r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 09 Dec 2022 10:13:38 GMT
Date: Fri, 09 Dec 2022 09:31:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14188
Expires: Fri, 09 Dec 2022 13:27:29 GMT
Date: Fri, 09 Dec 2022 09:31:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 09:08:17 GMT
content-type: application/json
age: 1364
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4104
Expires: Fri, 09 Dec 2022 10:39:25 GMT
Date: Fri, 09 Dec 2022 09:31:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /B7m4XrAnKRzdi7iLbR784VjqTXfbnynbMQ3GY8e5Rzhv07rUC7K5W/FyVihjblhcGD3CVCHyO4=
x-amz-request-id: MTWEXKXT7TCK0M4S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 08:50:11 GMT
age: 2450
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 09:31:01 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 09:07:59 GMT
age: 1383
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
hazyhead2009.blogspot.fi/2011/09/full-size-gloria-dehaven-wallpaper.html
172.217.21.161302 Moved Temporarily 216 B URL HTTP/1.1 hazyhead2009.blogspot.fi/2011/09/full-size-gloria-dehaven-wallpaper.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cf48e91fb0d673d6c8abf4f0bc0a6f7d
a41b7e9bf8010d59e93d06f821803afaf3389245
6fa06849890ec681a2e976bbce52a6aebb11dc9467775001e3ecc6f736a73405
Analyzer Verdict Alert fortinet Malware
GET /2011/09/full-size-gloria-dehaven-wallpaper.html HTTP/1.1
Host: hazyhead2009.blogspot.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 09:31:02 GMT
Expires: Fri, 09 Dec 2022 09:31:02 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 216
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4136
Cache-Control: max-age=89086
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:02 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:15:48 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OK2rFN981DG49fRb0iTBnw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9gNu3dNQtHVRFOJow3mK+3wfH6M=
hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html
172.217.21.161200 OK 16 kB URL HTTP/1.1 hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12822)
Hash 86ab0abddacb6fe26713acea494cd269
4cdd81cb5224ae52bc2077fca97b2931b079165a
305b85bbe4d4deec63a189deb456ef5711365557675a3119972d29a72129eb71
Analyzer Verdict Alert fortinet Malware
GET /2011/09/full-size-gloria-dehaven-wallpaper.html HTTP/1.1
Host: hazyhead2009.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 09 Dec 2022 09:31:03 GMT
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 11 Dec 2021 16:03:38 GMT
ETag: W/"4e875b3c9ba9821e8939746e42de68ee08aa068837e9e9e97b02347222b39984"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15608
Server: GSE
hazyhead2009.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 hazyhead2009.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: hazyhead2009.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 09 Dec 2022 09:31:03 GMT
Expires: Fri, 16 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 09 Dec 2022 07:50:54 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a7a8eecec19b58f9286e9ce32471f3ba
f9e32a22a8ac6b1e5b29b91444183990b6e4c83e
69b0a2bff905b13caa305b1fcbb2db96a7f3bc60ccb4fba45b169e9ee86da4c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 441b529e2ca0056bb63de39cc6799309
a04959efdd659a6f23c253a2fe72fca75831da45
b8f306586f1ad4c1ce7fb8486ae25638e5ec06304af8bdf6f0022af290246b02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 441b529e2ca0056bb63de39cc6799309
a04959efdd659a6f23c253a2fe72fca75831da45
b8f306586f1ad4c1ce7fb8486ae25638e5ec06304af8bdf6f0022af290246b02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 441b529e2ca0056bb63de39cc6799309
a04959efdd659a6f23c253a2fe72fca75831da45
b8f306586f1ad4c1ce7fb8486ae25638e5ec06304af8bdf6f0022af290246b02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 242960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: text/javascript
age: 244018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 09 Dec 2022 09:31:03 GMT
expires: Fri, 09 Dec 2022 09:31:03 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
142.250.74.41200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 112818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.41200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:19:02 GMT
expires: Tue, 13 Dec 2022 14:19:02 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 07:54:23 GMT
content-type: image/gif
age: 241921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
needforspeedunited.files.wordpress.com/2010/06/nissan-silvia-s15-speed-bm.jpg
192.0.72.17301 Moved Permanently 162 B URL HTTP/1.1 needforspeedunited.files.wordpress.com/2010/06/nissan-silvia-s15-speed-bm.jpg
IP 192.0.72.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2010/06/nissan-silvia-s15-speed-bm.jpg HTTP/1.1
Host: needforspeedunited.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 09:31:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://needforspeedunited.files.wordpress.com/2010/06/nissan-silvia-s15-speed-bm.jpg
www.240sx.org/download/240sx-wallpaper4-1024.jpg
172.67.190.89301 Moved Permanently 0 B URL HTTP/1.1 www.240sx.org/download/240sx-wallpaper4-1024.jpg
IP 172.67.190.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/240sx-wallpaper4-1024.jpg HTTP/1.1
Host: www.240sx.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Dec 2022 10:31:03 GMT
Location: https://www.240sx.org/download/240sx-wallpaper4-1024.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iCXOa0J%2BAMu3qnuBC6mjN1mPyx%2FHtwj6rN7y0OejdXZceqFWBhJXcQJ%2FANrkXfe7wko5a6m0oq8SIoxThS%2FXdTJBVpPZV3hKBI85drD4%2FduQzRI0I6nXmXieJOJSzYk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cb9c3ca1bb51b-OSL
alt-svc: h2=":443"; ma=60
ipadwallpaper.eu/wallpapers/2/nissan-silvia-s15-reptile.jpg
176.31.68.43301 Moved Permanently 275 B URL HTTP/1.1 ipadwallpaper.eu/wallpapers/2/nissan-silvia-s15-reptile.jpg
IP 176.31.68.43:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 379ef94018163e0bf9064a7aa1d1f2ff
aa245d7897dda7cd563e4ac20d150202a0420b0e
7dc40943fee3ba08a74a9ef51a49fccecc573ea67ab45797029517f6a20fc975
GET /wallpapers/2/nissan-silvia-s15-reptile.jpg HTTP/1.1
Host: ipadwallpaper.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Server: Apache
Location: https://ipadwallpaper.eu/wallpapers/2/nissan-silvia-s15-reptile.jpg
Content-Length: 275
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 17:26:49 GMT
expires: Thu, 07 Dec 2023 17:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 144254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.34200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.34:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 07:02:46 GMT
Expires: Fri, 23 Dec 2022 07:02:46 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 8897
www.blogger.com/img/share_buttons_20_3.png
142.250.74.41200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 142.250.74.41:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:28:13 GMT
expires: Tue, 13 Dec 2022 17:28:13 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: image/png
age: 230570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
th04.deviantart.net/fs24/PRE/f/2007/365/a/6/Diseno_web_para_Interiores_by_dookg.jpg
100.20.29.21301 Moved Permanently 178 B URL HTTP/1.1 th04.deviantart.net/fs24/PRE/f/2007/365/a/6/Diseno_web_para_Interiores_by_dookg.jpg
IP 100.20.29.21:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fs24/PRE/f/2007/365/a/6/Diseno_web_para_Interiores_by_dookg.jpg HTTP/1.1
Host: th04.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: http://pre01.deviantart.net/2753/th/pre/f/2007/365/a/6/diseno_web_para_interiores_by_dookg.jpg
fc08.deviantart.net/fs38/f/2008/353/b/3/bride_silvia_s13_by_hugosilva.jpg
52.32.218.92301 Moved Permanently 178 B URL HTTP/1.1 fc08.deviantart.net/fs38/f/2008/353/b/3/bride_silvia_s13_by_hugosilva.jpg
IP 52.32.218.92:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fs38/f/2008/353/b/3/bride_silvia_s13_by_hugosilva.jpg HTTP/1.1
Host: fc08.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: http://orig07.deviantart.net/742e/f/2008/353/b/3/bride_silvia_s13_by_hugosilva.jpg
fc01.deviantart.net/fs40/i/2010/187/9/3/Nissan_Silvia_s13_Street_Drift_by_fliOx.jpg
100.20.29.21301 Moved Permanently 178 B URL HTTP/1.1 fc01.deviantart.net/fs40/i/2010/187/9/3/Nissan_Silvia_s13_Street_Drift_by_fliOx.jpg
IP 100.20.29.21:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fs40/i/2010/187/9/3/Nissan_Silvia_s13_Street_Drift_by_fliOx.jpg HTTP/1.1
Host: fc01.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: http://img02.deviantart.net/634a/i/2010/187/9/3/nissan_silvia_s13_street_drift_by_fliox.jpg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 441b529e2ca0056bb63de39cc6799309
a04959efdd659a6f23c253a2fe72fca75831da45
b8f306586f1ad4c1ce7fb8486ae25638e5ec06304af8bdf6f0022af290246b02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 441b529e2ca0056bb63de39cc6799309
a04959efdd659a6f23c253a2fe72fca75831da45
b8f306586f1ad4c1ce7fb8486ae25638e5ec06304af8bdf6f0022af290246b02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/img/logo-16.png
142.250.74.41200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 142.250.74.41:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 07:09:35 GMT
Expires: Tue, 13 Dec 2022 07:09:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 05 Dec 2022 06:50:28 GMT
Content-Type: image/png
Age: 267688
fc03.deviantart.net/fs36/f/2008/275/0/7/Nissan_Silvia_S13_by_CapiDesign.jpg
35.164.123.148301 Moved Permanently 178 B URL HTTP/1.1 fc03.deviantart.net/fs36/f/2008/275/0/7/Nissan_Silvia_S13_by_CapiDesign.jpg
IP 35.164.123.148:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fs36/f/2008/275/0/7/Nissan_Silvia_S13_by_CapiDesign.jpg HTTP/1.1
Host: fc03.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: http://orig12.deviantart.net/8a99/f/2008/275/0/7/nissan_silvia_s13_by_capidesign.jpg
fc08.deviantart.net/fs41/i/2009/029/a/1/Nissan_Silvia_Drift_by_MurilloDesign.jpg
52.32.218.92301 Moved Permanently 178 B URL HTTP/1.1 fc08.deviantart.net/fs41/i/2009/029/a/1/Nissan_Silvia_Drift_by_MurilloDesign.jpg
IP 52.32.218.92:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fs41/i/2009/029/a/1/Nissan_Silvia_Drift_by_MurilloDesign.jpg HTTP/1.1
Host: fc08.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: http://img07.deviantart.net/410b/i/2009/029/a/1/nissan_silvia_drift_by_murillodesign.jpg
fc04.deviantart.net/fs32/i/2008/218/b/f/Interiores_de_luzes_e_sombras_by_Naoe_chan.jpg
100.20.29.21301 Moved Permanently 178 B URL HTTP/1.1 fc04.deviantart.net/fs32/i/2008/218/b/f/Interiores_de_luzes_e_sombras_by_Naoe_chan.jpg
IP 100.20.29.21:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fs32/i/2008/218/b/f/Interiores_de_luzes_e_sombras_by_Naoe_chan.jpg HTTP/1.1
Host: fc04.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: http://img15.deviantart.net/db68/i/2008/218/b/f/interiores_de_luzes_e_sombras_by_naoe_chan.jpg
www.seriouswheels.com/pics-2010/klm/2010-Morgan-Aero-SuperSports-Side-1280x960.jpg
69.163.228.170301 Moved Permanently 294 B URL HTTP/1.1 www.seriouswheels.com/pics-2010/klm/2010-Morgan-Aero-SuperSports-Side-1280x960.jpg
IP 69.163.228.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d9a25ef04efb2732d3982f8060066382
2adeba2814219932ea91df848f9a5febf55c53c8
c41dd7402b68df45180f7b7e80917ec9338e829bcb77116c74fd16ccf43540aa
GET /pics-2010/klm/2010-Morgan-Aero-SuperSports-Side-1280x960.jpg HTTP/1.1
Host: www.seriouswheels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Server: Apache
Location: https://seriouswheels.com/pics-2010/klm/2010-Morgan-Aero-SuperSports-Side-1280x960.jpg
Content-Length: 294
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.seriouswheels.com/pics-mno/Morgan-Aero-8-F-Show-1024x768.jpg
69.163.228.170301 Moved Permanently 276 B URL HTTP/1.1 www.seriouswheels.com/pics-mno/Morgan-Aero-8-F-Show-1024x768.jpg
IP 69.163.228.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e71dfd06252a368e97c3d9e1a5e6f807
85380ec63a670993c05dfb984e45e25875c15170
c48aaa6036eae58646601a15a36366650f36dcc73b3fd3684d36939307af46f8
GET /pics-mno/Morgan-Aero-8-F-Show-1024x768.jpg HTTP/1.1
Host: www.seriouswheels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:03 GMT
Server: Apache
Location: https://seriouswheels.com/pics-mno/Morgan-Aero-8-F-Show-1024x768.jpg
Content-Length: 276
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2597
Expires: Fri, 09 Dec 2022 10:14:21 GMT
Date: Fri, 09 Dec 2022 09:31:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 13:49:59 GMT
age: 70865
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47563cf2-d887-4c1d-a3b9-0b5151226171.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47563cf2-d887-4c1d-a3b9-0b5151226171.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0321199622f614202a646f925521ace7
cac4e03ae9857def8b094e005647c3e49c34d686
042494598add540a49650d5556d33bf53f647d77e64fbf13f3d881ebf251a525
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47563cf2-d887-4c1d-a3b9-0b5151226171.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8709
x-amzn-requestid: 8c5094d3-3286-44db-bd3f-9369cd8220eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LYGGm6oAMFn1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925900-2ea563bc1b5aa87a0ebd6251;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oHNHICPfq1U2qYhNmrtf5_56-jtn-zOMPGvBdhXICE493RfJ1cFCvA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:55 GMT
age: 41469
etag: "cac4e03ae9857def8b094e005647c3e49c34d686"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2597
Expires: Fri, 09 Dec 2022 10:14:21 GMT
Date: Fri, 09 Dec 2022 09:31:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2597
Expires: Fri, 09 Dec 2022 10:14:21 GMT
Date: Fri, 09 Dec 2022 09:31:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c8ddc715a1d245a03bb4ee49a3280d8
fe7212ae124beae7afe90b1dc8569c05fc2b8c34
146bc059796a504b8d891f1d420ac09d8ddd523a95962e0fcdc24f9e10a9b81b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157332
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:04 GMT
Etag: "6392c3ec-117"
Expires: Sun, 11 Dec 2022 05:13:16 GMT
Last-Modified: Fri, 09 Dec 2022 05:13:16 GMT
Server: nginx
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 20958
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/1872720106996324906?po=8139312064794336288&hl=th&blogspotRpcToken=4141122
142.250.74.41200 OK 17 kB URL HTTP/2 www.blogger.com/comment/frame/1872720106996324906?po=8139312064794336288&hl=th&blogspotRpcToken=4141122
IP 142.250.74.41:0
Hash fb49837d7c7b15a7ef8aab5cb175ccc1
c0838bb37b0d6a8bcc91bc1125ba7f7560b72cb8
d4ec5d6faa081e61df761334caeaea31c24b795f40acc899b2f7a87eb0350c71
GET /comment/frame/1872720106996324906?po=8139312064794336288&hl=th&blogspotRpcToken=4141122 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 09:31:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-kPLnse6AHLwyz1hRPlv3fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
cross-origin-resource-policy: same-site
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=XWuZayG4kZcQePUQe8zcAQIVFjE4vvtNXh7wHIqFDsdZb-We_5Tle67-Dmt9ZQtID33070CTLjieEKSrbgC1jsr6ap94FI85VW0ecDacIaoxXIZjClniN6_hJliL3YxmkBYLsFVsXgF-gma6TZ9CiRy9aPP5QnsgD8GSZZf3a2k; expires=Sat, 10-Jun-2023 09:31:03 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
keywebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html&ref=&l=wallpaper
69.162.80.62200 OK 620 B URL HTTP/1.1 keywebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html&ref=&l=wallpaper
IP 69.162.80.62:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (620), with no line terminators
Hash 69b00a870223dd14afa54f92c1fc248d
3b87e3d216e8686b4eb8ffcb58f9e7eb4f800c08
63d0e47821e821af5512d7e7c12c22cff2bc5cb3c02e330aff1b88c0c08206bf
GET /?if=1&scr_w=1280&scr_h=1024&blog=http%3A//hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html&ref=&l=wallpaper HTTP/1.1
Host: keywebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 620
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 09:31:03 GMT
server: nginx
set-cookie: sid=337f8260-77a4-11ed-af87-aa64ad481487; path=/; domain=.keywebtracker.com; expires=Wed, 27 Dec 2090 12:45:11 GMT; max-age=2147483647; HttpOnly
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
34.120.237.76200 OK 1.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f6cfc43170be4dd0264f2b0b6bcc329
9ad22ea868f3b72832243fd11315c68117c7542b
f5cc67d46241c2f5aebc2515bf8828889f8ceda8112b78cdf925a260b82fd833
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8ff35a0-24dc-4158-b67e-a5f03f5a9022.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 1584
x-amzn-requestid: 7743c8a6-118c-4c69-b833-a9e2f5561a54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw5VEGV8IAMFcOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903c20-41fdf6d004b388f51fa70833;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:09:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whmRQYshKD6d2Pz3Z0ZCCFr_MEPR1rEek7nVZqf5XeiWpt1LIcjvBQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:35:35 GMT
age: 6929
etag: "9ad22ea868f3b72832243fd11315c68117c7542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 59400
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6d61d363f0f00585736abb35e1dcd6dc
9369b0eb806bd3264de91a4a3d99a10e71a5440e
7b16f38fc7c16381c9295dc3d7ec41321fe7629e1967882c051eefd049bb3ff2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 21397
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1872720106996324906%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8139312064794336288%26origin%3Dhttp://hazyhead2009.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1872720106996324906%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8139312064794336288%26origin%3Dhttp://hazyhead2009.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 485 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1872720106996324906%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8139312064794336288%26origin%3Dhttp://hazyhead2009.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1872720106996324906%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8139312064794336288%26origin%3Dhttp://hazyhead2009.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (535)
Hash 7cc7add1b32935f71465410b9b4e8fd2
1f3ca63292d5edfa44a3c7290e84acd3dbeaf1c2
e9538b3ddbcb1cfe26cb2662f7e81d1ca458b27bb2216bdedf5e1e39d4b926d2
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1872720106996324906%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8139312064794336288%26origin%3Dhttp://hazyhead2009.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1872720106996324906%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8139312064794336288%26origin%3Dhttp://hazyhead2009.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 09:31:04 GMT
location: https://www.blogger.com/followers.g?blogID=1872720106996324906&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8139312064794336288&origin=http%3A%2F%2Fhazyhead2009.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-YpzgRQTHePItq3ZFEJB4kg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 485
server: GSE
set-cookie: __Host-GAPS=1:yzyzU9fAtoXt7qlovn0HK8B4pfIiQA:97jFxIS645Z7aZ8w;Path=/;Expires=Sun, 08-Dec-2024 09:31:04 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
needforspeedunited.files.wordpress.com/2010/06/nissan-silvia-s15-speed-bm.jpg
192.0.72.17200 OK 168 kB URL HTTP/2 needforspeedunited.files.wordpress.com/2010/06/nissan-silvia-s15-speed-bm.jpg
IP 192.0.72.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 168 kB (168483 bytes)
Hash b1cc3da6077d06ce321756802c089008
74b119abc4339f90cbad0ba5827beacf6c7c8522
7b7569cbff943cce81d3d982f13393dd6664ba6ec1f02f998c6ffbac93f1c885
GET /2010/06/nissan-silvia-s15-speed-bm.jpg HTTP/1.1
Host: needforspeedunited.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 09:31:04 GMT
content-type: image/jpeg
content-length: 168483
last-modified: Wed, 09 Jun 2010 13:40:25 GMT
expires: Wed, 11 Jan 2023 01:39:35 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://needforspeedunited.wordpress.com
vary: Origin
x-nc: MISS arn 17 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img02.deviantart.net/634a/i/2010/187/9/3/nissan_silvia_s13_street_drift_by_fliox.jpg
44.231.211.9404 Not Found 0 B URL HTTP/1.1 img02.deviantart.net/634a/i/2010/187/9/3/nissan_silvia_s13_street_drift_by_fliox.jpg
IP 44.231.211.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /634a/i/2010/187/9/3/nissan_silvia_s13_street_drift_by_fliox.jpg HTTP/1.1
Host: img02.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
orig07.deviantart.net/742e/f/2008/353/b/3/bride_silvia_s13_by_hugosilva.jpg
35.82.34.224301 Moved Permanently 0 B URL HTTP/1.1 orig07.deviantart.net/742e/f/2008/353/b/3/bride_silvia_s13_by_hugosilva.jpg
IP 35.82.34.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /742e/f/2008/353/b/3/bride_silvia_s13_by_hugosilva.jpg HTTP/1.1
Host: orig07.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
Location: https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/db2181f7-aaa4-4c4b-926e-ac723d91ef78/d1rj2mp-11e2bb97-a5d2-4e85-ad4d-c2455c909bf0.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9kYjIxODFmNy1hYWE0LTRjNGItOTI2ZS1hYzcyM2Q5MWVmNzgvZDFyajJtcC0xMWUyYmI5Ny1hNWQyLTRlODUtYWQ0ZC1jMjQ1NWM5MDliZjAuanBnIn1dXX0.wtREXJ4xK1yk95zPI3bfl4B9DHJbvErYE-Pvv9KBoW4
pre01.deviantart.net/2753/th/pre/f/2007/365/a/6/diseno_web_para_interiores_by_dookg.jpg
35.82.34.224301 Moved Permanently 0 B URL HTTP/1.1 pre01.deviantart.net/2753/th/pre/f/2007/365/a/6/diseno_web_para_interiores_by_dookg.jpg
IP 35.82.34.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2753/th/pre/f/2007/365/a/6/diseno_web_para_interiores_by_dookg.jpg HTTP/1.1
Host: pre01.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
Location: https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/527e9a4e-8a10-4f3b-b18a-8a65c2449995/d17pwop-8b0d43d8-d3ac-47f5-804c-ecf44e56e1e2.jpg/v1/fill/w_852,h_938,q_75,strp/diseno_web_para_interiores_by_dookg.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl0sIm9iaiI6W1t7InBhdGgiOiIvZi81MjdlOWE0ZS04YTEwLTRmM2ItYjE4YS04YTY1YzI0NDk5OTUvZDE3cHdvcC04YjBkNDNkOC1kM2FjLTQ3ZjUtODA0Yy1lY2Y0NGU1NmUxZTIuanBnIiwid2lkdGgiOiI8PTg1MiIsImhlaWdodCI6Ijw9OTM4In1dXX0.eZ7qYw6qjoQREH-rfY7XeFOcPE2AHvdAb131d9-Nqic
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=1872720106996324906&zx=de34a0b6-3d95-449c-ab22-46fd6517c55c
142.250.74.41200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1872720106996324906&zx=de34a0b6-3d95-449c-ab22-46fd6517c55c
IP 142.250.74.41:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1872720106996324906&zx=de34a0b6-3d95-449c-ab22-46fd6517c55c HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 09:31:04 GMT
last-modified: Fri, 09 Dec 2022 09:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img15.deviantart.net/db68/i/2008/218/b/f/interiores_de_luzes_e_sombras_by_naoe_chan.jpg
44.231.211.9404 Not Found 0 B URL HTTP/1.1 img15.deviantart.net/db68/i/2008/218/b/f/interiores_de_luzes_e_sombras_by_naoe_chan.jpg
IP 44.231.211.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /db68/i/2008/218/b/f/interiores_de_luzes_e_sombras_by_naoe_chan.jpg HTTP/1.1
Host: img15.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
img07.deviantart.net/410b/i/2009/029/a/1/nissan_silvia_drift_by_murillodesign.jpg
52.38.46.52301 Moved Permanently 0 B URL HTTP/1.1 img07.deviantart.net/410b/i/2009/029/a/1/nissan_silvia_drift_by_murillodesign.jpg
IP 52.38.46.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /410b/i/2009/029/a/1/nissan_silvia_drift_by_murillodesign.jpg HTTP/1.1
Host: img07.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
Location: https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/8164ca4d-76ae-4656-9bb1-5ce70582ecbc/d1ttvis-413e3d6b-9694-48a5-a83a-d17dec87c211.jpg/v1/fill/w_1280,h_885,q_75,strp/nissan_silvia_drift_by_murillodesign.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl0sIm9iaiI6W1t7InBhdGgiOiIvZi84MTY0Y2E0ZC03NmFlLTQ2NTYtOWJiMS01Y2U3MDU4MmVjYmMvZDF0dHZpcy00MTNlM2Q2Yi05Njk0LTQ4YTUtYTgzYS1kMTdkZWM4N2MyMTEuanBnIiwid2lkdGgiOiI8PTEyODAiLCJoZWlnaHQiOiI8PTg4NSJ9XV19.rMnkhpzlJ4bVHHt22us8d_2RUwh-FRsKUtH6CWJP7HU
orig12.deviantart.net/8a99/f/2008/275/0/7/nissan_silvia_s13_by_capidesign.jpg
35.82.34.224301 Moved Permanently 0 B URL HTTP/1.1 orig12.deviantart.net/8a99/f/2008/275/0/7/nissan_silvia_s13_by_capidesign.jpg
IP 35.82.34.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8a99/f/2008/275/0/7/nissan_silvia_s13_by_capidesign.jpg HTTP/1.1
Host: orig12.deviantart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: da-redirector/0.5.2
Location: https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/bc5fb76a-ddc7-4fd1-9d83-5bbfa2136062/d18w1z5-40f59ea1-70ba-496d-b7d9-4a9ddb427d8a.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9iYzVmYjc2YS1kZGM3LTRmZDEtOWQ4My01YmJmYTIxMzYwNjIvZDE4dzF6NS00MGY1OWVhMS03MGJhLTQ5NmQtYjdkOS00YTlkZGI0MjdkOGEuanBnIn1dXX0.OQCwrxn-S8r3TX8kLUkYK8LiXlBBO7AUD4ti21cMYRs
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 23f0fed6cb9af080a75d8b899ae5bd84
2c02a8cb4a6e70d8ba58696fd709838656d443c3
b1102b6924fcffe1f07a07385010a47aa142435d4efc79b338e50f8258a4d5da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autoslope.com/wpps/boxer/morgan-aero-8/morgan-aero-8-194004-1024x768.jpg
50.2.91.17301 Moved Permanently 178 B URL HTTP/1.1 autoslope.com/wpps/boxer/morgan-aero-8/morgan-aero-8-194004-1024x768.jpg
IP 50.2.91.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /wpps/boxer/morgan-aero-8/morgan-aero-8-194004-1024x768.jpg HTTP/1.1
Host: autoslope.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.autoslope.com/wpps/boxer/morgan-aero-8/morgan-aero-8-194004-1024x768.jpg
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
216.58.207.228200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 216.58.207.228:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 09:31:04 GMT
date: Fri, 09 Dec 2022 09:31:04 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c8ddc715a1d245a03bb4ee49a3280d8
fe7212ae124beae7afe90b1dc8569c05fc2b8c34
146bc059796a504b8d891f1d420ac09d8ddd523a95962e0fcdc24f9e10a9b81b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=157332
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:04 GMT
Etag: "6392c3ec-117"
Expires: Sun, 11 Dec 2022 05:13:16 GMT
Last-Modified: Fri, 09 Dec 2022 05:13:16 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
240sx.org/download/240sx-wallpaper4-1024.jpg
104.21.57.117301 Moved Permanently 0 B URL HTTP/1.1 240sx.org/download/240sx-wallpaper4-1024.jpg
IP 104.21.57.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/240sx-wallpaper4-1024.jpg HTTP/1.1
Host: 240sx.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Dec 2022 10:31:04 GMT
Location: https://240sx.org/download/240sx-wallpaper4-1024.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXtNM5fAwqxrtJRoalImeoi7PlIIphAvgbz7QzJJdr2F76CiRQ%2BFRQ8s%2BCF9sHl8fFwP34kEVh2Vrz%2F71gijwXxAJ1g5Y5TdlD0rjloGQyw44H279fiV6htGSqo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cb9c9eed50b41-OSL
alt-svc: h2=":443"; ma=60
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 157862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
seriouswheels.com/pics-2010/klm/2010-Morgan-Aero-SuperSports-Side-1280x960.jpg
69.163.228.170404 Not Found 315 B URL HTTP/2 seriouswheels.com/pics-2010/klm/2010-Morgan-Aero-SuperSports-Side-1280x960.jpg
IP 69.163.228.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /pics-2010/klm/2010-Morgan-Aero-SuperSports-Side-1280x960.jpg HTTP/1.1
Host: seriouswheels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 09 Dec 2022 09:31:04 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
seriouswheels.com/pics-mno/Morgan-Aero-8-F-Show-1024x768.jpg
69.163.228.170404 Not Found 315 B URL HTTP/2 seriouswheels.com/pics-mno/Morgan-Aero-8-F-Show-1024x768.jpg
IP 69.163.228.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /pics-mno/Morgan-Aero-8-F-Show-1024x768.jpg HTTP/1.1
Host: seriouswheels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 09 Dec 2022 09:31:04 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.240sx.org/download/240sx-wallpaper4-1024.jpg
172.67.190.89301 Moved Permanently 634 B URL HTTP/2 www.240sx.org/download/240sx-wallpaper4-1024.jpg
IP 172.67.190.89:0
Hash 351ce170686fb17abb039173dd04ea18
282de621368ad1b25e252a3c215422cfa5e21f0b
cbc67e236a6567941be1c8766fca42c962b1b0c67b593105d06803cc86f13775
GET /download/240sx-wallpaper4-1024.jpg HTTP/1.1
Host: www.240sx.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 09:31:04 GMT
content-type: text/html
location: http://240sx.org/download/240sx-wallpaper4-1024.jpg
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1kwotcnUakjd%2BH9%2B%2BRGbUP4s%2BcZNU0ltcwUTjWZ0nf7MHhSEug59kbMwOsILg%2FQfBM0A2qWh8QSSKMwcf4zswcunlq9QGP8a%2BirOScmX2FUj0cwSK5186SDPECzu8Kd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776cb9c70f41b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb8568d1b03d4cd2cc7f423aef817e2e
6a1f75627351f8adae5f4f40d85dc91b4ac6b3d5
b40d4018a0f0692d5847ec8d8f1d2a5a34c2c9ddafa7f28632aab373eeb6f5e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9881bd54a93dcee33ad73df894c3dee1
9ed12cdbb8e3b8f486058eff097ef57c36ad70c5
c8c4bcc5d8e9ae2aa2794a4a63c1c51707ad25e6c8f8ccbad264304c3ae12134
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:28:50 GMT
Expires: Wed, 14 Dec 2022 03:28:49 GMT
Etag: "9ed12cdbb8e3b8f486058eff097ef57c36ad70c5"
Cache-Control: max-age=409664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776cb9c9bb7eb506-OSL
www.multiplayernetwork.net/files/filesystem/images/NissanSilviaS15_1517_1247432717.jpg
109.234.166.54301 Moved Permanently 0 B URL HTTP/1.1 www.multiplayernetwork.net/files/filesystem/images/NissanSilviaS15_1517_1247432717.jpg
IP 109.234.166.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/filesystem/images/NissanSilviaS15_1517_1247432717.jpg HTTP/1.1
Host: www.multiplayernetwork.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 09:31:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Fri, 09 Dec 2022 10:31:05 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: http://multiplayernetwork.net/files/filesystem/images/NissanSilviaS15_1517_1247432717.jpg
Server: o2switch-PowerBoost-v3
lh3.googleusercontent.com/a-/AD5-WCmmpY0G4RFvaFFsuIWgm3wD7S3UKrkEtxp9a0aKag=s45-c
142.250.74.97200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmmpY0G4RFvaFFsuIWgm3wD7S3UKrkEtxp9a0aKag=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 0d1b18be8a62621b102e0218cc39e50c
3589b3749333e76afc8182670551fc0560500192
6b456b38945c49b333e57f043cb23d5b4792b81fa34a0a19299033a28a9242bb
GET /a-/AD5-WCmmpY0G4RFvaFFsuIWgm3wD7S3UKrkEtxp9a0aKag=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v99"
expires: Sat, 10 Dec 2022 09:31:05 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 09:31:05 GMT
server: fife
content-length: 4536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
keywebtracker.com/?blog=http%3A%2F%2Fhazyhead2009.blogspot.com%2F2011%2F09%2Ffull-size-gloria-dehaven-wallpaper.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDU4NTQ2NCwiaWF0IjoxNjcwNTc4MjY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25oYzU0MDZhYTlnNzJjNjAxMzIyZzciLCJuYmYiOjE2NzA1NzgyNjQsInRzIjoxNjcwNTc4MjY0MDgzNjQ1fQ.nrd5QL_-NzJxVEC3jP787Gz77FTSjXgYuliV160_7Pw&l=wallpaper&ref=&scr_h=1024&scr_w=1280&sid=337f8260-77a4-11ed-af87-aa64ad481487
69.162.80.62302 Found 11 B URL HTTP/1.1 keywebtracker.com/?blog=http%3A%2F%2Fhazyhead2009.blogspot.com%2F2011%2F09%2Ffull-size-gloria-dehaven-wallpaper.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDU4NTQ2NCwiaWF0IjoxNjcwNTc4MjY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25oYzU0MDZhYTlnNzJjNjAxMzIyZzciLCJuYmYiOjE2NzA1NzgyNjQsInRzIjoxNjcwNTc4MjY0MDgzNjQ1fQ.nrd5QL_-NzJxVEC3jP787Gz77FTSjXgYuliV160_7Pw&l=wallpaper&ref=&scr_h=1024&scr_w=1280&sid=337f8260-77a4-11ed-af87-aa64ad481487
IP 69.162.80.62:0
ASN #46475 LIMESTONENETWORKS
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?blog=http%3A%2F%2Fhazyhead2009.blogspot.com%2F2011%2F09%2Ffull-size-gloria-dehaven-wallpaper.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDU4NTQ2NCwiaWF0IjoxNjcwNTc4MjY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25oYzU0MDZhYTlnNzJjNjAxMzIyZzciLCJuYmYiOjE2NzA1NzgyNjQsInRzIjoxNjcwNTc4MjY0MDgzNjQ1fQ.nrd5QL_-NzJxVEC3jP787Gz77FTSjXgYuliV160_7Pw&l=wallpaper&ref=&scr_h=1024&scr_w=1280&sid=337f8260-77a4-11ed-af87-aa64ad481487 HTTP/1.1
Host: keywebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://keywebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//hazyhead2009.blogspot.com/2011/09/full-size-gloria-dehaven-wallpaper.html&ref=&l=wallpaper
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 09 Dec 2022 09:31:04 GMT
location: http://r.redirekted.com/redirect?redirect_id=1356dab3907b4997e70733f154b708d0&request_id=7e8d718ae6bf4dfe44986c8d63afb706
server: nginx
set-cookie: sid=337f8260-77a4-11ed-af87-aa64ad481487; path=/; domain=.keywebtracker.com; expires=Wed, 27 Dec 2090 12:45:12 GMT; max-age=2147483647; HttpOnly
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb8568d1b03d4cd2cc7f423aef817e2e
6a1f75627351f8adae5f4f40d85dc91b4ac6b3d5
b40d4018a0f0692d5847ec8d8f1d2a5a34c2c9ddafa7f28632aab373eeb6f5e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 42182
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/db2181f7-aaa4-4c4b-926e-ac723d91ef78/d1rj2mp-11e2bb97-a5d2-4e85-ad4d-c2455c909bf0.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9kYjIxODFmNy1hYWE0LTRjNGItOTI2ZS1hYzcyM2Q5MWVmNzgvZDFyajJtcC0xMWUyYmI5Ny1hNWQyLTRlODUtYWQ0ZC1jMjQ1NWM5MDliZjAuanBnIn1dXX0.wtREXJ4xK1yk95zPI3bfl4B9DHJbvErYE-Pvv9KBoW4
34.96.91.138200 OK 680 kB URL HTTP/2 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/db2181f7-aaa4-4c4b-926e-ac723d91ef78/d1rj2mp-11e2bb97-a5d2-4e85-ad4d-c2455c909bf0.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9kYjIxODFmNy1hYWE0LTRjNGItOTI2ZS1hYzcyM2Q5MWVmNzgvZDFyajJtcC0xMWUyYmI5Ny1hNWQyLTRlODUtYWQ0ZC1jMjQ1NWM5MDliZjAuanBnIn1dXX0.wtREXJ4xK1yk95zPI3bfl4B9DHJbvErYE-Pvv9KBoW4
IP 34.96.91.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x949, components 3\012- data
Size 680 kB (679979 bytes)
Hash 5efe4340b3338b0f3e0b0c01a8807e00
e2775d0e7205a3ffebe565cffcf405a43efdc298
1e4554c2b6c50b976f304aa38ec0ef125e99dd32587ba31cad22767f7474ce9a
GET /f/db2181f7-aaa4-4c4b-926e-ac723d91ef78/d1rj2mp-11e2bb97-a5d2-4e85-ad4d-c2455c909bf0.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9kYjIxODFmNy1hYWE0LTRjNGItOTI2ZS1hYzcyM2Q5MWVmNzgvZDFyajJtcC0xMWUyYmI5Ny1hNWQyLTRlODUtYWQ0ZC1jMjQ1NWM5MDliZjAuanBnIn1dXX0.wtREXJ4xK1yk95zPI3bfl4B9DHJbvErYE-Pvv9KBoW4 HTTP/1.1
Host: images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
content-length: 679979
content-type: image/jpeg
wix-tracer: 2IfgtLJiqgQa2aofxDH7URJLPME
x-seen-by: image-manipulator-554998d6f5-g8ngt
date: Fri, 09 Dec 2022 09:31:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 60622
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 437e660fcdd68f4656a1ba2bc037138a
0d9e539cb5645e41f1cbf6e2dac585bcae6a4364
bcae775f2ee641cdd0fa2620317b6ebe011882f4cccdffe2bd623368aeae767a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCAE775F2EE641CDD0FA2620317B6EBE011882F4CCCDFFE2BD623368AEAE767A"
Last-Modified: Thu, 08 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 15:31:05 GMT
Date: Fri, 09 Dec 2022 09:31:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9881bd54a93dcee33ad73df894c3dee1
9ed12cdbb8e3b8f486058eff097ef57c36ad70c5
c8c4bcc5d8e9ae2aa2794a4a63c1c51707ad25e6c8f8ccbad264304c3ae12134
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:28:50 GMT
Expires: Wed, 14 Dec 2022 03:28:49 GMT
Etag: "9ed12cdbb8e3b8f486058eff097ef57c36ad70c5"
Cache-Control: max-age=409663,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776cb9cd3ab0b4eb-OSL
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 09:31:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+799; expires=Sun, 08-Dec-2024 09:31:05 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 09:31:05 GMT
cache-control: private
X-Firefox-Spdy: h2
www.shareyourwallpaper.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_ab1bbf94.jpg
95.211.197.229301 Moved Permanently 185 B URL HTTP/1.1 www.shareyourwallpaper.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_ab1bbf94.jpg
IP 95.211.197.229:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 78fa7f319099994103f2cd37a2ac09aa
993e669ed3b2c062758db9c8eea25aeae944c869
0a04a6ec690187b0fb89041c35af0b23a87526085859e8d97a6b5be4abb247ea
GET /upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_ab1bbf94.jpg HTTP/1.1
Host: www.shareyourwallpaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.0.15
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://shareyourwallpapers.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_ab1bbf94.jpg
www.shareyourwallpaper.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_909f4033.jpg
95.211.197.229301 Moved Permanently 185 B URL HTTP/1.1 www.shareyourwallpaper.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_909f4033.jpg
IP 95.211.197.229:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 78fa7f319099994103f2cd37a2ac09aa
993e669ed3b2c062758db9c8eea25aeae944c869
0a04a6ec690187b0fb89041c35af0b23a87526085859e8d97a6b5be4abb247ea
GET /upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_909f4033.jpg HTTP/1.1
Host: www.shareyourwallpaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.0.15
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://shareyourwallpapers.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_909f4033.jpg
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/bc5fb76a-ddc7-4fd1-9d83-5bbfa2136062/d18w1z5-40f59ea1-70ba-496d-b7d9-4a9ddb427d8a.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9iYzVmYjc2YS1kZGM3LTRmZDEtOWQ4My01YmJmYTIxMzYwNjIvZDE4dzF6NS00MGY1OWVhMS03MGJhLTQ5NmQtYjdkOS00YTlkZGI0MjdkOGEuanBnIn1dXX0.OQCwrxn-S8r3TX8kLUkYK8LiXlBBO7AUD4ti21cMYRs
34.96.91.138200 OK 497 kB URL HTTP/2 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/bc5fb76a-ddc7-4fd1-9d83-5bbfa2136062/d18w1z5-40f59ea1-70ba-496d-b7d9-4a9ddb427d8a.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9iYzVmYjc2YS1kZGM3LTRmZDEtOWQ4My01YmJmYTIxMzYwNjIvZDE4dzF6NS00MGY1OWVhMS03MGJhLTQ5NmQtYjdkOS00YTlkZGI0MjdkOGEuanBnIn1dXX0.OQCwrxn-S8r3TX8kLUkYK8LiXlBBO7AUD4ti21cMYRs
IP 34.96.91.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1024x768, components 3\012- data
Size 497 kB (496634 bytes)
Hash d131692d4207606a6c80b82fd6e5b1f4
14e950bb6d38e42e4b93436778e3320912a2b6de
60fc733ae5d243a6cbc3b7b59b130cf471537ef7445082e5fbcafb9d1bba76fd
GET /f/bc5fb76a-ddc7-4fd1-9d83-5bbfa2136062/d18w1z5-40f59ea1-70ba-496d-b7d9-4a9ddb427d8a.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwic3ViIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsImF1ZCI6WyJ1cm46c2VydmljZTpmaWxlLmRvd25sb2FkIl0sIm9iaiI6W1t7InBhdGgiOiIvZi9iYzVmYjc2YS1kZGM3LTRmZDEtOWQ4My01YmJmYTIxMzYwNjIvZDE4dzF6NS00MGY1OWVhMS03MGJhLTQ5NmQtYjdkOS00YTlkZGI0MjdkOGEuanBnIn1dXX0.OQCwrxn-S8r3TX8kLUkYK8LiXlBBO7AUD4ti21cMYRs HTTP/1.1
Host: images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
content-length: 496634
content-type: image/jpeg
wix-tracer: 2IfgtTmmVcqFgYS6HJg8dlEdP4s
x-seen-by: image-manipulator-554998d6f5-lz5lj
date: Fri, 09 Dec 2022 09:31:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.getfreehdwallpapers.com/wallpapers/13/albums_10764.jpg
156.242.132.167302 Moved Temporarily 0 B URL HTTP/1.1 www.getfreehdwallpapers.com/wallpapers/13/albums_10764.jpg
IP 156.242.132.167:0
ASN #132839 POWER LINE DATACENTER
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wallpapers/13/albums_10764.jpg HTTP/1.1
Host: www.getfreehdwallpapers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.1
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Location: http://www.hongshigroup.com/wallpapers/13/albums_10764.jpg
r.redirekted.com/redirect?redirect_id=1356dab3907b4997e70733f154b708d0&request_id=7e8d718ae6bf4dfe44986c8d63afb706
66.165.243.160200 OK 799 B URL HTTP/1.1 r.redirekted.com/redirect?redirect_id=1356dab3907b4997e70733f154b708d0&request_id=7e8d718ae6bf4dfe44986c8d63afb706
IP 66.165.243.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash 9f6130d085b95a68a8c836d2f328f46c
6d90cea4ffb6acc5a20aa037c41c7bdae9f5d2d6
76c19b36133c0a91e6b3d48e245b4730d56582bf6b8a73ee74683b29445266da
GET /redirect?redirect_id=1356dab3907b4997e70733f154b708d0&request_id=7e8d718ae6bf4dfe44986c8d63afb706 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://keywebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
shareyourwallpapers.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_ab1bbf94.jpg
95.211.197.229200 OK 251 kB URL HTTP/1.1 shareyourwallpapers.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_ab1bbf94.jpg
IP 95.211.197.229:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2003:11:27 18:06:57], baseline, precision 8, 1024x768, components 3\012- data
Size 251 kB (251407 bytes)
Hash c90d61c185a2d926c583c304f17044d7
919c4791f5643c3b0beae7a270c7b8f0dd75e5ce
69d12ad9a2c61018edeb505ecb49f68593d513e7d49161c123a5f1e33e1cecd4
GET /upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_ab1bbf94.jpg HTTP/1.1
Host: shareyourwallpapers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.0.15
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: image/jpeg
Content-Length: 251407
Last-Modified: Mon, 29 Jun 2009 01:39:47 GMT
Connection: keep-alive
Expires: Sun, 08 Jan 2023 09:31:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r.redirekted.com/css/adren.css?n=3718592552
66.165.243.160200 OK 243 B URL HTTP/1.1 r.redirekted.com/css/adren.css?n=3718592552
IP 66.165.243.160:0
Hash f72acd3fece9f7cf58643616c745b2ea
92bc529a83c5466fbf6b9e702eef1e59644687a1
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
GET /css/adren.css?n=3718592552 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=1356dab3907b4997e70733f154b708d0&request_id=7e8d718ae6bf4dfe44986c8d63afb706
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: text/css
Content-Length: 243
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-f3"
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9881bd54a93dcee33ad73df894c3dee1
9ed12cdbb8e3b8f486058eff097ef57c36ad70c5
c8c4bcc5d8e9ae2aa2794a4a63c1c51707ad25e6c8f8ccbad264304c3ae12134
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:28:50 GMT
Expires: Wed, 14 Dec 2022 03:28:49 GMT
Etag: "9ed12cdbb8e3b8f486058eff097ef57c36ad70c5"
Cache-Control: max-age=409663,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776cb9c9bfec0b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9881bd54a93dcee33ad73df894c3dee1
9ed12cdbb8e3b8f486058eff097ef57c36ad70c5
c8c4bcc5d8e9ae2aa2794a4a63c1c51707ad25e6c8f8ccbad264304c3ae12134
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:28:50 GMT
Expires: Wed, 14 Dec 2022 03:28:49 GMT
Etag: "9ed12cdbb8e3b8f486058eff097ef57c36ad70c5"
Cache-Control: max-age=409663,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776cb9c9ba00b500-OSL
r.redirekted.com/js/adren.min.js?n=3718592552
66.165.243.160200 OK 7.5 kB URL HTTP/1.1 r.redirekted.com/js/adren.min.js?n=3718592552
IP 66.165.243.160:0
File type ASCII text, with very long lines (7528), with no line terminators
Hash 9a9ec61d7e275f25fe83f0aa93bd2e41
8a3a23c432b601e9f8f8fe2b61f0fedbc341c9ac
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
GET /js/adren.min.js?n=3718592552 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=1356dab3907b4997e70733f154b708d0&request_id=7e8d718ae6bf4dfe44986c8d63afb706
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: application/javascript
Content-Length: 7528
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-1d68"
Accept-Ranges: bytes
shareyourwallpapers.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_909f4033.jpg
95.211.197.229200 OK 253 kB URL HTTP/1.1 shareyourwallpapers.com/upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_909f4033.jpg
IP 95.211.197.229:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x1146, components 3\012- data
Size 253 kB (252599 bytes)
Hash eaf51e997c74bf1628a2217548373eeb
7b8b61051faee1e83e52c47afcd40669675cb966
034be9f3625979d4f3e26cf8a81432c2d7544165ec430c7bacce88e0b24c954a
GET /upload/wallpaper/celebrities-female/gloria-dehaven/gloria-dehaven_909f4033.jpg HTTP/1.1
Host: shareyourwallpapers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hazyhead2009.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.0.15
Date: Fri, 09 Dec 2022 09:31:05 GMT
Content-Type: image/jpeg
Content-Length: 252599
Last-Modified: Mon, 06 Jul 2009 02:16:56 GMT
Connection: keep-alive
Expires: Sun, 08 Jan 2023 09:31:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r.redirekted.com/go?e=NA-pFFuHFA94aqvVTsyxGBeHlX6flBwjmX-LlK9AUCw1aC8A2XmclFdtlX603FjSJr_xUCuHPqY1KWejwXbt3F-IPpvclBvDzsyHGC9gRpvk3F95QsyLlKdfQAV5aqvtHr_xaCutFBsImqjI2rXu2DexFCvgPX59SA-H3BlR2WXgaC9q0ZxpzCmfmKY13F0AJsyjwF9IvWXyaC9AHVbDTLmLUF-ZmC99SA78IF-W3XSglpafHA3uUn95wXs5KW4c0X7VPL9IvXwkKWdxxXyxmBeLaXscPXvbRs7jQMefmX8j3B85QAu1aF1f0KWy3C9gQA-tQn8ElXsSPXexmZ31KC
66.165.243.160200 OK 386 B URL HTTP/1.1 r.redirekted.com/go?e=NA-pFFuHFA94aqvVTsyxGBeHlX6flBwjmX-LlK9AUCw1aC8A2XmclFdtlX603FjSJr_xUCuHPqY1KWejwXbt3F-IPpvclBvDzsyHGC9gRpvk3F95QsyLlKdfQAV5aqvtHr_xaCutFBsImqjI2rXu2DexFCvgPX59SA-H3BlR2WXgaC9q0ZxpzCmfmKY13F0AJsyjwF9IvWXyaC9AHVbDTLmLUF-ZmC99SA78IF-W3XSglpafHA3uUn95wXs5KW4c0X7VPL9IvXwkKWdxxXyxmBeLaXscPXvbRs7jQMefmX8j3B85QAu1aF1f0KWy3C9gQA-tQn8ElXsSPXexmZ31KC
IP 66.165.243.160:0
File type HTML document, ASCII text, with very long lines (318)
Hash 1883a4a098cf69e85c12b1cffbfda291
8a549e871ccd5e768de6a973822de42b4a827ea7
d9ffddfb10e80aeb5ad20026469b02e122f8522be39401f357210ef77a26cb08
GET /go?e=NA-pFFuHFA94aqvVTsyxGBeHlX6flBwjmX-LlK9AUCw1aC8A2XmclFdtlX603FjSJr_xUCuHPqY1KWejwXbt3F-IPpvclBvDzsyHGC9gRpvk3F95QsyLlKdfQAV5aqvtHr_xaCutFBsImqjI2rXu2DexFCvgPX59SA-H3BlR2WXgaC9q0ZxpzCmfmKY13F0AJsyjwF9IvWXyaC9AHVbDTLmLUF-ZmC99SA78IF-W3XSglpafHA3uUn95wXs5KW4c0X7VPL9IvXwkKWdxxXyxmBeLaXscPXvbRs7jQMefmX8j3B85QAu1aF1f0KWy3C9gQA-tQn8ElXsSPXexmZ31KC HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=1356dab3907b4997e70733f154b708d0&request_id=7e8d718ae6bf4dfe44986c8d63afb706
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Fri, 09 Dec 2022 09:31:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
Set-Cookie: uuid=3517794094856411648; expires=Sat, 10-Dec-2022 09:31:06 GMT; Max-Age=86400
api.adrenalads.com/rd/dump?request_id=7e8d718ae6bf4dfe44986c8d63afb706&source=&ip=91.90.42.154&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&screen=1x1&status=js2&invalid=small+screen+%281x1%29%2Cframe+detected
66.165.243.160302 Found 0 B URL HTTP/1.1 api.adrenalads.com/rd/dump?request_id=7e8d718ae6bf4dfe44986c8d63afb706&source=&ip=91.90.42.154&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&screen=1x1&status=js2&invalid=small+screen+%281x1%29%2Cframe+detected
IP 66.165.243.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd/dump?request_id=7e8d718ae6bf4dfe44986c8d63afb706&source=&ip=91.90.42.154&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&screen=1x1&status=js2&invalid=small+screen+%281x1%29%2Cframe+detected HTTP/1.1
Host: api.adrenalads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.21.5
Date: Fri, 09 Dec 2022 09:31:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
Location: https://www.joshsway.com
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 58a2ac1318a173366ba73be1f230553d
58bffcf174d25b1d569021aaaf9149f7079702b6
1f03b14dd37ba62033b953216c20abe68ca700e32d29039554b22f82466d66a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F03B14DD37BA62033B953216C20ABE68CA700E32D29039554B22F82466D66A3"
Last-Modified: Thu, 08 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21260
Expires: Fri, 09 Dec 2022 15:25:27 GMT
Date: Fri, 09 Dec 2022 09:31:07 GMT
Connection: keep-alive
www.joshsway.com/
66.165.243.165200 OK 28 kB IP 66.165.243.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, CR, LF line terminators
Hash c959f40c146c548652241c67ffa38c50
582f3ce5727041a8c961b8f37d07ab398602a93f
9fa103e6f66ce20f41158e9aa7992e0cb5afd3f41c0960e0e6c1dfcf1d2fbcbc
GET / HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://r.redirekted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:07 GMT
Content-Type: text/html
Content-Length: 27768
Last-Modified: Thu, 30 Jun 2022 09:44:47 GMT
Connection: keep-alive
ETag: "62bd708f-6c78"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b8313f9e33695225653527e2d423cd7
f93d3c7e748b85edc6f0209e73813f13e5bf2070
9fbcb6376f48faf9fab6fada8876197456bb8c5c1c0b5c34b25dcfe323e18354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1366
Cache-Control: max-age=144665
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:07 GMT
Etag: "63928d1e-1d7"
Expires: Sun, 11 Dec 2022 01:42:12 GMT
Last-Modified: Fri, 09 Dec 2022 01:19:26 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
js.stripe.com/v2/
151.101.128.176200 OK 20 kB IP 151.101.128.176:0
File type ASCII text, with very long lines (32015)
Hash 1525f13ee9f77d2b5dfcea88fa83b328
afbad498fb1ef9b17f990e02ace467a3bdb0a8c2
17312b5e480f3a7c401ed6b09912b1ae413a18595d46fb93b5f1aa40e3279664
GET /v2/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 12:42:55 GMT
etag: "4e0e5080f8f45588fcc33b82ee08fa3c"
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Dec 2022 09:31:07 GMT
via: 1.1 varnish
age: 66
x-request-id: 502d39b9-8623-4414-bc53-b2a3d767df55
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 19860
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-107133471-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-107133471-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash d1e27b272cce2695a4ab4ed30a772f06
193ac021807cd53bd202c14fb28e8fd11863d45e
17e2f176ce563486e467232325f1dae55b6eda4e5a4f0a79da88bcd0eae69412
GET /gtag/js?id=UA-107133471-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 09:31:07 GMT
expires: Fri, 09 Dec 2022 09:31:07 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:100,600
142.250.74.74200 OK 989 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:100,600
IP 142.250.74.74:0
Hash a6d4406d67e15a28bf3ff01142286994
0b21d462602a4853d83bf9be372c74c252ede7ea
c38f8afd6cb491d7afe34d8800cdbc03dce7c4885f89c773c1ab46dc685bafa2
GET /css?family=Raleway:100,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 09:31:07 GMT
date: Fri, 09 Dec 2022 09:31:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.joshsway.com/www.google.com/recaptcha/apid41d.js?
66.165.243.165500 Internal Server Error 177 B URL HTTP/1.1 www.joshsway.com/www.google.com/recaptcha/apid41d.js?
IP 66.165.243.165:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 326096adb5817b1f5f7a59789be41994
e8558897958dff881ffbc682352f94d66efc6612
704c2f055570c3b8009b6ee0b3a67165f47816004565a7b3fc8121c03199a7c5
GET /www.google.com/recaptcha/apid41d.js? HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:07 GMT
Content-Type: text/html
Content-Length: 177
Connection: close
www.joshsway.com/pagead2.googlesyndication.com/pagead/js/f.txt
66.165.243.165500 Internal Server Error 177 B URL HTTP/1.1 www.joshsway.com/pagead2.googlesyndication.com/pagead/js/f.txt
IP 66.165.243.165:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 326096adb5817b1f5f7a59789be41994
e8558897958dff881ffbc682352f94d66efc6612
704c2f055570c3b8009b6ee0b3a67165f47816004565a7b3fc8121c03199a7c5
GET /pagead2.googlesyndication.com/pagead/js/f.txt HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:07 GMT
Content-Type: text/html
Content-Length: 177
Connection: close
www.joshsway.com/css/app.7b2744f90839aaccd1b01251bb207ab4.css
66.165.243.165200 OK 285 kB URL HTTP/1.1 www.joshsway.com/css/app.7b2744f90839aaccd1b01251bb207ab4.css
IP 66.165.243.165:0
File type ASCII text, with very long lines (686)
Size 285 kB (284989 bytes)
Hash aa71e1ae1bd7526dc72fe3209120d998
0e5d9751e8b24b96848a984ac2db0b4586e516fe
3fd4e1cf5931b94553b7f9aa41b224ceeefd2c925dbc43fa9b09fbbb3c3cb73e
GET /css/app.7b2744f90839aaccd1b01251bb207ab4.css HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:07 GMT
Content-Type: text/css
Content-Length: 284989
Last-Modified: Thu, 30 Jun 2022 06:47:33 GMT
Connection: keep-alive
ETag: "62bd4705-4593d"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.joshsway.com/img/josh_sway_header.png
66.165.243.165200 OK 9.6 kB URL HTTP/1.1 www.joshsway.com/img/josh_sway_header.png
IP 66.165.243.165:0
File type PNG image data, 500 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c2b95d46a689cf6f9bc711a1afeae0aa
0f9690db5e8842c086d9d0b3cdd765f1be4166fb
126ecb7580e3ee91f0cd03ba774352bc26510ffef8269761af902fa082b3541e
GET /img/josh_sway_header.png HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/png
Content-Length: 9580
Last-Modified: Thu, 30 Jun 2022 09:57:36 GMT
Connection: keep-alive
ETag: "62bd7390-256c"
Accept-Ranges: bytes
www.joshsway.com/js/legacy.dfce09e8289a8d7d67bffa9197524ea1.js
66.165.243.165200 OK 89 kB URL HTTP/1.1 www.joshsway.com/js/legacy.dfce09e8289a8d7d67bffa9197524ea1.js
IP 66.165.243.165:0
File type ASCII text, with very long lines (3613)
Hash dfce09e8289a8d7d67bffa9197524ea1
7b4f8dac5fe308cc2dd47ac201a07e73cfd0b8ae
4ea23594f8a239a73b78dbeb5bde444d886a49445393da7a547cfb550a902f36
GET /js/legacy.dfce09e8289a8d7d67bffa9197524ea1.js HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:07 GMT
Content-Type: application/javascript
Content-Length: 88897
Last-Modified: Thu, 30 Jun 2022 06:29:30 GMT
Connection: keep-alive
ETag: "62bd42ca-15b41"
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.joshsway.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 136634
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/economica/v13/Qw3aZQZaHCLgIWa29ZBTjecUDXx4.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/economica/v13/Qw3aZQZaHCLgIWa29ZBTjecUDXx4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10552, version 1.0\012- data
Hash dae21c772d3e8666d5e6aa8ca35738a3
4b5224e4f65caa4b6661102f655da326f4920d69
4ba1d02c38a10b7055695dd848644f8597b1461c81b9c8b7d51849d556267e34
GET /s/economica/v13/Qw3aZQZaHCLgIWa29ZBTjecUDXx4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.joshsway.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:52:18 GMT
expires: Sat, 09 Dec 2023 06:52:18 GMT
cache-control: public, max-age=31536000
age: 9530
last-modified: Thu, 21 Apr 2022 16:58:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.joshsway.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 311907
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.joshsway.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 136613
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.joshsway.com/wp-content/uploads/6_ways_to_approach_women-370x185.jpg
66.165.243.165200 OK 18 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/6_ways_to_approach_women-370x185.jpg
IP 66.165.243.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 370x185, components 3\012- data
Hash a4e9b5c00e7bb02d78b1e4c0a8426f1f
40c997a84787cc477e94ce03f362644e831e811c
dcd22ac68426628b309c21cef0b6de85eac79621089e1ef839eaf7d90371e000
GET /wp-content/uploads/6_ways_to_approach_women-370x185.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 18434
Last-Modified: Mon, 30 Jul 2018 20:41:11 GMT
Connection: keep-alive
ETag: "5b5f77e7-4802"
Accept-Ranges: bytes
www.joshsway.com/pagead2.googlesyndication.com/pagead/js/f.txt
66.165.243.165500 Internal Server Error 721 B URL HTTP/1.1 www.joshsway.com/pagead2.googlesyndication.com/pagead/js/f.txt
IP 66.165.243.165:0
File type gzip compressed data, max compression\012- data
Hash 70f4b49f9b06ed797d0217ead282d6b7
7461dbe89833ce0de4011a25670869a6136e8124
a93281e4c257b7754d8bdb783c1bc1a75aa693f2907e3d9618b961080bbdb544
GET /pagead2.googlesyndication.com/pagead/js/f.txt HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: text/html
Content-Length: 177
Connection: close
www.joshsway.com/pagead2.googlesyndication.com/pagead/js/f.txt
66.165.243.165500 Internal Server Error 861 B URL HTTP/1.1 www.joshsway.com/pagead2.googlesyndication.com/pagead/js/f.txt
IP 66.165.243.165:0
File type gzip compressed data, max compression\012- data
Hash 58012c99ce4611b2a56e62cd51d70a0a
7d5c52ae0c1ab75ad36c125c0cb209a893e056cf
c638e9139d8e05ecb3321b2c877789c7239068dbd57e2b554acec97315666c32
GET /pagead2.googlesyndication.com/pagead/js/f.txt HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: text/html
Content-Length: 177
Connection: close
www.joshsway.com/www.google.com/recaptcha/apid41d.js?
66.165.243.165500 Internal Server Error 723 B URL HTTP/1.1 www.joshsway.com/www.google.com/recaptcha/apid41d.js?
IP 66.165.243.165:0
File type gzip compressed data, max compression\012- data
Hash 29da5926172ed1217f14b83dee89aead
1c8f8500e959afad8adb90274afdb43704f8b1b0
63f2ca85ad1f064067a4badb942246519d5878fe446aa307cd060fb06df808cd
GET /www.google.com/recaptcha/apid41d.js? HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: text/html
Content-Length: 177
Connection: close
cdn.joshsway.com/wp-content/uploads/do_looks_matter.jpg
66.165.243.165200 OK 72 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/do_looks_matter.jpg
IP 66.165.243.165:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=2777, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS DIGITAL REBEL XT, orientation=upper-left, width=1801], comment: "Optimized by JPEGmini 3.11.4.0 0xeb72eba7", baseline, precision 8, 800x400, components 3\012- data
Hash 61da8ccda7ba87140fe7af154d640093
a71b035b62cbf0bf314c90d55cbaa553061f7a82
f85c3a8a897de90cb7da10142522ec3f603df71458af06accfe5c0937ee645b9
GET /wp-content/uploads/do_looks_matter.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 71459
Last-Modified: Mon, 30 Jul 2018 20:41:12 GMT
Connection: keep-alive
ETag: "5b5f77e8-11723"
Accept-Ranges: bytes
cdn.joshsway.com/wp-content/uploads/have_something_going_for_you.jpg
66.165.243.165200 OK 61 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/have_something_going_for_you.jpg
IP 66.165.243.165:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2013:08:30 16:12:21], comment: "Optimized by JPEGmini 3.11.4.0 0x063acf32", baseline, precision 8, 800x400, components 3\012- data
Hash 30958c73a23d46454832f96ba3db8b5d
920b543f8e2d89ecb31edccabb17d1ddcf9e4f11
cef4c4faff8a398c22394e6f66b7953bf71179203b7c6f485740559cfa85acf9
GET /wp-content/uploads/have_something_going_for_you.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 61213
Last-Modified: Mon, 30 Jul 2018 20:41:12 GMT
Connection: keep-alive
ETag: "5b5f77e8-ef1d"
Accept-Ranges: bytes
www.joshsway.com/js/app.f5e4eeda9d0519dcb4f5.js
66.165.243.165200 OK 532 kB URL HTTP/1.1 www.joshsway.com/js/app.f5e4eeda9d0519dcb4f5.js
IP 66.165.243.165:0
File type Unicode text, UTF-8 text, with very long lines (5753), with CRLF, LF line terminators
Size 532 kB (532422 bytes)
Hash 5fdd6c19614946f716b60fe485334acf
4f41421d611baa0ca4688d24a6407a86647d287f
d6ae6877b3e0091a897c67d20fd27526999db24336d3bc46e3162b74f28ed429
GET /js/app.f5e4eeda9d0519dcb4f5.js HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:07 GMT
Content-Type: application/javascript
Content-Length: 532422
Last-Modified: Thu, 30 Jun 2022 06:29:30 GMT
Connection: keep-alive
ETag: "62bd42ca-81fc6"
Accept-Ranges: bytes
cdn.joshsway.com/wp-content/uploads/dont_play_the_long_game-370x185.jpg
66.165.243.165200 OK 16 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/dont_play_the_long_game-370x185.jpg
IP 66.165.243.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 370x185, components 3\012- data
Hash 8d7f7eaf5bd4f4cd85aaa4c67ac2bcab
25df3b3713ddbb676abf362ca70f2308c2aca894
aa55cda6f2f4fbd97facf19b725e4211423327ac2842e2099fb4e350ce20e687
GET /wp-content/uploads/dont_play_the_long_game-370x185.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 16355
Last-Modified: Mon, 30 Jul 2018 20:41:12 GMT
Connection: keep-alive
ETag: "5b5f77e8-3fe3"
Accept-Ranges: bytes
cdn.joshsway.com/wp-content/uploads/the_so_moment-370x185.jpg
66.165.243.165200 OK 17 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/the_so_moment-370x185.jpg
IP 66.165.243.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 370x185, components 3\012- data
Hash 303ebd2579d6362ab69b7bc9823cd6b8
196bbe92b618b412f714c223c915bcb0b4a128cc
2d8cb80b4c36f75e33bd7cc3ad030b56c66f7ccc31e4482f29d997fc23e8a7fa
GET /wp-content/uploads/the_so_moment-370x185.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 16841
Last-Modified: Mon, 30 Jul 2018 20:41:12 GMT
Connection: keep-alive
ETag: "5b5f77e8-41c9"
Accept-Ranges: bytes
cdn.joshsway.com/wp-content/uploads/7_wingman_basics-370x185.jpg
66.165.243.165200 OK 24 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/7_wingman_basics-370x185.jpg
IP 66.165.243.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 370x185, components 3\012- data
Hash c7324d193fb0e1c1fffbd502359e8a36
58ef3015dc300e95cde1fbbc176b31ec4e7c2444
5ab699f8e8df94ab980d17f3794f160abdc852d1fab7268652421be3e41687ea
GET /wp-content/uploads/7_wingman_basics-370x185.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 23543
Last-Modified: Mon, 30 Jul 2018 20:41:11 GMT
Connection: keep-alive
ETag: "5b5f77e7-5bf7"
Accept-Ranges: bytes
cdn.joshsway.com/wp-content/uploads/break_frame_when_you_need_to-370x185.jpg
66.165.243.165200 OK 23 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/break_frame_when_you_need_to-370x185.jpg
IP 66.165.243.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 370x185, components 3\012- data
Hash d24d30d35e19c664ef45bb50dd15de0f
24ccc93b009a8a980067034f892f304c33cb1f04
964e911b5dcbab7e3e70abdc70908987af4f48937a334fc7c34ba233b54c84ea
GET /wp-content/uploads/break_frame_when_you_need_to-370x185.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 22709
Last-Modified: Mon, 30 Jul 2018 20:41:11 GMT
Connection: keep-alive
ETag: "5b5f77e7-58b5"
Accept-Ranges: bytes
www.joshsway.com/fonts/vendor/bootstrap-sass/bootstrap/glyphicons-halflings-regularc7ba.woff2?448c34a56d699c29117adc64c43affeb
66.165.243.165200 OK 18 kB URL HTTP/1.1 www.joshsway.com/fonts/vendor/bootstrap-sass/bootstrap/glyphicons-halflings-regularc7ba.woff2?448c34a56d699c29117adc64c43affeb
IP 66.165.243.165:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /fonts/vendor/bootstrap-sass/bootstrap/glyphicons-halflings-regularc7ba.woff2?448c34a56d699c29117adc64c43affeb HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.joshsway.com/css/app.7b2744f90839aaccd1b01251bb207ab4.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: font/woff2
Content-Length: 18028
Last-Modified: Thu, 30 Jun 2022 06:47:46 GMT
Connection: keep-alive
ETag: "62bd4712-466c"
Accept-Ranges: bytes
js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.joshsway.com&stripe_xdm_c=default166342&stripe_xdm_p=1
151.101.128.176200 OK 449 B URL HTTP/2 js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.joshsway.com&stripe_xdm_c=default166342&stripe_xdm_p=1
IP 151.101.128.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 250041ec585b44caf68fa5da96deddb7
6181d59d0ff064f6247ceeeea57115a7047dd0c3
cb194361f8db863c735879c44ae409a928ced752d34e3dd703c47d11bf17fcb1
GET /v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.joshsway.com&stripe_xdm_c=default166342&stripe_xdm_p=1 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 15:24:12 GMT
etag: "19af0c6cc7a0bca20a355b3362dc64a0"
content-type: text/html; charset=utf-8
cache-control: public, max-age=300
content-security-policy: report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: default-src 'self'; connect-src https://api.stripe.com; base-uri 'none'; form-action 'none'; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-M1LJiJCn3XBCZ1erCVATqpCSJ5Yd9sUrS2npRlBZ6YE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Dec 2022 09:31:08 GMT
via: 1.1 varnish
age: 79
x-request-id: a0b2053e-5a01-42f5-accf-cebbde536ab2
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
timing-allow-origin: *
content-length: 449
X-Firefox-Spdy: h2
cdn.joshsway.com/wp-content/uploads/the_importance_of_making_her_invest-370x185.jpg
66.165.243.165200 OK 11 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/the_importance_of_making_her_invest-370x185.jpg
IP 66.165.243.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 370x185, components 3\012- data
Hash 2771aa2f738c01c940b4e40c7057cfba
1ffcc46063f6ada185a62cf384887a511e099648
073446ff32c1dbe320f1a0eb7c041b82c416b904448d0fa4bf19336a71087336
GET /wp-content/uploads/the_importance_of_making_her_invest-370x185.jpg HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/jpeg
Content-Length: 11445
Last-Modified: Mon, 30 Jul 2018 20:41:12 GMT
Connection: keep-alive
ETag: "5b5f77e8-2cb5"
Accept-Ranges: bytes
www.joshsway.com/images/bar_bg9264.png?5564a524e06f60313dd6a18604023db9
66.165.243.165200 OK 5.5 kB URL HTTP/1.1 www.joshsway.com/images/bar_bg9264.png?5564a524e06f60313dd6a18604023db9
IP 66.165.243.165:0
File type PNG image data, 150 x 150, 4-bit colormap, non-interlaced\012- data
Hash 5564a524e06f60313dd6a18604023db9
c63fedd6dd9bd50f29f074ef79112007a7d72f80
232fdcef77acf3948f11a4d2ff21b561032c6a749f710e658dd6cc8861d0eac2
GET /images/bar_bg9264.png?5564a524e06f60313dd6a18604023db9 HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/css/app.7b2744f90839aaccd1b01251bb207ab4.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/png
Content-Length: 5547
Last-Modified: Thu, 30 Jun 2022 06:47:47 GMT
Connection: keep-alive
ETag: "62bd4713-15ab"
Accept-Ranges: bytes
www.joshsway.com/images/dig_bg963c.png?9aebd071c928fd5925f38f84abb82c25
66.165.243.165200 OK 698 B URL HTTP/1.1 www.joshsway.com/images/dig_bg963c.png?9aebd071c928fd5925f38f84abb82c25
IP 66.165.243.165:0
File type gzip compressed data, max compression\012- data
Hash 7e4ff9df1c5e31c5c55e41dd321ae1af
db96c9cbfddc0840a210c9c4f0ed3ffdfb18d866
5d9330c9997fedcd1decc0baf27b7257f85a719b6bde4c558bdff6bf2faddc5a
GET /images/dig_bg963c.png?9aebd071c928fd5925f38f84abb82c25 HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/css/app.7b2744f90839aaccd1b01251bb207ab4.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/png
Content-Length: 105
Last-Modified: Thu, 30 Jun 2022 06:47:47 GMT
Connection: keep-alive
ETag: "62bd4713-69"
Accept-Ranges: bytes
www.joshsway.com/fonts/vendor/font-awesome/fontawesome-webfontbb99.woff2?af7ae505a9eed503f8b8e6982036873e
66.165.243.165200 OK 77 kB URL HTTP/1.1 www.joshsway.com/fonts/vendor/font-awesome/fontawesome-webfontbb99.woff2?af7ae505a9eed503f8b8e6982036873e
IP 66.165.243.165:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fonts/vendor/font-awesome/fontawesome-webfontbb99.woff2?af7ae505a9eed503f8b8e6982036873e HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.joshsway.com/css/app.7b2744f90839aaccd1b01251bb207ab4.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: font/woff2
Content-Length: 77160
Last-Modified: Thu, 30 Jun 2022 06:47:43 GMT
Connection: keep-alive
ETag: "62bd470f-12d68"
Accept-Ranges: bytes
www.joshsway.com/twitter/
66.165.243.165403 Forbidden 153 B URL HTTP/1.1 www.joshsway.com/twitter/
IP 66.165.243.165:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5a8321b273cbbc904dc6e962f1365a6
22d53c59d24d111c840401ed79188cb97ff2471e
9797611d056ada17a20e6d849139985235485e6c2dee6eb98d63a99408b66978
POST /twitter/ HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 311
Origin: https://www.joshsway.com
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 08:46:55 GMT
expires: Fri, 09 Dec 2022 10:46:55 GMT
cache-control: public, max-age=7200
age: 2654
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.joshsway.com/wp-content/uploads/the_josh_sway_bodybuilding_guide_part_2_the_process.png
66.165.243.165200 OK 749 kB URL HTTP/1.1 cdn.joshsway.com/wp-content/uploads/the_josh_sway_bodybuilding_guide_part_2_the_process.png
IP 66.165.243.165:0
File type PNG image data, 799 x 400, 8-bit/color RGB, non-interlaced\012- data
Size 749 kB (749036 bytes)
Hash c1a8e56bcc8137c169f2b0563fabb391
a2ea51c55deefee8ee9481103968918c589914ab
614cde81db1554b20adde310ee58aa090251bd9160674100f0dda1169587ff4a
GET /wp-content/uploads/the_josh_sway_bodybuilding_guide_part_2_the_process.png HTTP/1.1
Host: cdn.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:08 GMT
Content-Type: image/png
Content-Length: 749036
Last-Modified: Mon, 30 Jul 2018 20:41:12 GMT
Connection: keep-alive
ETag: "5b5f77e8-b6dec"
Accept-Ranges: bytes
www.google-analytics.com/j/collect?v=1&_v=j98&a=1155559583&t=pageview&_s=1&dl=https%3A%2F%2Fwww.joshsway.com%2F&dr=http%3A%2F%2Fr.redirekted.com%2F&ul=en-us&de=UTF-8&dt=JoshSway.com%20%7C%20Your%20Source%20for%20Dating%2C%20Online%20Dating%2C%20Self%20Improvement%2C%20and%20more...&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1830757747&gjid=2045800938&cid=1640872022.1670578268&tid=UA-107133471-3&_gid=546396568.1670578268&_r=1>m=2oubu0&z=1350197294
142.250.74.46200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1155559583&t=pageview&_s=1&dl=https%3A%2F%2Fwww.joshsway.com%2F&dr=http%3A%2F%2Fr.redirekted.com%2F&ul=en-us&de=UTF-8&dt=JoshSway.com%20%7C%20Your%20Source%20for%20Dating%2C%20Online%20Dating%2C%20Self%20Improvement%2C%20and%20more...&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1830757747&gjid=2045800938&cid=1640872022.1670578268&tid=UA-107133471-3&_gid=546396568.1670578268&_r=1>m=2oubu0&z=1350197294
IP 142.250.74.46:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1155559583&t=pageview&_s=1&dl=https%3A%2F%2Fwww.joshsway.com%2F&dr=http%3A%2F%2Fr.redirekted.com%2F&ul=en-us&de=UTF-8&dt=JoshSway.com%20%7C%20Your%20Source%20for%20Dating%2C%20Online%20Dating%2C%20Self%20Improvement%2C%20and%20more...&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1830757747&gjid=2045800938&cid=1640872022.1670578268&tid=UA-107133471-3&_gid=546396568.1670578268&_r=1>m=2oubu0&z=1350197294 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.joshsway.com
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.joshsway.com
date: Fri, 09 Dec 2022 09:31:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.stripe.com/v2/m/outer.html
151.101.128.176200 OK 294 B URL HTTP/2 js.stripe.com/v2/m/outer.html
IP 151.101.128.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (718), with no line terminators
Hash 90b5fcea9814d15a69c3f7b341dc38b0
196dce4aa80798c164640cbdd7b613a4f06a177d
eaef54de2805f8d67227db37055046e6c21a415ec56a14458899e7d1494b8aa7
GET /v2/m/outer.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 15:37:46 GMT
etag: "51b76bd7931c50d2bf6d4c5a93d343f9"
content-type: text/html; charset=utf-8
cache-control: public, max-age=300
content-security-policy: report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: default-src 'self'; connect-src https://api.stripe.com; base-uri 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src 'self'; script-src 'self' 'sha256-SP+OklpqI9DOfk/xOSps45nYg4re2SxZVge06yn8uUQ='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Dec 2022 09:31:09 GMT
via: 1.1 varnish
age: 96
x-request-id: 7e9b5f03-e507-4e34-924d-4b5eebf05a62
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 294
X-Firefox-Spdy: h2
www.joshsway.com/img/favicon.ico
66.165.243.165200 OK 1.2 kB URL HTTP/1.1 www.joshsway.com/img/favicon.ico
IP 66.165.243.165:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f28be7f4b4ab971db6fe51e9e77d2281
9a7094fbf7c8541aa733155d245a067b6cd48173
38e7dd9267a8d950da37dc0b22912462c855ada20392ad754103149d84387b7d
GET /img/favicon.ico HTTP/1.1
Host: www.joshsway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.joshsway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Fri, 09 Dec 2022 09:31:09 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Thu, 30 Jun 2022 09:57:36 GMT
Connection: keep-alive
ETag: "62bd7390-47e"
Accept-Ranges: bytes
m.stripe.network/inner.html
151.101.128.176200 OK 527 B URL HTTP/2 m.stripe.network/inner.html
IP 151.101.128.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 09:31:09 GMT
via: 1.1 varnish
age: 214
x-request-id: 983f5cd2-b0dd-44b1-a7e5-bbf570e77c61
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 115
x-timer: S1670578269.409731,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
151.101.128.176200 OK 16 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 151.101.128.176:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 09:31:09 GMT
via: 1.1 varnish
age: 268
x-request-id: 919ef332-fdd8-4154-a865-53d62ea8dbda
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 131
x-timer: S1670578269.457369,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e9b0c7370f6c7e0e442c448d911919ea
d9eb69f0b3d4a7545e671816996191c3c27fdf44
de8132372d576ba0510dfa064fe8ee131efef95b375c5728f25692c496c4d19a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5686
Cache-Control: max-age=132393
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 09:31:10 GMT
Etag: "63924c51-1d7"
Expires: Sat, 10 Dec 2022 22:17:43 GMT
Last-Modified: Thu, 08 Dec 2022 20:42:57 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
m.stripe.com/6
52.41.227.58200 OK 156 B IP 52.41.227.58:0
File type JSON data\012- , ASCII text, with no line terminators
Hash da2abb319b96d89cbfb69d6089dcca3b
fb9cddbbc39125eabcd31172614b452e72536c4e
9395f3c664f89e0db512da26717cfccbc075a871347fe131312abe6a0bf967ff
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2552
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 09:31:10 GMT
content-length: 156
set-cookie: m=217a3d4f-2a3f-4ce8-b0a1-108272110e3d3523d3;Expires=Sun, 08-Dec-2024 09:31:10 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
m.stripe.com/6
52.41.227.58200 OK 156 B IP 52.41.227.58:0
File type JSON data\012- , ASCII text, with no line terminators
Hash da2abb319b96d89cbfb69d6089dcca3b
fb9cddbbc39125eabcd31172614b452e72536c4e
9395f3c664f89e0db512da26717cfccbc075a871347fe131312abe6a0bf967ff
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2616
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Cookie: m=217a3d4f-2a3f-4ce8-b0a1-108272110e3d3523d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 09:31:10 GMT
content-length: 156
set-cookie: m=217a3d4f-2a3f-4ce8-b0a1-108272110e3d3523d3;Expires=Sun, 08-Dec-2024 09:31:10 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
www.desktopwallpaperhd.com/wallpapers/8/1734.jpg
3.18.7.81404 Not Found 0 B URL HTTP/1.0 www.desktopwallpaperhd.com/wallpapers/8/1734.jpg
IP 3.18.7.81:0
GET /wallpapers/8/1734.jpg HTTP/1.1
Host: www.desktopwallpaperhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hazyhead2009.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest