b7269c1dfb1fb9fd9f9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D6B8355E09FCB5E58FF9CE7C985B4E64CFF749D0953B7269C1DFB1FB9FD9F9E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2782
Expires: Thu, 06 Oct 2022 09:30:01 GMT
Date: Thu, 06 Oct 2022 08:43:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a381864b7f4ceaed586564964b96037a
68c68c4f6af349fd1f620720600015a822d4ff9e
7d6b8355e09fcb5e58ff9ce7c985b4e64cff749d0953b7269c1dfb1fb9fd9f9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D6B8355E09FCB5E58FF9CE7C985B4E64CFF749D0953B7269C1DFB1FB9FD9F9E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2782
Expires: Thu, 06 Oct 2022 09:30:01 GMT
Date: Thu, 06 Oct 2022 08:43:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a381864b7f4ceaed586564964b96037a
68c68c4f6af349fd1f620720600015a822d4ff9e
7d6b8355e09fcb5e58ff9ce7c985b4e64cff749d0953b7269c1dfb1fb9fd9f9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D6B8355E09FCB5E58FF9CE7C985B4E64CFF749D0953B7269C1DFB1FB9FD9F9E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2782
Expires: Thu, 06 Oct 2022 09:30:01 GMT
Date: Thu, 06 Oct 2022 08:43:39 GMT
Connection: keep-alive
sex-paradise.com.ua/frontend/assets/images/main-logo.png
200 OK 14 kB URL HTTP/1.1 sex-paradise.com.ua/frontend/assets/images/main-logo.png
IP
ASN #49981 WorldStream B.V.
File type PNG image data, 160 x 69, 8-bit/color RGB, non-interlaced\012- data
Hash fd5e189c3440bc8d68c6e3ba5d782dfa
f1269b884ffcf8a6bd419ae1e92bb0e52fb755d4
3dd80a7ff6210d4c7cac5cf3d90d6155c108a6d1f3b0026d85997e8ae7e02e4a
GET /frontend/assets/images/main-logo.png HTTP/1.1
Host: sex-paradise.com.ua
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pornstars-rock.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: image/png
Content-Length: 14460
Last-Modified: Mon, 26 Sep 2016 15:39:01 GMT
Connection: keep-alive
ETag: "57e94115-387c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, max-age=31536000, public
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 491b8a6a4947d8c5324dce3b4160b033
a9ad9f5d7b86353bc67d492321aaff8ad1a393a4
9d76ac2e972d7d6fb980f37d821cbe95ff66c7c54b37b762269d2fedfac2fc26
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D76AC2E972D7D6FB980F37D821CBE95FF66C7C54B37B762269D2FEDFAC2FC26"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11971
Expires: Thu, 06 Oct 2022 12:03:10 GMT
Date: Thu, 06 Oct 2022 08:43:39 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5644
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:39 GMT
Last-Modified: Thu, 06 Oct 2022 07:09:35 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
draft.blogger.com/img/logo-16.png
200 OK 279 B URL HTTP/1.1 draft.blogger.com/img/logo-16.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 14:06:06 GMT
Expires: Wed, 12 Oct 2022 14:06:06 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 08:35:45 GMT
Content-Type: image/png
Age: 67053
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 06 Oct 2022 07:05:10 GMT
Expires: Thu, 06 Oct 2022 09:05:10 GMT
Cache-Control: public, max-age=7200
Age: 5909
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
cleverjump.org/counter.js
200 OK 5.6 kB URL HTTP/1.1 cleverjump.org/counter.js
IP
ASN #49981 WorldStream B.V.
File type ASCII text, with CRLF line terminators
Hash 83126dc4af783a2179ab362a5bbec530
b1fe91477d92ab09066f28ddda5b31a4bf0f1689
cb1ef4607e93916a5dd30beae4617069924cb5f10edb65d8f93468c3fbdc1dc4
GET /counter.js HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: application/javascript
Content-Length: 5571
Last-Modified: Wed, 20 Jan 2021 12:50:32 GMT
Connection: keep-alive
ETag: "60082718-15c3"
Expires: Fri, 07 Oct 2022 08:43:39 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1876490016&utmhn=pornstars-rock.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pornstars%20Rock&utmhid=1517597265&utmr=-&utmp=%2F&utmht=1665045819394&utmac=UA-4468790-19&utmcc=__utma%3D195809837.592512009.1665045819.1665045819.1665045819.1%3B%2B__utmz%3D195809837.1665045819.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1925128814&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1876490016&utmhn=pornstars-rock.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pornstars%20Rock&utmhid=1517597265&utmr=-&utmp=%2F&utmht=1665045819394&utmac=UA-4468790-19&utmcc=__utma%3D195809837.592512009.1665045819.1665045819.1665045819.1%3B%2B__utmz%3D195809837.1665045819.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1925128814&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1876490016&utmhn=pornstars-rock.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pornstars%20Rock&utmhid=1517597265&utmr=-&utmp=%2F&utmht=1665045819394&utmac=UA-4468790-19&utmcc=__utma%3D195809837.592512009.1665045819.1665045819.1665045819.1%3B%2B__utmz%3D195809837.1665045819.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1925128814&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 06 Oct 2022 08:43:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
cleverjump.org/hit?z0;s1280*1024*24;fsdjarila491DWhuJ9LxfLVnH8LoxgV;cshb2;r;uhttp%3A%2F%2Fpornstars-rock.blogspot.com%2F;hPornstars%20Rock;0.336640696992878
200 OK 0 B URL HTTP/1.1 cleverjump.org/hit?z0;s1280*1024*24;fsdjarila491DWhuJ9LxfLVnH8LoxgV;cshb2;r;uhttp%3A%2F%2Fpornstars-rock.blogspot.com%2F;hPornstars%20Rock;0.336640696992878
IP
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?z0;s1280*1024*24;fsdjarila491DWhuJ9LxfLVnH8LoxgV;cshb2;r;uhttp%3A%2F%2Fpornstars-rock.blogspot.com%2F;hPornstars%20Rock;0.336640696992878 HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
P3P: CP=CleverJump
Set-Cookie: _cjuh=d6aeFRlBfpHdsVMhbHDGimfDazc6H0; expires=Fri, 06-Oct-2023 08:43:39 GMT; Max-Age=31536000; path=/hit; httponly; SameSite=None; Secure
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 075c0849a5739bda75763e3740fd5079
c59fbd5865bacc3857fcdfae28c7eaaa7ca1972b
24b54121bcf5221650c3127ee28ef7f92524d391f75639c1ad25d678e7a99d2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=http://draft.blogger.com/followers.g?blogID%3D1640439922302899113%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pornstars-rock.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=http://draft.blogger.com/followers.g?blogID%3D1640439922302899113%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pornstars-rock.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
302 Found 462 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=http://draft.blogger.com/followers.g?blogID%3D1640439922302899113%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pornstars-rock.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=http://draft.blogger.com/followers.g?blogID%3D1640439922302899113%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pornstars-rock.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (507)
Hash e512be0cc9abae131a1243812b0712d1
f4e8a8912a6e2a333e39401866a93cdf7bddafae
73bed25c0e10b1a94f65ddf3a9e07da08259e94f83d86f567ff584a560d5188d
GET /ServiceLogin?passive=true&continue=http://draft.blogger.com/followers.g?blogID%3D1640439922302899113%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pornstars-rock.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=http://draft.blogger.com/followers.g?blogID%3D1640439922302899113%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pornstars-rock.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pornstars-rock.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 08:43:39 GMT
location: http://draft.blogger.com/followers.g?blogID=1640439922302899113&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fpornstars-rock.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-6zd35RjMYk_5oFG-sqoZQA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 462
server: GSE
set-cookie: __Host-GAPS=1:Qw7ezs7tm3BYoQtVrhZVeojlfyhA7A:_zOmN_YbU7GGPbxQ;Path=/;Expires=Sat, 05-Oct-2024 08:43:39 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
200 OK 34 kB URL HTTP/2 www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
IP
File type ASCII text, with very long lines (2800)
Hash 2e2eb8ca65dfdc046d0b954f898024b1
6ed5c92832af02c6eb2f3921775922e25e84bacc
0b7eefc089178c4e032417958a2892d47b758136ef3b2a5c1dd36c77d1fa08ae
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 33871
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 08:22:29 GMT
expires: Thu, 06 Oct 2022 09:12:29 GMT
cache-control: public, max-age=3000
last-modified: Tue, 04 Oct 2022 15:24:36 GMT
content-type: text/javascript
age: 1270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AQ+ogbmUY8USoOfuZtJ6XA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cKDqJOp9XgKidWLnvm1rWYrVz9w=
cleverjump.org/hit/get-uid.php
200 OK 30 B URL HTTP/1.1 cleverjump.org/hit/get-uid.php
IP
ASN #49981 WorldStream B.V.
File type ASCII text, with no line terminators
Hash 71665e3547c0775a4449dc6aeccb6e6c
6f743ccb608477515b552205da81d62bc06bb22d
7eda94286e611a2702e1991f27f459cfc2a2cbac858b50362e3fb3527a31c422
Analyzer Verdict Alert fortinet Malware
GET /hit/get-uid.php HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pornstars-rock.blogspot.com
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Cookie: _cjuh=d6aeFRlBfpHdsVMhbHDGimfDazc6H0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 08:43:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: http://pornstars-rock.blogspot.com
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
draft.blogger.com/followers.g?blogID=1640439922302899113&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fpornstars-rock.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
302 Moved Temporarily 451 B URL HTTP/1.1 draft.blogger.com/followers.g?blogID=1640439922302899113&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fpornstars-rock.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480)
Hash cd395538a501db2704b9815896e67ecd
f52e3284c7536984344ff2defb655c6d1b9ed766
485722e26e59068b653c027dd83c674b83069d00e251b5edf6bb5c2a8d94790c
GET /followers.g?blogID=1640439922302899113&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fpornstars-rock.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1 HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pornstars-rock.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: https://draft.blogger.com/followers.g?blogID=1640439922302899113&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMzMzMzMzMqByNmM2RmZDQyByMzMzMzMzM6ByM2NjY2NjZCByMzMzMzMzNKByM2NjY2NjZSByMzMzMzMzNaC3RyYW5zcGFyZW50&pageSize=21&origin=http://pornstars-rock.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.z9QjrzsHcOc.O/d%3D1/rs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%3D__features__&bpli=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 06 Oct 2022 08:43:39 GMT
Expires: Thu, 06 Oct 2022 08:43:39 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 451
Server: GSE
pornstars-rock.blogspot.com/favicon.ico
200 OK 412 B URL HTTP/1.1 pornstars-rock.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: pornstars-rock.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pornstars-rock.blogspot.com/
Cookie: __utma=195809837.592512009.1665045819.1665045819.1665045819.1; __utmb=195809837.1.10.1665045819; __utmc=195809837; __utmz=195809837.1665045819.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; cj_uid=d6aeFRlBfpHdsVMhbHDGimfDazc6H0
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Thu, 06 Oct 2022 08:43:39 GMT
Date: Thu, 06 Oct 2022 08:43:39 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 17 Aug 2022 23:51:17 GMT
ETag: W/"95eab6e9d3c3df6918ce2f084cac974c1d6d0bc8e5e4670c5c3cad32f2898bb4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/css/maia.css
200 OK 12 kB URL HTTP/2 www.google.com/css/maia.css
IP
File type Unicode text, UTF-8 text, with very long lines (43499), with no line terminators
Hash bbb96f1e62e3f84502664d603d4ecbfc
684db7b7626d997e41d11716107d25824f322983
fcb969338fcac7f4d33a5f51945c6756d58881b82572604863fd8c0f3b1840c7
GET /css/maia.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 12181
date: Thu, 06 Oct 2022 08:43:40 GMT
expires: Thu, 06 Oct 2022 08:43:40 GMT
cache-control: private, max-age=0
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300
IP
Hash c33f41be0db3167e727a2141de922e9e
9b33f131f73c90b2b5d0787d2f8fe9188752f0a0
12059e57dccc78bd4ebc36919431656975765c30f6b38e054cabd0a9f924d037
GET /css?family=Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 08:43:40 GMT
date: Thu, 06 Oct 2022 08:43:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://draft.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 47372
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16748, version 1.0\012- data
Hash 62d24b94de2fd801742f49d8c6306ba2
d4b841b136adad3051b58a66692f7c5942cf6deb
1b2f88142c19df560f487368810bba2d41c5d6948df584abaa2e0091c0b2245b
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://draft.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:54:21 GMT
expires: Tue, 03 Oct 2023 18:54:21 GMT
cache-control: public, max-age=31536000
age: 222559
last-modified: Mon, 15 Aug 2022 18:14:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36b1ec1ebfdbe3367fc1fde546d47281
a12333d6fdf5f29a25fcac13b21e4a4f45ca5ba6
c95cde94d5b12b299aecb89ed8b9a8ad30e46e4704a30ab8329742a396e00090
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-NSXOHSNKRzI/VUI14Oz8kPI/AAAAAAAACAQ/C-Rgkcvj84w/s45-c/*
200 OK 1.2 kB URL HTTP/2 1.bp.blogspot.com/-NSXOHSNKRzI/VUI14Oz8kPI/AAAAAAAACAQ/C-Rgkcvj84w/s45-c/*
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash d69cc1ee97e5da1f56571a821db5f8c6
4cc7383d74c59f4b9b90373b9a93f4359ee647a4
0baa099edf4a9a705102ed2360cc8f507cea07f030002057ca0ec5a78045984c
GET /-NSXOHSNKRzI/VUI14Oz8kPI/AAAAAAAACAQ/C-Rgkcvj84w/s45-c/* HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="*.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1232
x-xss-protection: 0
date: Thu, 06 Oct 2022 08:25:46 GMT
expires: Fri, 23 Sep 2022 07:51:11 GMT
cache-control: public, max-age=86400, no-transform
age: 1074
etag: "v805"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36b1ec1ebfdbe3367fc1fde546d47281
a12333d6fdf5f29a25fcac13b21e4a4f45ca5ba6
c95cde94d5b12b299aecb89ed8b9a8ad30e46e4704a30ab8329742a396e00090
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/_HEbYdAeR6HM/SjIYznI0n6I/AAAAAAAAAAk/t9VgqVekeTY/S45-s45-c/Nora.jpg
200 OK 1.7 kB URL HTTP/2 3.bp.blogspot.com/_HEbYdAeR6HM/SjIYznI0n6I/AAAAAAAAAAk/t9VgqVekeTY/S45-s45-c/Nora.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 6304c50d1ac8f653642ad5f01ced180b
67b938c8cdcfd17b0bb7ced3eef28b1d460d3555
4baa77cebb09f9a32b31cc89d1576bc3b0b32d3efe6e2cf251b3a6a5f48d20e4
GET /_HEbYdAeR6HM/SjIYznI0n6I/AAAAAAAAAAk/t9VgqVekeTY/S45-s45-c/Nora.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Nora.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1661
x-xss-protection: 0
date: Thu, 06 Oct 2022 08:25:46 GMT
expires: Thu, 06 Oct 2022 21:31:23 GMT
cache-control: public, max-age=86400, no-transform
age: 1074
etag: "v9"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_pBp0-_VJmGY/SjKXJf64qII/AAAAAAAAAAk/hRPz763ozhQ/S45-s45-c/Rachel.jpg
200 OK 2.0 kB URL HTTP/2 2.bp.blogspot.com/_pBp0-_VJmGY/SjKXJf64qII/AAAAAAAAAAk/hRPz763ozhQ/S45-s45-c/Rachel.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 2fb7e81c1d17b5a10bbaa784f6dcd7ca
c019c3d0a929b5a009d948a7debe0f1328412e48
53ded174f55e8e93b4ca3651e684bb457bc862c8e8be5b7d81adde4f9ad4c4dc
GET /_pBp0-_VJmGY/SjKXJf64qII/AAAAAAAAAAk/hRPz763ozhQ/S45-s45-c/Rachel.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Rachel.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1956
x-xss-protection: 0
date: Thu, 06 Oct 2022 08:25:46 GMT
expires: Thu, 06 Oct 2022 21:31:23 GMT
cache-control: public, max-age=86400, no-transform
age: 1074
etag: "v9"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/_1S93lYzMbq8/SjIaFeRn9OI/AAAAAAAAAAk/OxaZGwT4zNw/S45-s45-c/Mrs-Cali.jpg
200 OK 1.9 kB URL HTTP/2 1.bp.blogspot.com/_1S93lYzMbq8/SjIaFeRn9OI/AAAAAAAAAAk/OxaZGwT4zNw/S45-s45-c/Mrs-Cali.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash a75f23212826ea9cc820af9b63f19c95
0ab6e6696cff0a31495cffc5d48fb198e5ffd994
415882ee70960389d2afcb4fc38a5d8791e59abd5c8b1865665421fba4e28cd3
GET /_1S93lYzMbq8/SjIaFeRn9OI/AAAAAAAAAAk/OxaZGwT4zNw/S45-s45-c/Mrs-Cali.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Mrs-Cali.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1925
x-xss-protection: 0
date: Thu, 06 Oct 2022 08:25:46 GMT
expires: Thu, 06 Oct 2022 21:31:23 GMT
cache-control: public, max-age=86400, no-transform
age: 1074
etag: "v9"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/_icsldrF04kc/SjIbLnPiJjI/AAAAAAAAAAk/uyk8W0QS7ok/S45-s45-c/Orella.jpg
200 OK 1.9 kB URL HTTP/2 1.bp.blogspot.com/_icsldrF04kc/SjIbLnPiJjI/AAAAAAAAAAk/uyk8W0QS7ok/S45-s45-c/Orella.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash d951a21cf471f39fea5602ea802c5178
cfd17c1b7362370a0e34c2a28a699e227b22431f
26ed637884ffa3e5a6ba4d0927b66403404c01e19ff430a6731cb56a0211ce6d
GET /_icsldrF04kc/SjIbLnPiJjI/AAAAAAAAAAk/uyk8W0QS7ok/S45-s45-c/Orella.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Orella.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1896
x-xss-protection: 0
date: Thu, 06 Oct 2022 08:25:46 GMT
expires: Thu, 06 Oct 2022 21:31:23 GMT
cache-control: public, max-age=86400, no-transform
age: 1074
etag: "v9"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36b1ec1ebfdbe3367fc1fde546d47281
a12333d6fdf5f29a25fcac13b21e4a4f45ca5ba6
c95cde94d5b12b299aecb89ed8b9a8ad30e46e4704a30ab8329742a396e00090
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36b1ec1ebfdbe3367fc1fde546d47281
a12333d6fdf5f29a25fcac13b21e4a4f45ca5ba6
c95cde94d5b12b299aecb89ed8b9a8ad30e46e4704a30ab8329742a396e00090
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipNA8-3k-SMlxy5WQOiZNsfzKWlGnmFqxx4v5Y0c=s45-c?key=CIDS7PiNms_9-QE
200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNA8-3k-SMlxy5WQOiZNsfzKWlGnmFqxx4v5Y0c=s45-c?key=CIDS7PiNms_9-QE
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 9ff492c925c8c088785992f29ce39dc8
fe79a97515290bf5d17c472b463085f81e10bbb5
4c9d0d5f8ca46c0779e0e21c809c3351e91cfe047bf8a7cfa8775509205318c5
GET /p/AF1QipNA8-3k-SMlxy5WQOiZNsfzKWlGnmFqxx4v5Y0c=s45-c?key=CIDS7PiNms_9-QE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5c"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 3118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipM4HQ82tKvHaeYqoCaux2BH2MtvUYIiXoQGtyLd=s45-c?key=CLD8wJn0p7ScUw
200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipM4HQ82tKvHaeYqoCaux2BH2MtvUYIiXoQGtyLd=s45-c?key=CLD8wJn0p7ScUw
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 331cf8aba6571fe811b3d7a38d7a8233
43c70a37f39affbb68ee1a9fcdff9b08e7eb1c9b
a17a8428d92c5e06fde8b6203f5b778cbfbd866a082ad1c0527d20878307a073
GET /p/AF1QipM4HQ82tKvHaeYqoCaux2BH2MtvUYIiXoQGtyLd=s45-c?key=CLD8wJn0p7ScUw HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3e"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 4130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNmJyYIwHbuXbUND4z48oOfXdf0EAT4jF3q5FKI=s45-c?key=CLehoJrU_5GqWQ
200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNmJyYIwHbuXbUND4z48oOfXdf0EAT4jF3q5FKI=s45-c?key=CLehoJrU_5GqWQ
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash af64854136168189cc6d3e5a3b464bc5
f61347f08c3c02cbd70fe65c54df3ab5b4ff0736
ae96573800eeb21038b54454b43bd70bcd9cc82089488c810c50512f34d1b616
GET /p/AF1QipNmJyYIwHbuXbUND4z48oOfXdf0EAT4jF3q5FKI=s45-c?key=CLehoJrU_5GqWQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v42"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 4592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 08:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipOX9XH2UhghITq5YoYXc_DSrEbGOAtJL1QEoWLh=s45-c?key=CMCG8oP0n42UCQ
200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOX9XH2UhghITq5YoYXc_DSrEbGOAtJL1QEoWLh=s45-c?key=CMCG8oP0n42UCQ
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash c4d1161ff5d36fb0c57d03a466a7abb1
0e6e649603d5aaf74ec401c98689b37ea13f0691
4f539739b2f4a41fae6bb02878ba2c24df1c76a0cee4e71ca4696d9c8bee0b79
GET /p/AF1QipOX9XH2UhghITq5YoYXc_DSrEbGOAtJL1QEoWLh=s45-c?key=CMCG8oP0n42UCQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v53"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 4715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPn48th8GQcGmDuha1hy0MQGEe7y8RgpyQPMEHc=s45-c?key=CMaviLSdtK3RzQE
200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPn48th8GQcGmDuha1hy0MQGEe7y8RgpyQPMEHc=s45-c?key=CMaviLSdtK3RzQE
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 121ad2e1e4aaebf72e56dd4ac6e97b40
6699d8cf1b88378f917a10204ac155ccd7ffaceb
8c5b99f9a249465139fc16a8d86679266e8314fb13f6d95389d281c0bb5f90d4
GET /p/AF1QipPn48th8GQcGmDuha1hy0MQGEe7y8RgpyQPMEHc=s45-c?key=CMaviLSdtK3RzQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v33"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 4538
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPOH6-KAp0x69oeEZupkE0OuIVbT_QhG9vW3ZIe=s45-c?key=CK_8pZKa7ZzMZQ
200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPOH6-KAp0x69oeEZupkE0OuIVbT_QhG9vW3ZIe=s45-c?key=CK_8pZKa7ZzMZQ
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 899e064ea703eee75fa98448b05f61ec
6a8a9e312682b53a4828e5aedab41ddaa5ca44b0
36625ed52eb21dc5e525b054f2f97be909b9503ae34323d771d4f16bb1be0fb7
GET /p/AF1QipPOH6-KAp0x69oeEZupkE0OuIVbT_QhG9vW3ZIe=s45-c?key=CK_8pZKa7ZzMZQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3a"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 4550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOb9MMHlPF-ajdwwCBcrXoUvoGzbAVz3nrYaF2z=s45-c?key=CJWwiZX1lN3jygE
200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOb9MMHlPF-ajdwwCBcrXoUvoGzbAVz3nrYaF2z=s45-c?key=CJWwiZX1lN3jygE
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 07d72fddf628a76424188c54c3834674
9e9ea8ef710d15f7482e617c12f0b7d7cda3b0e0
4a1caccbb0a8809ac7f26e2e24a84353575b5248113e4e79672877ce40c00ce0
GET /p/AF1QipOb9MMHlPF-ajdwwCBcrXoUvoGzbAVz3nrYaF2z=s45-c?key=CJWwiZX1lN3jygE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v40"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 4164
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNzf8EaFlRXJlwt639UCmDHVBYpt5MwwxjtZ7UC=s45-c?key=COPbjaSj4aiTOA
200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNzf8EaFlRXJlwt639UCmDHVBYpt5MwwxjtZ7UC=s45-c?key=COPbjaSj4aiTOA
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash a90545530cd6e2cba0e64b6a0d4c4d31
6c20c70f8c037f1f5be1a41b5dfbaecb1edf7777
573074cf5b8d985ecde37942cf4e28f95d407e0bdfd5c7c6d7ece8bb807bf059
GET /p/AF1QipNzf8EaFlRXJlwt639UCmDHVBYpt5MwwxjtZ7UC=s45-c?key=COPbjaSj4aiTOA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v61"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 08:43:40 GMT
server: fife
content-length: 4823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 08:43:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 08:43:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 08:43:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 08:43:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 08:43:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 38685
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2e00e7f6054a915275111712ae68feb
016d84f56f97f1ab12c4046177e3e809aa861729
d042df692c87770504eaa80dae07601163a3b330061b5b9ec7b66a2bec759150
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11478
x-amzn-requestid: a09aebdb-ec16-4f21-b972-6f97eda93ac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjRNiHLGIAMFcFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfbf0-28d33fc650641df56dfb5b06;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:49:36 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: RqNGDz8fc7-Et0JSVOTstRITabta3ruIF-gtPFu7jtBRbiLDBv_cGg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:48 GMT
etag: "016d84f56f97f1ab12c4046177e3e809aa861729"
content-type: image/jpeg
age: 38693
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af17f003b33d854fd024dcd3980fea27
1282572af57f7d04cae3f736a9b9fcb378efdf70
5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 13:09:19 GMT
age: 70462
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: f3cb33c4-26b6-4fd8-9293-dfb42be34600
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZiEZ4IAMFvLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-424459547db8b3d721d75e54;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: q70sezhl0h-lASzUDh5_WQ6KraRa3fWYl_tO0iuE0CpbJ5GeiihgMw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
age: 39995
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:50:38 GMT
age: 17583
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 38063
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
IP
GET /css?lang=no&family=Product+Sans|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 08:43:40 GMT
date: Thu, 06 Oct 2022 08:43:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
142.250.74.161
190.2.139.23
23.36.77.32
93.184.220.29
0.0.0.0