firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: keMLQ3EUo6DENTOVrhcAxpW6vIPZPJoaI0KKotH7KDnzRPBryj1ePQ==
Age: 145084
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15747
Expires: Fri, 07 Oct 2022 12:27:49 GMT
Date: Fri, 07 Oct 2022 08:05:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11626
Expires: Fri, 07 Oct 2022 11:19:08 GMT
Date: Fri, 07 Oct 2022 08:05:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Sz6D6J1u/a1luxibzL6dnbuaTkC90t6gUZ3hhyCEUvTVDEZitYelmOQipp4HFGLoli9YqpLWSXQ=
x-amz-request-id: QMJRYCMNDHCSQR0W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 07:59:05 GMT
age: 377
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 08:05:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 07:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 08:19:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rRfXP86I5YXQ6egF2IxzdK6ZHsZUSOgf3-yj8Yw64BmPmdsLoB9xqg==
Age: 2142
kidleurdswe.blogspot.com/2015/12/blog-post_15.html
142.250.74.161200 OK 9.1 kB URL HTTP/1.1 kidleurdswe.blogspot.com/2015/12/blog-post_15.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5685)
Hash 9adfa146130f351047edb4cbdc590425
5f1ed6daad8896fed9b4066105e3827a2830e3a3
5111f6e4fa18bfdba9ca07f410de0cd557c87763bd1c0de027f63cc50aba1002
Analyzer Verdict Alert fortinet Malware
GET /2015/12/blog-post_15.html HTTP/1.1
Host: kidleurdswe.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 07 Oct 2022 08:05:23 GMT
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 02 Dec 2021 13:28:20 GMT
ETag: W/"59edcfcd2ad414ece993b434ae19eb7d8367114ee2c113d868ca643a8e105f0c"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 9143
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1937
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Last-Modified: Fri, 07 Oct 2022 07:33:06 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
kidleurdswe.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 kidleurdswe.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: kidleurdswe.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/2015/12/blog-post_15.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 07 Oct 2022 08:05:23 GMT
Expires: Fri, 14 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 07 Oct 2022 04:49:16 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 216.58.207.234:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 03 Oct 2022 16:45:44 GMT
Expires: Tue, 03 Oct 2023 16:45:44 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 314379
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash def0f2d6c644aedbb89357888764f922
fdb5fc717f50599db8785b8aa0f1875408a88793
6061b8fa8aef4bedf1f30672c7614c2913fb38b2582e46a5d7e31ec898181fa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.201200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.201:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:57:04 GMT
expires: Wed, 12 Oct 2022 19:57:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 12:00:16 GMT
content-type: image/gif
age: 130099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.201200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:35:40 GMT
expires: Thu, 05 Oct 2023 16:35:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 04 Oct 2022 18:55:46 GMT
content-type: text/css
age: 142183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/829820975-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/829820975-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash b18547f3bc01f36c7dd3a6b6082feeb0
ca60d4a2bcd171bfe918249742cfde4223f0ba00
7666d4f1e68fda03543de42ac22d422822013499d6937cc08ae884bfdef3688b
GET /static/v1/widgets/829820975-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56806
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 02:07:50 GMT
expires: Thu, 05 Oct 2023 02:07:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:52:39 GMT
content-type: text/javascript
age: 194253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Fri, 07 Oct 2022 08:05:23 GMT
expires: Fri, 07 Oct 2022 08:05:23 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/1kt/ethereal/birds-2toned-bg.png
216.58.207.201200 OK 486 B URL HTTP/1.1 www.blogblog.com/1kt/ethereal/birds-2toned-bg.png
IP 216.58.207.201:0
File type PNG image data, 1 x 1510, 8-bit/color RGB, non-interlaced\012- data
Hash 7b055918ab95f06b5238f1bef6e3cd4c
9c87a92b394f587d43d193c8c3d98fdb2532b3a6
06eb13218426e0e280cdd790ee55945334498186483cff716e090ed2b840a4e1
GET /1kt/ethereal/birds-2toned-bg.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 486
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 20:47:56 GMT
Expires: Wed, 12 Oct 2022 20:47:56 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 15:40:47 GMT
Content-Type: image/png
Age: 127047
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=3071293217402248211&zx=930774a8-b0fe-4249-ae69-a46446b787f7
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=3071293217402248211&zx=930774a8-b0fe-4249-ae69-a46446b787f7
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=3071293217402248211&zx=930774a8-b0fe-4249-ae69-a46446b787f7 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 07 Oct 2022 08:05:23 GMT
last-modified: Fri, 07 Oct 2022 08:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogblog.com/1kt/ethereal/bird-2toned-blue-fade.png
216.58.207.201200 OK 135 B URL HTTP/1.1 www.blogblog.com/1kt/ethereal/bird-2toned-blue-fade.png
IP 216.58.207.201:0
File type PNG image data, 2 x 103, 8-bit/color RGBA, non-interlaced\012- data
Hash f298020995c692cb2ce9afd9a5d6257e
f4301ab5b943f5c49f3b8fee825f157a52fc1611
4f97c4d5d5252e3495e1c998a66396d69ff1dc40e77e857bddb5106abcea6251
GET /1kt/ethereal/bird-2toned-blue-fade.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 135
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 17:40:26 GMT
Expires: Wed, 12 Oct 2022 17:40:26 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 10:47:45 GMT
Content-Type: image/png
Age: 138297
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YWddSTyQLWyTuhwQv7c9lg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y3x4QeiCqaLt4Buj599nxvh/cXs=
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
142.250.74.1301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
IP 142.250.74.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 07 Oct 2022 08:05:23 GMT
Location: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e706a7ca51cd91bb00f8e3d31b6e0005
92b4ca2e474ecc44c455bb853a3078bf5bd3ae1d
1b10c86665080657cb3711f81ea96a414aee8abff99883c23987940fe93fd73a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emuay2.blogspot.com/2015/12/blog-post_47.html
142.250.74.161200 OK 13 kB URL HTTP/1.1 emuay2.blogspot.com/2015/12/blog-post_47.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7788)
Hash 6df51aa4ff941d307ff4e254636af643
de76d73a82c464ebf40450854d65014423feabe9
8bfd1677af5979165f8a2a8c1b260a0f6db4bdaf84256f82e224b18880aea2f4
GET /2015/12/blog-post_47.html HTTP/1.1
Host: emuay2.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kidleurdswe.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 07 Oct 2022 08:05:23 GMT
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 20 Dec 2021 23:23:35 GMT
ETag: W/"750bddf5770c3ecd02ad05b1e5d5a9381d6da65f492e5fbaca36b6d4de87e993"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 13028
Server: GSE
fonts.googleapis.com/css?family=Droid+Sans:400,700
142.250.74.10200 OK 304 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Sans:400,700
IP 142.250.74.10:0
Hash 37bd97ab5d600328cee799bbc856e70f
b81303809a55a104a709773e53737aedcaec1f44
37d6bf70e3ca3db4fc2d0ce9c7f364c91fdf3d8a5ff2bb17d5d7a94d3b63e64e
GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 07 Oct 2022 08:05:23 GMT
Date: Fri, 07 Oct 2022 08:05:23 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
216.58.207.234200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 216.58.207.234:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 23:05:02 GMT
Expires: Thu, 05 Oct 2023 23:05:02 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 118821
emuay2.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 emuay2.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: emuay2.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/2015/12/blog-post_47.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 07 Oct 2022 08:05:23 GMT
Expires: Fri, 14 Oct 2022 08:05:23 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 07 Oct 2022 04:49:16 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.201200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 04:43:17 GMT
expires: Thu, 05 Oct 2023 04:43:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 04 Oct 2022 12:57:07 GMT
content-type: text/css
age: 184927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/829820975-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/829820975-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash b18547f3bc01f36c7dd3a6b6082feeb0
ca60d4a2bcd171bfe918249742cfde4223f0ba00
7666d4f1e68fda03543de42ac22d422822013499d6937cc08ae884bfdef3688b
GET /static/v1/widgets/829820975-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56806
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 02:07:50 GMT
expires: Thu, 05 Oct 2023 02:07:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:52:39 GMT
content-type: text/javascript
age: 194254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 58 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (2910)
Hash ca8848707abf99b649a1c37705ba1bed
ef61e99ae10e419ebcdb5242b46e36edc45ec57a
73b149542516b3d1db1841c303d2d3dfd183605c10cec1d89a73482ebbe10536
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 07 Oct 2022 08:05:24 GMT
Expires: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 189587225690202627
Vary: Accept-Encoding, Origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 57821
X-XSS-Protection: 0
go.onclasrv.com/apu.php?zoneid=608668
139.45.197.238302 Moved Temporarily 138 B URL HTTP/1.1 go.onclasrv.com/apu.php?zoneid=608668
IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /apu.php?zoneid=608668 HTTP/1.1
Host: go.onclasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 07 Oct 2022 08:05:24 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://cobalten.com/apu.php?zoneid=608668
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
2.bp.blogspot.com/-PW4RKp4rgI0/Vm9pa1jSBKI/AAAAAAAAVm8/zu2sSp5eGfg/s640/capture-20151215-081400.png
142.250.74.161200 OK 206 kB URL HTTP/1.1 2.bp.blogspot.com/-PW4RKp4rgI0/Vm9pa1jSBKI/AAAAAAAAVm8/zu2sSp5eGfg/s640/capture-20151215-081400.png
IP 142.250.74.161:0
File type PNG image data, 640 x 332, 8-bit/color RGB, non-interlaced\012- data
Size 206 kB (205818 bytes)
Hash c8e74597c0eee6709171516a7c7d54d4
521fbb321461e1417fedaae5005c3cfb24fab0f3
dd0a6eccf82774bd6985800b5329574353fadf4972823ec279f29102e2d409f2
GET /-PW4RKp4rgI0/Vm9pa1jSBKI/AAAAAAAAVm8/zu2sSp5eGfg/s640/capture-20151215-081400.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5670"
Expires: Sat, 08 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="capture-20151215-081400.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 08:05:24 GMT
Server: fife
Content-Length: 205818
X-XSS-Protection: 0
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
142.250.74.1200 OK 57 kB URL HTTP/2 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
IP 142.250.74.1:0
File type PNG image data, 1515 x 971, 8-bit colormap, non-interlaced\012- data
Hash eabab87f6d659ddbdd8e01d8a0d516a6
ffbf3a51b58337649b3557fe676c25150a3f8e8d
b3d5b6340eedf9eac1658e4c122c704940d652fdf5f7194b22452676f8d1465f
GET /image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kidleurdswe.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sat, 08 Oct 2022 08:05:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 08:05:24 GMT
server: fife
content-length: 57409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e706a7ca51cd91bb00f8e3d31b6e0005
92b4ca2e474ecc44c455bb853a3078bf5bd3ae1d
1b10c86665080657cb3711f81ea96a414aee8abff99883c23987940fe93fd73a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e706a7ca51cd91bb00f8e3d31b6e0005
92b4ca2e474ecc44c455bb853a3078bf5bd3ae1d
1b10c86665080657cb3711f81ea96a414aee8abff99883c23987940fe93fd73a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh4.googleusercontent.com/-nXN1liqCeps/UK97Jql20tI/AAAAAAAAEnA/ubU_BZVZZTg/s40/tail-top.gif
142.250.74.1200 OK 48 B URL HTTP/2 lh4.googleusercontent.com/-nXN1liqCeps/UK97Jql20tI/AAAAAAAAEnA/ubU_BZVZZTg/s40/tail-top.gif
IP 142.250.74.1:0
File type GIF image data, version 89a, 1 x 40\012- data
Hash 7ad256f6f14c9132974a4955891af036
587c20e9c7939c0b85df45ccbcef174f917b5d82
39165c082e5c3a4e67b5cc9dfcba8e0404e6c0452c30a77d8b4d24438872e962
GET /-nXN1liqCeps/UK97Jql20tI/AAAAAAAAEnA/ubU_BZVZZTg/s40/tail-top.gif HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="tail-top.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 48
x-xss-protection: 0
date: Fri, 07 Oct 2022 07:43:50 GMT
expires: Sat, 08 Oct 2022 03:37:28 GMT
cache-control: public, max-age=86400, no-transform
age: 1294
etag: "v185f"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh4.googleusercontent.com/-x0UzaYSChzI/UK97BzPBDbI/AAAAAAAAEk0/t2ndYUMn5j4/s400/body-pattern.gif
142.250.74.1200 OK 188 kB URL HTTP/2 lh4.googleusercontent.com/-x0UzaYSChzI/UK97BzPBDbI/AAAAAAAAEk0/t2ndYUMn5j4/s400/body-pattern.gif
IP 142.250.74.1:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 188 kB (187790 bytes)
Hash 96b23e406b1feb73a2a099407a8b3ece
9f46f0542f4ce6e5ebd46c6c3d589cf849d53450
44b9097cfdb39e86aea6796fd6f4851bba7a40f3bb34f7fdc1994db600b9c023
GET /-x0UzaYSChzI/UK97BzPBDbI/AAAAAAAAEk0/t2ndYUMn5j4/s400/body-pattern.gif HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="body-pattern.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 187790
x-xss-protection: 0
date: Fri, 07 Oct 2022 04:32:47 GMT
expires: Sat, 08 Oct 2022 04:32:47 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1a18"
content-type: image/gif
age: 12757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e706a7ca51cd91bb00f8e3d31b6e0005
92b4ca2e474ecc44c455bb853a3078bf5bd3ae1d
1b10c86665080657cb3711f81ea96a414aee8abff99883c23987940fe93fd73a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cobalten.com/apu.php?zoneid=608668
139.45.197.236403 Forbidden 7 B URL HTTP/1.1 cobalten.com/apu.php?zoneid=608668
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /apu.php?zoneid=608668 HTTP/1.1
Host: cobalten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://emuay2.blogspot.com/
Connection: keep-alive
HTTP/1.1 403 Forbidden
Server: nginx
Date: Fri, 07 Oct 2022 08:05:24 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 7
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: *
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
216.58.207.195200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22376
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 06:52:51 GMT
Expires: Thu, 05 Oct 2023 06:52:51 GMT
Cache-Control: public, max-age=31536000
Age: 177153
Last-Modified: Tue, 19 Apr 2022 18:25:01 GMT
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221003/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Fri, 07 Oct 2022 05:23:52 GMT
expires: Fri, 21 Oct 2022 05:23:52 GMT
cache-control: public, max-age=1209600
age: 9692
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5081099531190671&plah=emuay2.blogspot.com
142.250.74.66200 OK 117 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5081099531190671&plah=emuay2.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with very long lines (6002)
Size 117 kB (117214 bytes)
Hash e854267c79a9c4a798bbc166b8f4c09e
40796f6aa0a0291a9a8c2d54299e19d23c981ce4
2f3a489a4c93f43d8d663b94205fcf92c237775f54fb3884bae666bdc6974a80
GET /pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5081099531190671&plah=emuay2.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 07 Oct 2022 08:05:24 GMT
expires: Fri, 07 Oct 2022 08:05:24 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 10289917257927926677
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 117214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bnhtml.com/invoke.js
192.243.61.225200 OK 5.2 kB IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (11157), with no line terminators
Hash 06cec38f92e4c13c7125371c321a9acf
b2cbac1429c3ef53bb66f95888e1a99fc64ebe45
4af4b84547f8613135939861f8e78525556a8a4e495d9ad50f740ca34e4769bb
GET /invoke.js HTTP/1.1
Host: www.bnhtml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 08:05:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 704372bb4fb755fe778a6bb0928d0dc8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10000
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 08:05:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10000
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 08:05:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10000
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 08:05:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10000
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 08:05:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39cf77bd6009d3c538455b3846680278
ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5
792997f1f9a485ca57d274c7899e4f526476bf15ed564a8b74d248c4458b188f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9564
x-amzn-requestid: 38d87e57-3600-4e0e-bd24-a8f857800bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhkGHtZIAMFz0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f494d-21b041d97b406dea36b9f35b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DNBjRFbLHdYGd4-klRgAiRXPCq2_uOMh5LGi9udoD1c0eSVXJ6h4xw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 37266
etag: "ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1a9bad9942d25ecf711a6b2e137a270
1ac4d5e32010b78b9599d7db12c64a4f11f75c32
a4e8eb30784a461fbac9df587eb8b06c84f827d8ef6cfe5d302d45f0cbb5e3ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8325
x-amzn-requestid: c190f0ac-92e7-4d58-b70d-06c6986292c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmihDHP_oAMFc9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ad3-11f93f222ee59f8c61feb974;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Q2Tmr5IEgSZ13V6JCFu75ypdw2faw01Y7FSMZX-xp5rmmLmuuuuotw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:38:27 GMT
age: 37617
etag: "1ac4d5e32010b78b9599d7db12c64a4f11f75c32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.67.146.56200 OK 40 B URL HTTP/1.1 simplewebanalysis.com/stats
IP 3.67.146.56:0
File type ASCII text, with no line terminators
Hash 84e001cf178d7f0f8f0985e09ccf1345
57f22d4c162b37855867c086f75e8e5c16355db0
6912821153506b8e57943b7c517f70b6546898c91ef2bf88f35eee942055c2df
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 40
Connection: keep-alive
Server: fasthttp
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5814aa83-2872-474a-a5f9-9e7ace1a1f90:1:1; expires=Mon, 04 Oct 2032 08:05:24 GMT; secure; SameSite=None
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee0abd8-4ecf-437c-9675-8f3d0154f2b9.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee0abd8-4ecf-437c-9675-8f3d0154f2b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1d0226194b6ccc5e2d460745b53fb4
715224d106cc3342482c53905322d6418421f6d2
0992c3232fd28edf9a9af56c2cc7f64f9ae53a2ec0cc4fb38c2cdb468a6a5791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee0abd8-4ecf-437c-9675-8f3d0154f2b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: 2d3dc175-26a9-40a2-b629-0c8b533d5037
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhktGcloAMF0SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4951-23e7e2852fe1f11c009d4c26;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:32:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: XZZtr9fG5zlx9W9TIX5zVjqvyZ5NEeSEPqtNUhwArlhBEIdcT5unpQ==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:47 GMT
etag: "715224d106cc3342482c53905322d6418421f6d2"
content-type: image/jpeg
age: 36217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae567a6922213a56f35ddc5d5cc1d0f1
fc49df76e8625d8542b0634bfcf12b8d6cda445c
135f25c0350ad26235447cdfba53a45e5d0f9f4c07a6c1e66dd2ed4a4a487f86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9995
x-amzn-requestid: 46d789c8-c830-4003-a752-472ee853a14b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-GRZIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-5d69f864308ea18c0440203e;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: i1F72tYrdjpymITjLWOWsfF_d-uZp_aXH-TWvE491s7IOtJZArpOqA==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 37266
etag: "fc49df76e8625d8542b0634bfcf12b8d6cda445c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 37266
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg
34.120.237.76200 OK 2.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e9646987c0395eec23e32dc00954d386
5545b691aeefcd31bbc6b6cad6726234773e9d74
900a2bfbe3984db79056d38764b1986399d827a7f54d1c54d4fd3b06c7981385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2732
x-amzn-requestid: 004a85ab-b33b-4b7f-86f2-9762e6cd2f0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhkQGWgoAMF7mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f494e-473458094dc2ded55a681505;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eJltrBVIRbJ-_OUHZjw8mtfK6Ivb9C51B6lC1C11eaq_O4Psd7evRg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:46:38 GMT
age: 37126
etag: "5545b691aeefcd31bbc6b6cad6726234773e9d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bnhtml.com/invoke.js
192.243.61.225200 OK 5.2 kB IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (11157), with no line terminators
Hash 06cec38f92e4c13c7125371c321a9acf
b2cbac1429c3ef53bb66f95888e1a99fc64ebe45
4af4b84547f8613135939861f8e78525556a8a4e495d9ad50f740ca34e4769bb
GET /invoke.js HTTP/1.1
Host: www.bnhtml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 08:05:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e88a288ec090bbd9d3bf5a7dfeae3c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
3.67.146.56200 OK 40 B URL HTTP/1.1 simplewebanalysis.com/stats
IP 3.67.146.56:0
File type ASCII text, with no line terminators
Hash 588551eecb19815913e1539700af7eec
f7bde3b309c03aef785d4884f70a9241d21c14c3
e965a346b6368b8773923fba0e8f7deba5a9137efa5f3d21b9d22514e666d2f7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 40
Connection: keep-alive
Server: fasthttp
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=ce575926-2e94-4f68-95d2-fc94572aecbd:2:1; expires=Mon, 04 Oct 2032 08:05:24 GMT; secure; SameSite=None
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=emuay2.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=emuay2.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=emuay2.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 07 Oct 2022 08:05:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=emuay2.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=emuay2.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=emuay2.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 07 Oct 2022 08:05:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c1.popads.net/pop.js
185.76.9.17200 OK 9.9 kB IP 185.76.9.17:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 87f2106b2ef322202b466870df717aa2
4b7461dec21a73a4c475817b6ce3b8f58efca57c
d29a8563a37e8893a7481326f22315d57678da676c8a9599dc46785cc73a24cd
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
Last-Modified: Sun, 03 Jul 2022 20:49:14 GMT
ETag: W/"62c200ca-7b48"
Access-Control-Allow-Origin: *
X-Accel-Expires: @1665176410
Server: CDN77-Turbo
X-77-NZT: AblMCQ1aNq7/axwPAA
X-77-NZT-Ray: oV8DIKGVZVI
X-Cache: HIT
X-Age: 990315
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emuay2.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 emuay2.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: emuay2.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/2015/12/blog-post_47.html
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 07 Oct 2022 08:05:25 GMT
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: private, max-age=86400
Last-Modified: Mon, 20 Dec 2021 23:23:35 GMT
ETag: W/"750bddf5770c3ecd02ad05b1e5d5a9381d6da65f492e5fbaca36b6d4de87e993"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 36b2ebb263a694be6b81a02818e3d9e4
b73b329f15a2fc2ab0d6ea468695b3f79c27be94
e76b12ed5b195fddd74ac3f63fd2f985e22fea47c025eec8b0260b5560f9c515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.adsco.re/
104.17.167.186200 OK 26 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 4edfb467a2defe10a4b31bb9c505d29f
0edf5fe7b9e1e9f863e2cdf1bee8a38f5111d1f1
4a011fa7c7252b3f7538b62d481d211a25b8072130e49dd6a79241d85137fb0c
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Mon, 07 Nov 2022 08:05:25 GMT
ETag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1850427
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756521b19d010b51-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756521b1ad77b50b-OSL
alt-svc: h2=":443"; ma=60
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 07 Oct 2022 08:05:25 GMT
expires: Fri, 07 Oct 2022 08:05:25 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea351ff8b420672a4c6f5b7933ef252b
b553a6845c671ad63508e8003c28521ecf631a32
ec5cedcc74d1e572a3a76b6429bb160243c9dc215788d0feff892ae07dc0cbb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC5CEDCC74D1E572A3A76B6429BB160243C9DC215788D0FEFF892AE07DC0CBB5"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2995
Expires: Fri, 07 Oct 2022 08:55:20 GMT
Date: Fri, 07 Oct 2022 08:05:25 GMT
Connection: keep-alive
www.urldelivery.com/watch.674947592099.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=ce575926-2e94-4f68-95d2-fc94572aecbd%3A2%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 www.urldelivery.com/watch.674947592099.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=ce575926-2e94-4f68-95d2-fc94572aecbd%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.674947592099.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=ce575926-2e94-4f68-95d2-fc94572aecbd%3A2%3A1 HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Location: http://www.urldelivery.com/watch.674947592099.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=ce575926-2e94-4f68-95d2-fc94572aecbd%3A2%3A1&shu=3374a605a3e82fd4c5a3ebd1740b2b00bda4e4fc676ccf88140f350ea719a9079983629d2d125fc3091fc721e65137bc9c9f791428225c1310f7bb76908afdc459eda25985ebe21d2c929295dd75a584bb7427c3&pst=1665129985&rmtc=t
Set-Cookie: u_pl=34993; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjozNDk5MywiayI6ImU2NmE5ZGIyZTc3Yjg3YjI0N2UyOWIzODBiZjUwYTA2Iiwic2lkIjoiIiwiaXNpZCI6MywiYXNpZCI6MSwiemlkIjoxNTA4OCwicGlkIjo4MjM2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7ICIyOCI6ImQ4NTQ2YmFkYWM1ZjNmYmY4YjY0MjBiNzFkNjlhM2U1IiwiNDYiOiI2ZGI0NjZjOGZhNjc3YzUxNjUxNWFkMGEyNjQ1YTIzZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9lbXVheTIuYmxvZ3Nwb3QuY29tLzIwMTUvMTIvYmxvZy1wb3N0XzQ3Lmh0bWwifX0.IXUZHEzAJdcTSAuaTK-mDrCaNvniDThZS2XbY1wHQp8; expires=Fri, 07 Oct 2022 08:06:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 29f3aade30d5b0f8ffdb457f6cd0574b
Strict-Transport-Security: max-age=0; includeSubdomains
www.urldelivery.com/watch.1556837730362.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=5814aa83-2872-474a-a5f9-9e7ace1a1f90%3A1%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 www.urldelivery.com/watch.1556837730362.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=5814aa83-2872-474a-a5f9-9e7ace1a1f90%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1556837730362.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=5814aa83-2872-474a-a5f9-9e7ace1a1f90%3A1%3A1 HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Location: http://www.urldelivery.com/watch.1556837730362.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=5814aa83-2872-474a-a5f9-9e7ace1a1f90%3A1%3A1&shu=9739dfa1d0cf07875c0205450a4e37c1527fcb1966fc2f0aeaf96dca19655c45280e67513e703c6e0182a94f4dd99b3661d52f285a264f85328562105fabe4404935cc442dfbac2689e5822d596ca7cdddd12b8ed01a075f615c4fffab&pst=1665129985&rmtc=t
Set-Cookie: u_pl=34993; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjozNDk5MywiayI6ImU2NmE5ZGIyZTc3Yjg3YjI0N2UyOWIzODBiZjUwYTA2Iiwic2lkIjoiIiwiaXNpZCI6MywiYXNpZCI6MSwiemlkIjoxNTA4OCwicGlkIjo4MjM2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7ICIyOCI6ImQ4NTQ2YmFkYWM1ZjNmYmY4YjY0MjBiNzFkNjlhM2U1IiwiNDYiOiI2ZGI0NjZjOGZhNjc3YzUxNjUxNWFkMGEyNjQ1YTIzZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9lbXVheTIuYmxvZ3Nwb3QuY29tLzIwMTUvMTIvYmxvZy1wb3N0XzQ3Lmh0bWwifX0.IXUZHEzAJdcTSAuaTK-mDrCaNvniDThZS2XbY1wHQp8; expires=Fri, 07 Oct 2022 08:06:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58a5d7bba56ac280819c4e8520d94c60
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 08:05:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 4442d6063dfcea97fe745f66054cc98a
3619d492a066e26f4ba74e1133564589c2488519
ba8dd60de96a20cf2115105df292c08032370bdd1fd88883af1cb7cc9fb7f2da
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 07 Oct 2022 08:05:25 GMT
date: Fri, 07 Oct 2022 08:05:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-8aM7gisArG6aYYc3ERioJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756521b45d88b52d-OSL
alt-svc: h2=":443"; ma=60
www.urldelivery.com/watch.674947592099.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=ce575926-2e94-4f68-95d2-fc94572aecbd%3A2%3A1&shu=3374a605a3e82fd4c5a3ebd1740b2b00bda4e4fc676ccf88140f350ea719a9079983629d2d125fc3091fc721e65137bc9c9f791428225c1310f7bb76908afdc459eda25985ebe21d2c929295dd75a584bb7427c3&pst=1665129985&rmtc=t
192.243.61.227200 OK 2.1 kB URL HTTP/1.1 www.urldelivery.com/watch.674947592099.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=ce575926-2e94-4f68-95d2-fc94572aecbd%3A2%3A1&shu=3374a605a3e82fd4c5a3ebd1740b2b00bda4e4fc676ccf88140f350ea719a9079983629d2d125fc3091fc721e65137bc9c9f791428225c1310f7bb76908afdc459eda25985ebe21d2c929295dd75a584bb7427c3&pst=1665129985&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2577)
Hash 5c37aee623df424207af464dda58bf9f
bb22e5ac4e1ec7ace17874bf0d8c60d3f4a0f790
9b5c13f08ae3be2db58bb3c5070ea4c14049e09c7172f8658f1981c252f8feeb
GET /watch.674947592099.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=ce575926-2e94-4f68-95d2-fc94572aecbd%3A2%3A1&shu=3374a605a3e82fd4c5a3ebd1740b2b00bda4e4fc676ccf88140f350ea719a9079983629d2d125fc3091fc721e65137bc9c9f791428225c1310f7bb76908afdc459eda25985ebe21d2c929295dd75a584bb7427c3&pst=1665129985&rmtc=t HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Referer: http://emuay2.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=34993; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
uid_id2=ce575926-2e94-4f68-95d2-fc94572aecbd:2:1; expires=Fri, 14 Oct 2022 08:05:25 GMT; secure; SameSite=None
iprc240b22abddf93124b465d935bc98a9de=3569806; expires=Fri, 07 Oct 2022 12:05:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
uncs=1; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f098f5e33b94b87d86270afc022abdca
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.urldelivery.com/watch.1556837730362.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=5814aa83-2872-474a-a5f9-9e7ace1a1f90%3A1%3A1&shu=9739dfa1d0cf07875c0205450a4e37c1527fcb1966fc2f0aeaf96dca19655c45280e67513e703c6e0182a94f4dd99b3661d52f285a264f85328562105fabe4404935cc442dfbac2689e5822d596ca7cdddd12b8ed01a075f615c4fffab&pst=1665129985&rmtc=t
192.243.61.227200 OK 2.1 kB URL HTTP/1.1 www.urldelivery.com/watch.1556837730362.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=5814aa83-2872-474a-a5f9-9e7ace1a1f90%3A1%3A1&shu=9739dfa1d0cf07875c0205450a4e37c1527fcb1966fc2f0aeaf96dca19655c45280e67513e703c6e0182a94f4dd99b3661d52f285a264f85328562105fabe4404935cc442dfbac2689e5822d596ca7cdddd12b8ed01a075f615c4fffab&pst=1665129985&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2635)
Hash 9755dcce5f438ffd64c02393fb8a7a42
752e8bbf30892e419b4b3b8e3934870eaf528cc5
34d1c5b62b693a3f432850e0f46b8f340de0ba74947d2e0fb401e71aa070a57b
GET /watch.1556837730362.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%E0%B9%83%E0%B8%88%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B9%80%E0%B8%98%E0%B8%AD%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%84%E0%B8%AD%E0%B8%94%E0%B8%AD%E0%B8%A5%22%2C%22%E0%B8%94%E0%B8%B9%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%A5%E0%B8%B0%E0%B8%A3%E0%B8%B9%E0%B8%9B%E0%B8%8B%E0%B8%B4%E0%B9%83%E0%B8%AB%E0%B8%8D%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%82%E0%B8%99%E0%B8%B2%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%22%2C%22%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%99%E0%B9%87%E0%B8%95%E0%B9%80%E0%B8%A5%E0%B8%A2%E0%B8%8A%E0%B8%AD%E0%B8%9A%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2015%2F12%2Fblog-post_47.html&tz=0&dev=r&res=4.29&uuid=5814aa83-2872-474a-a5f9-9e7ace1a1f90%3A1%3A1&shu=9739dfa1d0cf07875c0205450a4e37c1527fcb1966fc2f0aeaf96dca19655c45280e67513e703c6e0182a94f4dd99b3661d52f285a264f85328562105fabe4404935cc442dfbac2689e5822d596ca7cdddd12b8ed01a075f615c4fffab&pst=1665129985&rmtc=t HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Referer: http://emuay2.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=34993; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
uid_id2=5814aa83-2872-474a-a5f9-9e7ace1a1f90:1:1; expires=Fri, 14 Oct 2022 08:05:25 GMT; secure; SameSite=None
iprc240b22abddf93124b465d935bc98a9de=3569806; expires=Fri, 07 Oct 2022 12:05:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
uncs=1; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 08 Oct 2022 08:05:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c034e9d8b316740ffa5108c471037de
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
giqxcid6jxdf.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 giqxcid6jxdf.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: giqxcid6jxdf.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:25 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 170 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 00545d443171a9cfd9074ecb11635459
daa1f203c730a0ad0fe7ddc49893a144ec58a6ce
b3026b1f03d4870eb50ae36d278d1a429729f9d9aa4d49249b6c5faf6cf1fb75
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 2437
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8a8eabbf786cb5a63d0f7c053d75bb4
6d27cce266bb760aafdb238a3becc6c1f3743e18
9c9d687aea40edcb5cd6108b670d0e54063243869a0303c185a59fc86a31f9bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C9D687AEA40EDCB5CD6108B670D0E54063243869A0303C185A59FC86A31F9BF"
Last-Modified: Wed, 05 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12705
Expires: Fri, 07 Oct 2022 11:37:11 GMT
Date: Fri, 07 Oct 2022 08:05:26 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 08:05:26 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sun, 09 Oct 2022 08:05:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 95e1a9a378a116b307c3159f14b084e3
393707bfe493a961eadff299bcd8b8fd74691343
6eaf3a7d50c307405cfe898cd175b52048c64043d58acb25cb6d19624d8df8ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EAF3A7D50C307405CFE898CD175B52048C64043D58ACB25CB6D19624D8DF8AB"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13057
Expires: Fri, 07 Oct 2022 11:43:03 GMT
Date: Fri, 07 Oct 2022 08:05:26 GMT
Connection: keep-alive
serve.popads.net/c?_=BAYAYz_dxQFjP93GgAGBAsAAIAI63wOBv1xM9KzcpgjILFiUdslcMwppUcX6jPjDpxBGwQBGMEQCIC9LlCFcTqaq6uhBE2hEhlYJHlCaFYDztUZ1tQ4sXzUfAiBSuKe0eMRr8E8zUUMcchdME5aUJZnyFp-mDl7Of2DhMw&v=4&siteId=644761&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=http%3A%2F%2Fkidleurdswe.blogspot.com%2F&s=1280,1024,1,1280,1024,0
216.21.13.17200 OK 1.2 kB URL HTTP/1.1 serve.popads.net/c?_=BAYAYz_dxQFjP93GgAGBAsAAIAI63wOBv1xM9KzcpgjILFiUdslcMwppUcX6jPjDpxBGwQBGMEQCIC9LlCFcTqaq6uhBE2hEhlYJHlCaFYDztUZ1tQ4sXzUfAiBSuKe0eMRr8E8zUUMcchdME5aUJZnyFp-mDl7Of2DhMw&v=4&siteId=644761&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=http%3A%2F%2Fkidleurdswe.blogspot.com%2F&s=1280,1024,1,1280,1024,0
IP 216.21.13.17:0
File type ASCII text, with very long lines (1196), with no line terminators
Hash c3630910db483f708785afc906b6aa18
e71b86db32336a33792ed493483b911390ddc3a5
8d2ca0957472189a438ce56d578c3b870ab22444ab22273970ae77f9dfbc89d1
GET /c?_=BAYAYz_dxQFjP93GgAGBAsAAIAI63wOBv1xM9KzcpgjILFiUdslcMwppUcX6jPjDpxBGwQBGMEQCIC9LlCFcTqaq6uhBE2hEhlYJHlCaFYDztUZ1tQ4sXzUfAiBSuKe0eMRr8E8zUUMcchdME5aUJZnyFp-mDl7Of2DhMw&v=4&siteId=644761&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=http%3A%2F%2Fkidleurdswe.blogspot.com%2F&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Fri, 07-Oct-2022 09:05:26 GMT; Max-Age=3600
fraudcheck=06b9eadfdf19503c125169d5d5081c39; expires=Sun, 06-Nov-2022 08:05:26 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Fri, 07-Oct-2022 14:05:26 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 1196
date: Fri, 07 Oct 2022 08:05:26 GMT
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47dabc75241a9722defc0ff44a5472c4
c3aaafacf6a4dd6c4e8714db2ed164bfdd2cf844
a33ce10c046fbf3dd5c8b2b9fad55e7aa6cb161a7a83385211c368fe4771d076
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A33CE10C046FBF3DD5C8B2B9FAD55E7AA6CB161A7A83385211C368FE4771D076"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Fri, 07 Oct 2022 09:42:48 GMT
Date: Fri, 07 Oct 2022 08:05:26 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47dabc75241a9722defc0ff44a5472c4
c3aaafacf6a4dd6c4e8714db2ed164bfdd2cf844
a33ce10c046fbf3dd5c8b2b9fad55e7aa6cb161a7a83385211c368fe4771d076
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A33CE10C046FBF3DD5C8B2B9FAD55E7AA6CB161A7A83385211C368FE4771D076"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Fri, 07 Oct 2022 09:42:48 GMT
Date: Fri, 07 Oct 2022 08:05:26 GMT
Connection: keep-alive
giqxcid6jxdf.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 giqxcid6jxdf.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: giqxcid6jxdf.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 08:05:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.patjaa.com/wp-content/uploads/2015/12/m-3-3-373x500.jpg
3.94.41.167404 Not Found 0 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2015/12/m-3-3-373x500.jpg
IP 3.94.41.167:0
GET /wp-content/uploads/2015/12/m-3-3-373x500.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
www.patjaa.com/wp-content/uploads/2015/12/m-4-3-371x500.jpg
3.94.41.167404 Not Found 0 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2015/12/m-4-3-371x500.jpg
IP 3.94.41.167:0
GET /wp-content/uploads/2015/12/m-4-3-371x500.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
www.patjaa.com/wp-content/uploads/2015/12/m-1-3-381x500.jpg
3.94.41.167404 Not Found 0 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2015/12/m-1-3-381x500.jpg
IP 3.94.41.167:0
GET /wp-content/uploads/2015/12/m-1-3-381x500.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 08:05:25 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 07 Nov 2022 08:05:25 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 1850437
vary: Accept-Encoding
server: cloudflare
cf-ray: 756521b09a64b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
free-cosmetics-online.com/favicon.ico
104.21.23.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 104.21.23.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 07 Oct 2022 08:05:26 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 149
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRrLkrkVw7C2TcnzMGBEP7V%2Bey2tu1iF9LjFuokPo3FGaDIt3qA7SvkL2oi6T66JtauK7l2%2FyqgjLaV8gVGgvkCVqOQ2nK%2F5sT6qrRfF9eHuqq%2Bb5Oq4wzg5hkZ1%2FtUSdXFCihrpnehBPhyB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 756521b79b89b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.patjaa.com/wp-content/uploads/2015/12/m-2-3-374x500.jpg
3.94.41.167404 Not Found 0 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2015/12/m-2-3-374x500.jpg
IP 3.94.41.167:0
GET /wp-content/uploads/2015/12/m-2-3-374x500.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
www.patjaa.com/wp-content/uploads/2015/12/m-16-375x500.jpg
3.94.41.167404 Not Found 0 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2015/12/m-16-375x500.jpg
IP 3.94.41.167:0
GET /wp-content/uploads/2015/12/m-16-375x500.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest