bisnis79.blogspot.ru/2008_04_01_archive.html
172.217.21.161302 Moved Temporarily 198 B URL HTTP/1.1 bisnis79.blogspot.ru/2008_04_01_archive.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96732beb298a437211db8d416d2aeced
64e754ed534bde15333b8ac9b4dedb46d442643a
311452ccf5ebb7488708b54877bc3718b3e58e2f6339788c1158c766f43c1b25
GET /2008_04_01_archive.html HTTP/1.1
Host: bisnis79.blogspot.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://bisnis79.blogspot.com/2008_04_01_archive.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 02 Dec 2022 12:54:10 GMT
Expires: Fri, 02 Dec 2022 12:54:10 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 198
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3468
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 12:54:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8746
Expires: Fri, 02 Dec 2022 15:19:56 GMT
Date: Fri, 02 Dec 2022 12:54:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5528
Cache-Control: max-age=169753
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:10 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:03:23 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: b1aXhouQo/1nYADzwWLw9GI9+3RlPPTs0mZ8tHz24JCRJWrHhQtUcmDbt+lh52SyRkWyf5hEek4=
x-amz-request-id: 4JSHQRZV8SAQES52
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 12:46:42 GMT
age: 448
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 12:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2158
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 12:54:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bisnis79.blogspot.com/2008_04_01_archive.html
142.250.74.161200 OK 24 kB URL HTTP/1.1 bisnis79.blogspot.com/2008_04_01_archive.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11415)
Hash 6524c0b815897d00778c5a9f35e3773b
3da74c861443592cdbac915a12175cd63f56e608
51d2e326a4e81e4397402d2bce0884ed93f1bb47b067f3729d754272bbc53535
GET /2008_04_01_archive.html HTTP/1.1
Host: bisnis79.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 02 Dec 2022 12:54:10 GMT
Date: Fri, 02 Dec 2022 12:54:10 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 02 Dec 2021 11:47:42 GMT
ETag: W/"b4a4db27d7320d70c7266c867118eb9df27d9c6b11ef96fef3aa4940f8d67883"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 23740
Server: GSE
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.162200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (3577)
Hash a80acae4420178732002956bb1aa2207
3db5da7d02baf5ea49e9eeac22dc51063c6d1c02
cf0e93f23b69e9098e4e56d9958331601e5efa268ae6e0e8ec8e7f0d4621ba27
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Fri, 02 Dec 2022 12:54:10 GMT
Expires: Fri, 02 Dec 2022 12:54:10 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 8206541701523154257
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36160
X-XSS-Protection: 0
bisnis79.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 bisnis79.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: bisnis79.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/2008_04_01_archive.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 02 Dec 2022 12:54:10 GMT
Expires: Fri, 09 Dec 2022 12:54:10 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 02 Dec 2022 11:52:39 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
s7.addthis.com/js/addthis_widget.php?v=12
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/addthis_widget.php?v=12
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/addthis_widget.php?v=12 HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/addthis_widget.php
Date: Fri, 02 Dec 2022 12:54:10 GMT
Connection: keep-alive
X-Host: s7.addthis.com
s7.addthis.com/js/152/addthis_widget.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/152/addthis_widget.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/152/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/152/addthis_widget.js
Date: Fri, 02 Dec 2022 12:54:10 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
s7.addthis.com/js/addthis_widget.php
23.38.200.123200 OK 4.5 kB URL HTTP/2 s7.addthis.com/js/addthis_widget.php
IP 23.38.200.123:0
File type ASCII text, with very long lines (10751)
Hash e3619f254c15c552ae3f495e4a46f128
48bb4254c79849286f5e2af49a8e20d4a27e8611
92d71b95dec07e7e1cdb3e4ac44e9dfce5ac447e4bb5cca6273c76695e4375c2
GET /js/addthis_widget.php HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/octet-stream
last-modified: Mon, 26 Oct 2020 18:11:28 GMT
etag: "5f971150-2e59"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 4518
date: Fri, 02 Dec 2022 12:54:10 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/js/152/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/152/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/152/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116423
date: Fri, 02 Dec 2022 12:54:10 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 12:11:15 GMT
cache-control: public,max-age=3600
age: 2575
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:11 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5526
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:05 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/urchin.js
216.58.207.206200 OK 6.8 kB URL HTTP/1.1 www.google-analytics.com/urchin.js
IP 216.58.207.206:0
Hash b2a53ddd32fa730ace44acf796ced69d
248293a9e5a5a062c17517d115a4f59396db6833
d816d84a12f8cebe9ffaaca1b804894f9e46882a6719605359db2aad44afab85
GET /urchin.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 6847
Date: Thu, 01 Dec 2022 14:55:31 GMT
Expires: Thu, 15 Dec 2022 14:55:31 GMT
Cache-Control: public, max-age=1209600
Age: 79120
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 24450ed842495fb2f4ba69e1fac2d4d2
c7e7c8aa0308094c71d663a21bd9e689aeccc952
0dddf87df6f1821f08503310345aa465e0b63a4f130073e734e27e04780c4baa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 02 Dec 2022 12:54:11 GMT
expires: Fri, 02 Dec 2022 12:54:11 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 285042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:01:43 GMT
expires: Wed, 29 Nov 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/css
age: 255148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:01 GMT
expires: Tue, 06 Dec 2022 14:19:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 19:53:31 GMT
content-type: image/gif
age: 254110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh4.ggpht.com/aipdam/SJplwX_o_PI/AAAAAAAAAM8/horvthe514Y/s800/ziddu.gif
142.250.74.161200 OK 10 kB URL HTTP/1.1 lh4.ggpht.com/aipdam/SJplwX_o_PI/AAAAAAAAAM8/horvthe514Y/s800/ziddu.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 468 x 60\012- data
Hash 77d215a056ded7ff30797ef3396473ca
9c47c58384e58f6551a472df358256360179d5a3
2ce114cd6d5cf8a0313dc00367e5a4d9ff954aa585b349da5a170fb5efcb4edf
GET /aipdam/SJplwX_o_PI/AAAAAAAAAM8/horvthe514Y/s800/ziddu.gif HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v27a"
Expires: Sat, 03 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ziddu.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 12:54:11 GMT
Server: fife
Content-Length: 10524
X-XSS-Protection: 0
www.000webhost.com/images/banners/468x60/banner6.gif
104.19.185.120503 Service Temporarily Unavailable 7.0 kB URL HTTP/1.1 www.000webhost.com/images/banners/468x60/banner6.gif
IP 104.19.185.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (816)
Hash 03b4ded5ae9360920969d6c7cdd19caa
1de4eb11f3ed1256e79b9fab7d0d6a1efd865fb0
14977346a84940f6bfb2689cf2ebb48d0f0d6778800a3dbccc8480e050d2e73b
GET /images/banners/468x60/banner6.gif HTTP/1.1
Host: www.000webhost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 503 Service Temporarily Unavailable
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773435b0cd5bfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jWHBxo6+rAeQq10aIMHSwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vPM6+n0D+4bwa2wR5i0Dh7drQ8w=
www.awsurveys.com/Pictures/AWS_ad3_150by150.jpg
15.197.142.173404 Not Found 125 B URL HTTP/1.1 www.awsurveys.com/Pictures/AWS_ad3_150by150.jpg
IP 15.197.142.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 2995357b538ef792ce59b1b7cca539c4
d33d8ce38719b45d0731f075f71593351023318c
aef27e8433e35954afe1798da5bde96145b020160cc2f16b1424425253fb545b
GET /Pictures/AWS_ad3_150by150.jpg HTTP/1.1
Host: www.awsurveys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Connection: keep-alive
Server: ip-100-74-3-162.eu-west-2.compute.internal
X-Request-Id: 84383092-ae8c-40a5-9ffd-e6cd13acd729
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.162200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.162:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 09:28:37 GMT
Expires: Fri, 16 Dec 2022 09:28:37 GMT
Cache-Control: public, max-age=1209600
Age: 12334
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
www.blogblog.com/thisaway_blue/bg_body.gif
216.58.207.233200 OK 2.4 kB URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_body.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 5 x 600\012- data
Hash d223593800d9faed7f1e50e9bae72564
46b613cb0db33eefd46d339cdf20e4dc51e23ca3
5966e3b8c37de7ecbfc63e51f390f54e9d9a4d7ee1e867c792bce25ac5891bcc
GET /thisaway_blue/bg_body.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2406
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 23:31:28 GMT
Expires: Tue, 06 Dec 2022 23:31:28 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 20:52:41 GMT
Content-Type: image/gif
Age: 220963
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:47:40 GMT
expires: Wed, 29 Nov 2023 19:47:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 234391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i51.photobucket.com/albums/f369/aipdam/appfreeware-1.gif
108.157.98.117301 Moved Permanently 167 B URL HTTP/1.1 i51.photobucket.com/albums/f369/aipdam/appfreeware-1.gif
IP 108.157.98.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/f369/aipdam/appfreeware-1.gif HTTP/1.1
Host: i51.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i51.photobucket.com/albums/f369/aipdam/appfreeware-1.gif
X-Cache: Redirect from cloudfront
Via: 1.1 81ec91943089157d496f5301e8f82582.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAD56-P1
X-Amz-Cf-Id: wfVw-0pYyeyCtOAcc6PVsSK9WHDmfMoXNV9So9NqC5lofazMFnhg7Q==
Vary: Origin
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ngeblogdapetduit.com/imgs/banners/125x125.jpg
35.186.238.101200 OK 2.6 kB URL HTTP/1.1 ngeblogdapetduit.com/imgs/banners/125x125.jpg
IP 35.186.238.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /imgs/banners/125x125.jpg HTTP/1.1
Host: ngeblogdapetduit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 15 Nov 2022 08:01:55 GMT
ETag: "63734773-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_A6RoN2vGxAQZAEjxd+1ftUdu1K9jpCZTr9SPfFBa50yj55GEyvORHDzyOiy5LEpEmJrW1Ky/IKczURiGeNRzFg
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/thisaway_blue/bg_header_bottom.gif
216.58.207.233200 OK 3.3 kB URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_header_bottom.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 760 x 15\012- data
Hash f4df2a926889673c112b0da9302ecb08
452b18ac5111f33f0ad385e43ef02ee0a6903847
fcd8de2ee4210d5c783c572a2aba5e8d9a51f4e6679b954f4dca6aa86e0ae994
GET /thisaway_blue/bg_header_bottom.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 3316
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 21:08:12 GMT
Expires: Tue, 06 Dec 2022 21:08:12 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 18:54:36 GMT
Content-Type: image/gif
Age: 229559
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:11 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
www.blogblog.com/thisaway_blue/bg_header.gif
216.58.207.233200 OK 744 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_header.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 5 x 88\012- data
Hash 15554173cfd77863ef81f04f60145b0b
82d9d930399fa3b237668e8164ef4ae3f72484da
823b74584c2d4507d5a58564c10af8b60344662b463d3cca165b8feb1e743145
GET /thisaway_blue/bg_header.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 12:18:18 GMT
Expires: Tue, 06 Dec 2022 12:18:18 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 23:54:53 GMT
Content-Type: image/gif
Age: 261353
www.blogblog.com/thisaway_blue/icon_header_left.gif
216.58.207.233200 OK 400 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/icon_header_left.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 54 x 24\012- data
Hash 342616919758a95544009fccd887046c
55fff3de5143ece769c444efdd6b5669a077cf62
02c2b30cfb48ba041a4596223791fd89f205bfca44b938992760f988ec7e9075
GET /thisaway_blue/icon_header_left.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 400
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 16:04:39 GMT
Expires: Tue, 06 Dec 2022 16:04:39 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 11:51:55 GMT
Content-Type: image/gif
Age: 247772
gostats.com/js/counter.js
104.236.14.237200 OK 3.5 kB URL HTTP/1.1 gostats.com/js/counter.js
IP 104.236.14.237:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (685)
Hash a0ab976562999b9456c404a72cbac90c
9bf7dac6a2cf8cee41bc30e0afac035361f60872
65b77b3a21c4f25a41db0b9eccb1084082d8445114591a9adeaf0f5c519cfaac
GET /js/counter.js HTTP/1.1
Host: gostats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: application/javascript
Last-Modified: Tue, 09 Aug 2016 14:13:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"57a9e515-2f70"
Expires: Sun, 01 Jan 2023 12:54:11 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.blogblog.com/thisaway_blue/bg_main_wrapper.gif
216.58.207.233200 OK 163 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_main_wrapper.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 760 x 5\012- data
Hash 4003eb5fea387feb6e44d27be0284d25
49840977cdcc3911dec7d2b176e2e2a1a3a9deb8
0a50d0bd2d0a9d1252cdac3a2429d4452d0cf5fdf3910f972f78e3439e2f1a1b
GET /thisaway_blue/bg_main_wrapper.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 163
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 11:15:45 GMT
Expires: Tue, 06 Dec 2022 11:15:45 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 11:50:34 GMT
Content-Type: image/gif
Age: 265106
www.blogblog.com/thisaway_blue/bg_content.gif
216.58.207.233200 OK 1.5 kB URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_content.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 5 x 464\012- data
Hash 474f5ed1b2ca66dbff796696e67aa06a
16036b38c083b9464af1cd98ee9534591b74ad8d
3f069dc651da07bc8898f5d2812a4171a287d63d5cd39f97b5d54b17d0eaafa7
GET /thisaway_blue/bg_content.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 1509
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 09:34:27 GMT
Expires: Tue, 06 Dec 2022 09:34:27 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 06:52:50 GMT
Content-Type: image/gif
Age: 271184
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freewebsubmission.com/images/fwsbutton8.gif
74.208.47.213301 Moved Permanently 263 B URL HTTP/1.1 freewebsubmission.com/images/fwsbutton8.gif
IP 74.208.47.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 41b7956a8be13c4118dc6a5687f2d14b
6f0828daf267012bef3d9a9444bb519216c047f5
a14ba52b440bf84143f019f53d574b82304681811a43f0c454ef753f9ae6f3b8
GET /images/fwsbutton8.gif HTTP/1.1
Host: freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 12:54:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://www.freewebsubmission.com/images/fwsbutton8.gif
Content-Length: 263
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.paydotcom.com/images/paydot-120x60.gif
172.67.71.216302 Found 206 B URL HTTP/1.1 www.paydotcom.com/images/paydot-120x60.gif
IP 172.67.71.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2772937935a530e9178c3cca326be581
55731212d80e38b65c68e9b8c9f46130520e4ef8
ee96d082f978aa60ac973aa7f5a19122287f755004fef7d5d05f2d32d0e15b7f
GET /images/paydot-120x60.gif HTTP/1.1
Host: www.paydotcom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://paydotcom.com/
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dusTAqAROzDWN0zlf7S5Yri9EXY050%2BOYLAMnZgtx5BI8JltkkioIBZO%2B%2FHUS55r2bT0bBYot73NvILE5%2B097b3V6jZaC%2BKl9O4yML91vE0QL%2F5T16GqVXHpuDBbBfL3aOaN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773435b0cb1b0b02-OSL
alt-svc: h2=":443"; ma=60
aa.voice2page.com/naa_1x1.js
103.224.182.251404 Not Found 196 B URL HTTP/1.1 aa.voice2page.com/naa_1x1.js
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /naa_1x1.js HTTP/1.1
Host: aa.voice2page.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 12:54:11 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
stats.topofblogs.com/send/3489
95.217.135.78302 Found 0 B URL HTTP/1.1 stats.topofblogs.com/send/3489
IP 95.217.135.78:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /send/3489 HTTP/1.1
Host: stats.topofblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 302 Found
Server: openresty
Date: Fri, 02 Dec 2022 12:52:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://ww1.topofblogs.com/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=pub-8163893623666638&plah=bisnis79.blogspot.com
142.250.74.162200 OK 119 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=pub-8163893623666638&plah=bisnis79.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with very long lines (6148)
Size 119 kB (119174 bytes)
Hash ebfba46fbec584e60104a85b282d902e
4805386d6e1639e54d39540f42804276e0685242
393e18ed1984c728e31e5ada866ffb0ff4d6997a78a15920ea7ebf040e53de39
GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=pub-8163893623666638&plah=bisnis79.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Dec 2022 12:54:11 GMT
expires: Fri, 02 Dec 2022 12:54:11 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 12350122865156925252
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.buyblogreviews.com/sponsoredImages/sponsoredpost.gif
103.224.182.248200 OK 0 B URL HTTP/1.1 www.buyblogreviews.com/sponsoredImages/sponsoredpost.gif
IP 103.224.182.248:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sponsoredImages/sponsoredpost.gif HTTP/1.1
Host: www.buyblogreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:11 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1669985651.7659577; expires=Mon, 29-Nov-2032 12:54:11 GMT; Max-Age=315360000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=4&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
103.30.145.12301 Moved Permanently 169 B URL HTTP/1.1 adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=4&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
IP 103.30.145.12:0
ASN #46050 PT JC Indonesia
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
GET /show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=4&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
Host: adsensecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=4&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
www.clixsense.com/Ad/clixsense5.gif
104.20.158.22200 OK 6.1 kB URL HTTP/1.1 www.clixsense.com/Ad/clixsense5.gif
IP 104.20.158.22:0
File type GIF image data, version 89a, 135 x 69\012- data
Hash cf530c25d460fe4be736cbcaac43a02d
c0d72a122be0222af81cb847a01a8369a123f29f
f20cb945cd89d2b264ee387faddbac88d49e003aeff19992a53383e47bac5fde
GET /Ad/clixsense5.gif HTTP/1.1
Host: www.clixsense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: image/gif
Content-Length: 6087
Connection: keep-alive
Last-Modified: Mon, 21 Mar 2011 18:02:28 GMT
ETag: "4d8792b4-17c7"
X-Server-ID: W1-171
Cache-Control: max-age=259200
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 773435b0cfb2b4fd-OSL
adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=2&title=3D81EE&text=000000&background=cedef0&border=cedef0&url=2BA94F
103.30.145.12301 Moved Permanently 169 B URL HTTP/1.1 adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=2&title=3D81EE&text=000000&background=cedef0&border=cedef0&url=2BA94F
IP 103.30.145.12:0
ASN #46050 PT JC Indonesia
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
GET /show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=2&title=3D81EE&text=000000&background=cedef0&border=cedef0&url=2BA94F HTTP/1.1
Host: adsensecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=2&title=3D81EE&text=000000&background=cedef0&border=cedef0&url=2BA94F
i51.photobucket.com/albums/f369/aipdam/appfreeware-1.gif
108.157.98.117200 OK 14 kB URL HTTP/2 i51.photobucket.com/albums/f369/aipdam/appfreeware-1.gif
IP 108.157.98.117:0
File type GIF image data, version 87a, 80 x 15\012- data
Hash a8dba276635bc1af74c64724869bdae6
7a124d60c6544bd73504a02c054b149ee91e6a16
8986626ec870d8a846ab14cba0101dc76d56d403eb30db8e27e24f589e19e64a
GET /albums/f369/aipdam/appfreeware-1.gif HTTP/1.1
Host: i51.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 13977
date: Fri, 02 Dec 2022 12:54:11 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="appfreeware-1.gif"
expires: Sat, 02 Dec 2023 12:54:11 GMT
server: photobucket
x-amzn-trace-id: Root=1-6389f573-139b67a2194a9a855baf5c09
x-request-id: usCYwk_2klY03arWxwfBR
x-cache: Miss from cloudfront
via: 1.1 3e64b4bceb49543044d7ca6510e86e3a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD56-P1
x-amz-cf-id: _FfXzrwjU6A8z2mNMjHNqGtbvdy7em7FzdEk-RLxFmEb2DaGIaP6xg==
vary: Accept, Origin
X-Firefox-Spdy: h2
i51.photobucket.com/albums/f369/aipdam/free-ebook-1.gif
108.157.98.117200 OK 3.1 kB URL HTTP/2 i51.photobucket.com/albums/f369/aipdam/free-ebook-1.gif
IP 108.157.98.117:0
File type GIF image data, version 87a, 80 x 15\012- data
Hash 713649331b866f0448b2fd82135d4950
b941388ac5a180a60c59ff21033729b97a007aff
ec33fc24ca419b6d350b3dad72023a25b9de227b79fcacf66a80418e9a884b4c
GET /albums/f369/aipdam/free-ebook-1.gif HTTP/1.1
Host: i51.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 3127
date: Fri, 02 Dec 2022 12:54:11 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="free-ebook-1.gif"
expires: Sat, 02 Dec 2023 12:54:11 GMT
server: photobucket
x-amzn-trace-id: Root=1-6389f573-3ae320e53a801757358fad19
x-request-id: IPrYDN8b9-8EOmYTFNnB-
x-cache: Miss from cloudfront
via: 1.1 3e64b4bceb49543044d7ca6510e86e3a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD56-P1
x-amz-cf-id: ue1O5XKi3v71ylEicQd1WrF9SRqYRJQZnDM3CFYAY6IANN94zGL7NQ==
vary: Accept, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a9bdfccd1df3e323e28d92aea1077409
4625fbbbbb614755a86dabddfaf40e99b3934ba6
8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a9bdfccd1df3e323e28d92aea1077409
4625fbbbbb614755a86dabddfaf40e99b3934ba6
8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=bisnis79.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=bisnis79.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bisnis79.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 12:54:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=bisnis79.blogspot.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=bisnis79.blogspot.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bisnis79.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 12:54:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1a06d35536d2d915a51396c45615dacc
ddf981eba72a7902b6ef807044976fc9697ee9a7
076f48cb281395adbeb638271befefa289706ff9e080a916a224baab8074d64f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146953
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Etag: "6389907c-116"
Expires: Sun, 04 Dec 2022 05:43:24 GMT
Last-Modified: Fri, 02 Dec 2022 05:43:24 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 12:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.topofblogs.com/
75.2.61.216200 OK 5.9 kB IP 75.2.61.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2474)
Hash 90002372197ef95082badf292fd3565a
886e922445fbdf7ba9f0dad32cd8b4e0225a9f65
1d3687bd6361da1b4e6b5f06b9b67cc3f32172e2e32a12cd03477a47aca07e44
GET / HTTP/1.1
Host: ww1.topofblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_B6W1QtjpTCE2+ZW1H5yJQPV1c2JGpmIBCVBXOISCZiLa9WUwNlxfqkwSmtJOLyc6UbYxygouJp3ByJU3Exg4Uw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8163893623666638&output=html&h=60&slotname=4954922862&adk=2194025593&adf=1705746558&pi=t.ma~as.4954922862&w=468&lmt=1638445662&url=http%3A%2F%2Fbisnis79.blogspot.com%2F2008_04_01_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1669985649642&bpp=32&bdt=689&idt=339&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&abxe=1&correlator=1329447268052&frm=20&pv=2&ga_vid=1496674969.1669985650&ga_sid=1669985650&ga_hid=629244313&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=270&ady=123&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C44774606&oid=2&pvsid=2572780035473254&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aPUp8C4DGK&p=http%3A//bisnis79.blogspot.com&dtd=441
142.250.74.66400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8163893623666638&output=html&h=60&slotname=4954922862&adk=2194025593&adf=1705746558&pi=t.ma~as.4954922862&w=468&lmt=1638445662&url=http%3A%2F%2Fbisnis79.blogspot.com%2F2008_04_01_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1669985649642&bpp=32&bdt=689&idt=339&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&abxe=1&correlator=1329447268052&frm=20&pv=2&ga_vid=1496674969.1669985650&ga_sid=1669985650&ga_hid=629244313&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=270&ady=123&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C44774606&oid=2&pvsid=2572780035473254&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aPUp8C4DGK&p=http%3A//bisnis79.blogspot.com&dtd=441
IP 142.250.74.66:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-8163893623666638&output=html&h=60&slotname=4954922862&adk=2194025593&adf=1705746558&pi=t.ma~as.4954922862&w=468&lmt=1638445662&url=http%3A%2F%2Fbisnis79.blogspot.com%2F2008_04_01_archive.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1669985649642&bpp=32&bdt=689&idt=339&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&abxe=1&correlator=1329447268052&frm=20&pv=2&ga_vid=1496674969.1669985650&ga_sid=1669985650&ga_hid=629244313&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=270&ady=123&biw=1280&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C44774606&oid=2&pvsid=2572780035473254&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aPUp8C4DGK&p=http%3A//bisnis79.blogspot.com&dtd=441 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Dec 2022 12:54:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Dec-2022 13:09:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=1640255456517170954&zx=68d42a57-e7df-47bb-b186-1673ef75ff90
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1640255456517170954&zx=68d42a57-e7df-47bb-b186-1673ef75ff90
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1640255456517170954&zx=68d42a57-e7df-47bb-b186-1673ef75ff90 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 12:54:11 GMT
last-modified: Fri, 02 Dec 2022 12:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.muslimpromo.com/images/banner.gif
148.163.81.2404 Not Found 1.2 kB URL HTTP/1.1 www.muslimpromo.com/images/banner.gif
IP 148.163.81.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /images/banner.gif HTTP/1.1
Host: www.muslimpromo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 02 Dec 2022 12:54:13 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2257
Expires: Fri, 02 Dec 2022 13:31:49 GMT
Date: Fri, 02 Dec 2022 12:54:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2257
Expires: Fri, 02 Dec 2022 13:31:49 GMT
Date: Fri, 02 Dec 2022 12:54:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2257
Expires: Fri, 02 Dec 2022 13:31:49 GMT
Date: Fri, 02 Dec 2022 12:54:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 84736
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 24804
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 54159
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 27237
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 54022
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 54241
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea22cb0c82cc4a6d12d04dd7fced7e5
a21cd469929895d4defc8fa722409af5024ea501
9ffb4ff77724a209b2d69e4ce2b001e215e47c6cdbf6b0c039b42b6aab8f94bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FFB4FF77724A209B2D69E4CE2B001E215E47C6CDBF6B0C039B42B6AAB8F94BD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Fri, 02 Dec 2022 18:53:54 GMT
Date: Fri, 02 Dec 2022 12:54:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea22cb0c82cc4a6d12d04dd7fced7e5
a21cd469929895d4defc8fa722409af5024ea501
9ffb4ff77724a209b2d69e4ce2b001e215e47c6cdbf6b0c039b42b6aab8f94bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FFB4FF77724A209B2D69E4CE2B001E215E47C6CDBF6B0C039B42B6AAB8F94BD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1679
Expires: Fri, 02 Dec 2022 13:22:11 GMT
Date: Fri, 02 Dec 2022 12:54:12 GMT
Connection: keep-alive
www.linkreferral.com/images/linkreferal/linkbutton.gif
167.114.57.160404 Not Found 231 B URL HTTP/1.1 www.linkreferral.com/images/linkreferal/linkbutton.gif
IP 167.114.57.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 93f34028d003c9e64874abbb21743cea
5f3f41ef614e3600996158934deb0b72b48e5c6c
2d3dba476391f322c5f43acb52b82ba60d71084c773bb1524c13c6bf873015bd
GET /images/linkreferal/linkbutton.gif HTTP/1.1
Host: www.linkreferral.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 02 Dec 2022 12:54:12 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
www.bikinduit.com/b/ban2.gif
154.205.240.167200 OK 0 B URL HTTP/1.1 www.bikinduit.com/b/ban2.gif
IP 154.205.240.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ban2.gif HTTP/1.1
Host: www.bikinduit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:12 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
cfrom: img
x-powered-by: java
Server: img
Set-Cookie: PHPSESSID=pvdvb4bg5c2u4t1beaug5t46g5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=4&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
103.30.145.12200 OK 1.5 kB URL HTTP/1.1 adsensecamp.com/show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=4&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
IP 103.30.145.12:0
ASN #46050 PT JC Indonesia
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aaea43762d2b06b6546a6b1010d4ab62
8808d75c6e439ea568e1a919ef16bc2e3973873b
9a7ed4434621368471122883df6d3706a409689656a783aee5e96d6620f01faa
GET /show/?id=LWbBZcWkYak%3D&cid=xoxibs15%2BiU%3D&chan=NexZGv6aaVU%3D&type=4&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
Host: adsensecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 12:54:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=6s3pqrilv7v9q2j1ge6q3vqm97; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
affiliatesfreedom.com/images/banner.gif
52.86.6.113404 Not Found 1.6 kB URL HTTP/1.0 affiliatesfreedom.com/images/banner.gif
IP 52.86.6.113:0
Hash a00a87be4719263cef6badb41040d1fd
df394034c5135540b03af8e1a022b11f47e5fe89
3f4050cf22b728605a42d12b7fb6bde0fd84223895b227846ac7244102420d3f
GET /images/banner.gif HTTP/1.1
Host: affiliatesfreedom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:12 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b33fdd230063e8f5211ea4110b7e04f1
0f2f32d274f5f35b221702b279e042b61755ae22
bc6dfec9813ad40dcd5402d951a480249d1b8ca7921c52cb159b409db2c01419
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 09:44:16 GMT
Expires: Thu, 08 Dec 2022 09:44:15 GMT
Etag: "0f2f32d274f5f35b221702b279e042b61755ae22"
Cache-Control: max-age=506402,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773435b9b9dbb50c-OSL
www.blogblog.com/thisaway_blue/icon_date.gif
216.58.207.233200 OK 53 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/icon_date.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 10 x 10\012- data
Hash d30ceec9a06d81c1dc53e1b01234860f
2c617f305a13fa2b10d4b9d6a17f203f1c06ba70
b64f2697acd1460bf2f86c9da716525f18c9aea9d23a6c38b2bca3b23901dfae
GET /thisaway_blue/icon_date.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 53
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:20:37 GMT
Expires: Tue, 06 Dec 2022 18:20:37 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 16:53:51 GMT
Content-Type: image/gif
Age: 239615
www.blogblog.com/thisaway_blue/bg_date.gif
216.58.207.233200 OK 267 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_date.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 47 x 10\012- data
Hash 8c36928c1496e90c3e5d7bbd10113469
1a4ee38c5b840856f261deabdf4a0f53078fb09a
8f85ce18bdff7dd3c3351654968f57addb528ffbb03b74190dcf081ac6132685
GET /thisaway_blue/bg_date.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 267
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 12:53:27 GMT
Expires: Tue, 06 Dec 2022 12:53:27 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 23:54:53 GMT
Content-Type: image/gif
Age: 259245
www.blogblog.com/thisaway_blue/icon_list_item_left.gif
216.58.207.233200 OK 53 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/icon_list_item_left.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 9 x 7\012- data
Hash f96aa471f724b3bf0b4f46e636aee272
9e48f0e8c68fbce83a6715cbaade1395215b4a0f
c160308a71f8cca22c0e48d5bad2bf5836754092f803d4265c8dad31266de1b2
GET /thisaway_blue/icon_list_item_left.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 53
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 17:02:51 GMT
Expires: Wed, 07 Dec 2022 17:02:51 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 30 Nov 2022 04:52:29 GMT
Content-Type: image/gif
Age: 157881
www.blogblog.com/thisaway_blue/icon_comment.gif
216.58.207.233200 OK 58 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/icon_comment.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 10 x 9\012- data
Hash a2b41672806ace1684a6f00750068d7e
09ba2ec2f9f41c2280ec64e8d996f56b7e1f0516
e1320943ab1f22d920fd5a9bde78939abea31ba1747641d783dd6db4b05de29e
GET /thisaway_blue/icon_comment.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 58
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:20:37 GMT
Expires: Tue, 06 Dec 2022 18:20:37 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 17:52:28 GMT
Content-Type: image/gif
Age: 239616
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:13 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
www.freewebsubmission.com/images/fwsbutton8.gif
74.208.47.213200 OK 2.3 kB URL HTTP/1.1 www.freewebsubmission.com/images/fwsbutton8.gif
IP 74.208.47.213:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash b3ac0ae565cf459427e9bf586b13729f
66610307ec2eb3ae9591e44d9e4f75166e63e6cf
35f0eb6a873cc62610cf16a0b12bf7b815d6edb8e54479752a2dea0dde8f0f8d
GET /images/fwsbutton8.gif HTTP/1.1
Host: www.freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:13 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 21 Apr 2020 21:52:19 GMT
ETag: "900-5a3d40794ab1b"
Accept-Ranges: bytes
Content-Length: 2304
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:13 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:13 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
www.buyblogreviews.com/sponsoredImages/sponsoredpost.gif
103.224.182.248200 OK 0 B URL HTTP/1.1 www.buyblogreviews.com/sponsoredImages/sponsoredpost.gif
IP 103.224.182.248:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sponsoredImages/sponsoredpost.gif HTTP/1.1
Host: www.buyblogreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:13 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1669985653.3208407; expires=Mon, 29-Nov-2032 12:54:13 GMT; Max-Age=315360000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
www.buyblogreviews.com/images/blogreviews.jpg
103.224.182.248403 Forbidden 194 B URL HTTP/1.0 www.buyblogreviews.com/images/blogreviews.jpg
IP 103.224.182.248:0
ASN #133618 Trellian Pty. Limited
Hash 45505d27e4743ff78e3fe9eedacb6f45
4d017ef336bf851b169c2dec9c0270cf12f1adea
06eb9ebced4f2ce560a156fc8e7190d20132d59f8b7ae83e3b518b04ad85aff7
GET /images/blogreviews.jpg HTTP/1.1
Host: www.buyblogreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.0 403 Forbidden
Cache-Control: no-cache
Connection: close
Content-Type: text/html
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:13 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:13 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
www.blogblog.com/thisaway_blue/bg_sidebar.gif
216.58.207.233200 OK 1.1 kB URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_sidebar.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 5 x 464\012- data
Hash 5c4be1d34662632d160f612d795fa212
0b60b21c7e1df01478eb4703ed17d824a03dd0ac
662b89c60932f990f35c7bad6744923fb05d642273b5e7904dbb9a654b6e8b46
GET /thisaway_blue/bg_sidebar.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 1072
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 12:18:18 GMT
Expires: Tue, 06 Dec 2022 12:18:18 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 01:54:20 GMT
Content-Type: image/gif
Age: 261355
www.blogblog.com/thisaway_blue/bg_sidebar_arrow.gif
216.58.207.233200 OK 1.2 kB URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_sidebar_arrow.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 80 x 98\012- data
Hash d3ce896498a88a9dea835474baafba59
c3253abcd6bfe61281e30de6bcd187e8fc8e9a90
55ab1db10ea5211e2841ce9b0647870eb7a1da2e5f886bda903f98246ca6e79b
GET /thisaway_blue/bg_sidebar_arrow.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 1232
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 22:32:53 GMT
Expires: Tue, 06 Dec 2022 22:32:53 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 20:52:41 GMT
Content-Type: image/gif
Age: 224480
www.blogblog.com/thisaway_blue/icon_sidebar_heading_left.gif
216.58.207.233200 OK 155 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/icon_sidebar_heading_left.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 27 x 15\012- data
Hash dc31698d8f6467125e04c985ef46c295
e15287471aeee9be9efd326327ea96f22f1f27a2
16b32a0aa27ff30a9ade02944278be47ff5d1a28d5d6e17ca251098d808bc66e
GET /thisaway_blue/icon_sidebar_heading_left.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 155
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 21:08:12 GMT
Expires: Tue, 06 Dec 2022 21:08:12 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 18:54:36 GMT
Content-Type: image/gif
Age: 229561
www.blogblog.com/thisaway_blue/icon_list_item.gif
216.58.207.233200 OK 53 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/icon_list_item.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 9 x 7\012- data
Hash f96aa471f724b3bf0b4f46e636aee272
9e48f0e8c68fbce83a6715cbaade1395215b4a0f
c160308a71f8cca22c0e48d5bad2bf5836754092f803d4265c8dad31266de1b2
GET /thisaway_blue/icon_list_item.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 53
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 16:04:39 GMT
Expires: Tue, 06 Dec 2022 16:04:39 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 17:52:28 GMT
Content-Type: image/gif
Age: 247774
www.adspeedy.com/ppc/tayang.js
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.adspeedy.com/ppc/tayang.js
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /ppc/tayang.js HTTP/1.1
Host: www.adspeedy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 403 Forbidden
date: Fri, 02 Dec 2022 12:54:13 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
aipdam.googlepages.com/viewbanner.htm
142.250.74.83301 Moved Permanently 245 B URL HTTP/1.1 aipdam.googlepages.com/viewbanner.htm
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bb60f78b0df67e0cc1059537bb45fbdc
15cc890a5c1037e2b704aac7b2c6444a3fed18ba
1872ce90a01039433b17c06ebf03dbc8510df8e23bf2866ff3121df24d4c8985
GET /viewbanner.htm HTTP/1.1
Host: aipdam.googlepages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: http://jelangkung.site11.com/site/viewbanner.htm
Date: Fri, 02 Dec 2022 12:54:13 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 245
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.awsurveys.com/Pictures/AWS_ad3_150by150.jpg
15.197.142.173404 Not Found 125 B URL HTTP/1.1 www.awsurveys.com/Pictures/AWS_ad3_150by150.jpg
IP 15.197.142.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 2995357b538ef792ce59b1b7cca539c4
d33d8ce38719b45d0731f075f71593351023318c
aef27e8433e35954afe1798da5bde96145b020160cc2f16b1424425253fb545b
GET /Pictures/AWS_ad3_150by150.jpg HTTP/1.1
Host: www.awsurveys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 12:54:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Connection: keep-alive
Server: ip-100-74-3-162.eu-west-2.compute.internal
X-Request-Id: c7f60fbd-4057-43ce-8ce5-0bee79ec6190
www.linkreferral.com/images/linkreferal/linkbutton.gif
167.114.57.160404 Not Found 231 B URL HTTP/1.1 www.linkreferral.com/images/linkreferal/linkbutton.gif
IP 167.114.57.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 93f34028d003c9e64874abbb21743cea
5f3f41ef614e3600996158934deb0b72b48e5c6c
2d3dba476391f322c5f43acb52b82ba60d71084c773bb1524c13c6bf873015bd
GET /images/linkreferal/linkbutton.gif HTTP/1.1
Host: www.linkreferral.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 02 Dec 2022 12:54:13 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
www.paydotcom.com/images/paydot-120x60.gif
172.67.71.216302 Found 206 B URL HTTP/1.1 www.paydotcom.com/images/paydot-120x60.gif
IP 172.67.71.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2772937935a530e9178c3cca326be581
55731212d80e38b65c68e9b8c9f46130520e4ef8
ee96d082f978aa60ac973aa7f5a19122287f755004fef7d5d05f2d32d0e15b7f
GET /images/paydot-120x60.gif HTTP/1.1
Host: www.paydotcom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 12:54:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://paydotcom.com/
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgIuiOhQ9a3EzrEBKgkoLhO1R7rhz0NXo1olNszZV8RNoIBZSni%2F%2FKiqn%2Fh%2FpUii1ikUrbDYQAx22vDUX5N0LCSjTOR4prggfR7rA%2BWvL574URfxrqygnfOt3%2BnvGbyfdYnv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773435bf38420b02-OSL
alt-svc: h2=":443"; ma=60
stats.topofblogs.com/send/3489
95.217.135.78302 Found 0 B URL HTTP/1.1 stats.topofblogs.com/send/3489
IP 95.217.135.78:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /send/3489 HTTP/1.1
Host: stats.topofblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 302 Found
Server: openresty
Date: Fri, 02 Dec 2022 12:52:23 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://ww1.topofblogs.com/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
www.bikinduit.com/b/ban6.gif
154.205.240.167200 OK 0 B URL HTTP/1.1 www.bikinduit.com/b/ban6.gif
IP 154.205.240.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ban6.gif HTTP/1.1
Host: www.bikinduit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
cfrom: img
x-powered-by: java
Server: img
Set-Cookie: PHPSESSID=4mmcmkhv42s9csc821so59fho5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
ww1.topofblogs.com/
75.2.61.216200 OK 5.9 kB IP 75.2.61.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2474)
Hash c50769dfb974494492686067d179edd6
5d027d35d8fbeb82c7044be18151b7be57361fb5
a6f87fc0fb5f4c10eee6b0dfff1b0ae2c7d3e82345cd135d84fb8dd6938ca2a4
GET / HTTP/1.1
Host: ww1.topofblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_B6W1QtjpTCE2+ZW1H5yJQPV1c2JGpmIBCVBXOISCZiLa9WUwNlxfqkwSmtJOLyc6UbYxygouJp3ByJU3Exg4Uw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
jelangkung.site11.com/site/viewbanner.htm
153.92.0.100301 Moved Permanently 162 B URL HTTP/1.1 jelangkung.site11.com/site/viewbanner.htm
IP 153.92.0.100:0
ASN #204915 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /site/viewbanner.htm HTTP/1.1
Host: jelangkung.site11.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 12:54:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.000webhost.com/migrate?static=true
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
aa.voice2page.com/naa_1x1.js
103.224.182.251404 Not Found 196 B URL HTTP/1.1 aa.voice2page.com/naa_1x1.js
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /naa_1x1.js HTTP/1.1
Host: aa.voice2page.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 12:54:13 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 130a5d22c58e851f569140b2329a9f11
d6400f44b7d5ba08cd074f45d2002b66f8742080
0495f3f59298ecb6fbea5c07a166d32bc33d0ae5a8f86351d4492f56bb62ffcd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 06:29:42 GMT
Expires: Tue, 06 Dec 2022 06:29:41 GMT
Etag: "d6400f44b7d5ba08cd074f45d2002b66f8742080"
Cache-Control: max-age=321927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773435c14bf9b50c-OSL
www.blogblog.com/thisaway_blue/bg_footer_top.gif
216.58.207.233200 OK 4.1 kB URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_footer_top.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 760 x 15\012- data
Hash 8c69e47ee30ad3a97911d8889c3b2594
c1cb8a31bbce5f56cd54a7ee52d7176b7297d646
be1fc6b0cf9cdad02cd94ed3bee8898f64534d26b91f4e561a6b4af64490782a
GET /thisaway_blue/bg_footer_top.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 4069
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 08:23:33 GMT
Expires: Wed, 07 Dec 2022 08:23:33 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 30 Nov 2022 07:51:46 GMT
Content-Type: image/gif
Age: 189041
www.blogblog.com/thisaway_blue/bg_footer.gif
216.58.207.233200 OK 292 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/bg_footer.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 5 x 18\012- data
Hash 3a25c777cd57244806e9cc21047a71ba
e949cd544707640bc0be2d214e8a03dfd35b3146
008049776c3e0d89238ee5db12e28a4366454d2344081db6ae875cc076f8f379
GET /thisaway_blue/bg_footer.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:20:37 GMT
Expires: Tue, 06 Dec 2022 18:20:37 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 19:53:31 GMT
Content-Type: image/gif
Age: 239617
www.blogblog.com/thisaway_blue/icon_footer.gif
216.58.207.233200 OK 112 B URL HTTP/1.1 www.blogblog.com/thisaway_blue/icon_footer.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 27 x 11\012- data
Hash 9e2ecf9b81d508dcffc686fa31cb568c
6b62b3da77c6ab106f71174b12ccb0aeacf25ecd
1e2d01b606a74c01c52f3ee3a95faf6587a3e91aa79c87a15a6b76e9a4d752b8
GET /thisaway_blue/icon_footer.gif HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 112
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 10:59:29 GMT
Expires: Wed, 07 Dec 2022 10:59:29 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 20:52:41 GMT
Content-Type: image/gif
Age: 179685
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 130a5d22c58e851f569140b2329a9f11
d6400f44b7d5ba08cd074f45d2002b66f8742080
0495f3f59298ecb6fbea5c07a166d32bc33d0ae5a8f86351d4492f56bb62ffcd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 06:29:42 GMT
Expires: Tue, 06 Dec 2022 06:29:41 GMT
Etag: "d6400f44b7d5ba08cd074f45d2002b66f8742080"
Cache-Control: max-age=321926,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773435c1bc72b50c-OSL
ngeblogdapetduit.com/imgs/banners/125x125.jpg
35.186.238.101304 Not Modified 0 B URL HTTP/1.1 ngeblogdapetduit.com/imgs/banners/125x125.jpg
IP 35.186.238.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imgs/banners/125x125.jpg HTTP/1.1
Host: ngeblogdapetduit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
If-Modified-Since: Tue, 15 Nov 2022 08:01:55 GMT
If-None-Match: "63734773-9f7"
HTTP/1.1 304 Not Modified
Server: openresty
Date: Fri, 02 Dec 2022 12:54:14 GMT
Last-Modified: Tue, 15 Nov 2022 08:01:55 GMT
ETag: "63734773-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_A6RoN2vGxAQZAEjxd+1ftUdu1K9jpCZTr9SPfFBa50yj55GEyvORHDzyOiy5LEpEmJrW1Ky/IKczURiGeNRzFg
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Via: 1.1 google
www.alertpay.com/banners/ban_18.gif
66.212.148.115404 Not Found 431 B URL HTTP/1.1 www.alertpay.com/banners/ban_18.gif
IP 66.212.148.115:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a9e6d7e1078de475f26591721d64ff9a
b1df211ce9cad273207d4fc83899cf2d4a9f106b
a18c1d5c5b41dd8c8436db983c7e4c8901ccf9e8d5a8d71de27501d9c1dc0ebb
GET /banners/ban_18.gif HTTP/1.1
Host: www.alertpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 12:54:14 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 20 Mar 2018 17:56:44 GMT
ETag: "1af-567dbcc303971"
Accept-Ranges: bytes
Content-Length: 431
Connection: close
Content-Type: text/html
www.alertpay.com/banners/ban_26.gif
66.212.148.115404 Not Found 431 B URL HTTP/1.1 www.alertpay.com/banners/ban_26.gif
IP 66.212.148.115:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a9e6d7e1078de475f26591721d64ff9a
b1df211ce9cad273207d4fc83899cf2d4a9f106b
a18c1d5c5b41dd8c8436db983c7e4c8901ccf9e8d5a8d71de27501d9c1dc0ebb
GET /banners/ban_26.gif HTTP/1.1
Host: www.alertpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 12:54:14 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 20 Mar 2018 17:56:44 GMT
ETag: "1af-567dbcc303971"
Accept-Ranges: bytes
Content-Length: 431
Connection: close
Content-Type: text/html
www.bikinduit.com/b/ban6.gif
154.205.240.167200 OK 0 B URL HTTP/1.1 www.bikinduit.com/b/ban6.gif
IP 154.205.240.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ban6.gif HTTP/1.1
Host: www.bikinduit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:14 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
cfrom: img
x-powered-by: java
Server: img
Set-Cookie: PHPSESSID=3j90fmh2f01c5vciah7lbnd715; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
s7.addthis.com/static/r07/core201.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/static/r07/core201.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /static/r07/core201.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/static/r07/core201.js
Date: Fri, 02 Dec 2022 12:54:16 GMT
Connection: keep-alive
X-Host: s7.addthis.com
s7.addthis.com/static/r07/core201.js
23.38.200.123200 OK 77 kB URL HTTP/2 s7.addthis.com/static/r07/core201.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (32767)
Hash e68ddd913b649ef9cb97c2f975047654
7dee679b03fad0bae59610fb88776edb000debb7
313c463d3a3f9cd74e4ae00eec502367af08228872db737043c2325c97c23f3e
GET /static/r07/core201.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:28 GMT
etag: W/"5f971150-3564e"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77326
date: Fri, 02 Dec 2022 12:54:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.mybloglog.com/buzz/images/buttons/btn_c13.png
212.82.100.150301 Moved Permanently 4.4 kB URL HTTP/1.1 www.mybloglog.com/buzz/images/buttons/btn_c13.png
IP 212.82.100.150:0
ASN #34010 Yahoo! UK Services Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash d346385d77eef56915c50c5fc39c00aa
fb475db8cb5186b99810b32aea7b838a9861ab65
ed65970d080ee2ca9bdda4ceba2dc00c5f1741f1b6ae4edeb61e62004d2f6cc8
GET /buzz/images/buttons/btn_c13.png HTTP/1.1
Host: www.mybloglog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 12:54:16 GMT
Connection: keep-alive
Via: http/1.1 src3.ops.ir2.yahoo.com (ApacheTrafficServer)
Server: ATS
Cache-Control: no-store
Content-Type: text/html
Content-Language: en
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: sandbox allow-scripts; default-src 'self'; img-src https:; style-src 'unsafe-inline'; script-src 'unsafe-inline'; report-uri http://csp.yahoo.com/beacon/csp?src=redirect
Location: https://www.yahoo.com/buzz/images/buttons/btn_c13.png
Content-Length: 4407
www.mypagerank.net/services/seostats/seostats.php?s=cb4f0d58a6fc23cd4c83f2945636050d450b093ba83b&bg=FFFFFF&textcolor=000000&bordercolor=999999&indicatorcolor=5EAA5E&ugo=1&uho=1&umo=1&amo=1&upr=1&tuv=1&tpv=1&yuv=1&ypv=1&ttuv=1&ttpv=1&uonline=1&f=132738
104.21.12.69200 OK 686 B URL HTTP/1.1 www.mypagerank.net/services/seostats/seostats.php?s=cb4f0d58a6fc23cd4c83f2945636050d450b093ba83b&bg=FFFFFF&textcolor=000000&bordercolor=999999&indicatorcolor=5EAA5E&ugo=1&uho=1&umo=1&amo=1&upr=1&tuv=1&tpv=1&yuv=1&ypv=1&ttuv=1&ttpv=1&uonline=1&f=132738
IP 104.21.12.69:0
File type PNG image data, 110 x 138, 4-bit colormap, non-interlaced\012- data
Hash 86ca766b35d0066471a30bd9d5928855
dbd7611d9c73243b437dc066d758919341fc8a46
7e52954d62f85847542b01576541a9ba2123e8101c1b1d30f8f7a838964eb8f3
GET /services/seostats/seostats.php?s=cb4f0d58a6fc23cd4c83f2945636050d450b093ba83b&bg=FFFFFF&textcolor=000000&bordercolor=999999&indicatorcolor=5EAA5E&ugo=1&uho=1&umo=1&amo=1&upr=1&tuv=1&tpv=1&yuv=1&ypv=1&ttuv=1&ttpv=1&uonline=1&f=132738 HTTP/1.1
Host: www.mypagerank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:16 GMT
Content-Type: image/png
Content-Length: 686
Connection: keep-alive
Pragma: public
Expires: Mon, 26 Jul 2018 05:00:00 GMT
Cache-Control: max-age=604800
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ODoETH0aL6VnDkDM4Dd2JvgGrAeWM8UvDjs2J32RG4UZKf79inqBNIuasuyc7i6A8qbzgqxDlCKcrXroEjkBlVsQAfyjnEtfzHO9yqIwjIPuLYazQHsdLIiP7awBciSMMUh%2FRU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773435d33c7e0b45-OSL
alt-svc: h2=":443"; ma=60
bisnis79.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 bisnis79.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: bisnis79.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/2008_04_01_archive.html
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 02 Dec 2022 12:54:16 GMT
Date: Fri, 02 Dec 2022 12:54:16 GMT
Cache-Control: private, max-age=86400
Last-Modified: Thu, 02 Dec 2021 11:47:42 GMT
ETag: W/"b4a4db27d7320d70c7266c867118eb9df27d9c6b11ef96fef3aa4940f8d67883"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
s9.addthis.com/button0-bm.gif
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s9.addthis.com/button0-bm.gif
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /button0-bm.gif HTTP/1.1
Host: s9.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s9.addthis.com/button0-bm.gif
Date: Fri, 02 Dec 2022 12:54:17 GMT
Connection: keep-alive
X-Host: s9.addthis.com
images.aa.voice2page.com/1214521448-uc150x143ppp.gif
103.224.182.251200 OK 0 B URL HTTP/1.1 images.aa.voice2page.com/1214521448-uc150x143ppp.gif
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1214521448-uc150x143ppp.gif HTTP/1.1
Host: images.aa.voice2page.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 12:54:17 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1669985657.6964168; expires=Mon, 29-Nov-2032 12:54:17 GMT; Max-Age=315360000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
s9.addthis.com/button0-bm.gif
23.38.200.123200 OK 356 B URL HTTP/2 s9.addthis.com/button0-bm.gif
IP 23.38.200.123:0
File type GIF image data, version 89a, 83 x 16\012- data
Hash bc3819bc905c6178363843caddba8385
838ffe0664eca5f55539922398fa5a1f814017e2
f8ca476ee0ef4a36be8c4769765e191f1f0cadb5d65f91c9ddacb7978fcc256b
GET /button0-bm.gif HTTP/1.1
Host: s9.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/gif
content-length: 356
last-modified: Mon, 26 Oct 2020 18:11:28 GMT
etag: "5f971150-164"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 02 Dec 2022 12:54:18 GMT
x-host: s9.addthis.com
X-Firefox-Spdy: h2
www.yahoo.com/buzz/images/buttons/btn_c13.png
87.248.100.216404 Not Found 634 B URL HTTP/2 www.yahoo.com/buzz/images/buttons/btn_c13.png
IP 87.248.100.216:0
ASN #34010 Yahoo! UK Services Limited
File type HTML document text\012- HTML document, ASCII text
Hash d22fc11ef5e0d5eff6703e4d01b0ae88
add16ea2d6d1ef1016cb568b9637525b34f88e07
2180fa21320aafff6d5db968159bec33bca5e38c9e340236f8e9c9e8f7fc07dc
GET /buzz/images/buttons/btn_c13.png HTTP/1.1
Host: www.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 02 Dec 2022 12:54:18 GMT
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: private
x-content-type-options: nosniff
content-type: text/html; charset=UTF-8
x-envoy-upstream-service-time: 13
server: ATS
content-length: 634
age: 0
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage®ion=US&lang=en-US&device=desktop&yrid=4goci7phojtbq&partner=;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: A1=d=AQABBHr1iWMCEJTlAAQmYXPV9ExW2-s9Vw0&S=AQAAAnzmeKGs1V714fnakIHlAFc; Expires=Sat, 2 Dec 2023 18:54:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=Lax; Secure; HttpOnly
A3=d=AQABBHr1iWMCEJTlAAQmYXPV9ExW2-s9Vw0&S=AQAAAnzmeKGs1V714fnakIHlAFc; Expires=Sat, 2 Dec 2023 18:54:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
A1S=d=AQABBHr1iWMCEJTlAAQmYXPV9ExW2-s9Vw0&S=AQAAAnzmeKGs1V714fnakIHlAFc&j=GDPR; Domain=.yahoo.com; Path=/; SameSite=Lax; Secure
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 55172
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.buyblogreviews.com/images/blogreviews.jpg
103.224.182.248403 Forbidden 0 B URL HTTP/1.0 www.buyblogreviews.com/images/blogreviews.jpg
IP 103.224.182.248:0
ASN #133618 Trellian Pty. Limited
GET /images/blogreviews.jpg HTTP/1.1
Host: www.buyblogreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.0 403 Forbidden
Cache-Control: no-cache
Connection: close
Content-Type: text/html
www.000webhost.com/migrate?static=true
104.19.185.120403 Forbidden 0 B URL HTTP/2 www.000webhost.com/migrate?static=true
IP 104.19.185.120:0
GET /migrate?static=true HTTP/1.1
Host: www.000webhost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Fri, 02 Dec 2022 12:54:14 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 773435c19f76b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
paydotcom.com/
104.26.3.198200 OK 0 B IP 104.26.3.198:0
GET / HTTP/1.1
Host: paydotcom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bisnis79.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 12:54:12 GMT
content-type: text/html
last-modified: Thu, 03 Mar 2022 21:32:41 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5D4%2BFxLHXbrMoq9s2gfBnlM0IiH9%2Fv%2BpWvahC4o7Mf%2B5%2FHHGiQdugKSwqzI0TurgOFkfs9rjgyHLDgWumL%2FrAjmGLfxiL9FZ9U6EAc%2F0BN4CtbWhW0JS2i9%2BXctw3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773435b3ff350b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
feeds.feedburner.com/blogspot/aLXQ.1.gif
142.250.74.46200 OK 0 B URL HTTP/1.1 feeds.feedburner.com/blogspot/aLXQ.1.gif
IP 142.250.74.46:0
GET /blogspot/aLXQ.1.gif HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Sat, 26 Nov 2022 13:01:36 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 02 Dec 2022 12:54:16 GMT
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport, script-src 'nonce-El6aBSCmR4Rvou-oGbmO2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-site
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
feeds.feedburner.com/LutunyaBlogHumorIndonesia.1.gif
142.250.74.46200 OK 0 B URL HTTP/1.1 feeds.feedburner.com/LutunyaBlogHumorIndonesia.1.gif
IP 142.250.74.46:0
GET /LutunyaBlogHumorIndonesia.1.gif HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Sun, 27 Nov 2022 11:38:09 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 02 Dec 2022 12:54:16 GMT
Content-Security-Policy: script-src 'nonce-d4MBbrNy_9f2mo0-_EpeMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Resource-Policy: same-site
Cross-Origin-Opener-Policy: same-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
feeds.feedburner.com/~fc/blogspot/bisnis79?bg=99CCFF&fg=444444&anim=1&label=listeners
142.250.74.46404 Not Found 0 B URL HTTP/1.1 feeds.feedburner.com/~fc/blogspot/bisnis79?bg=99CCFF&fg=444444&anim=1&label=listeners
IP 142.250.74.46:0
GET /~fc/blogspot/bisnis79?bg=99CCFF&fg=444444&anim=1&label=listeners HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 02 Dec 2022 12:54:17 GMT
Content-Security-Policy: script-src 'nonce-z7xQ-rs4LPV7i5xgLEK7Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Report-To: {"group":"RaichuFeedServer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/RaichuFeedServer/external"}]}
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: same-origin; report-to="RaichuFeedServer"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
feeds.feedburner.com/KoleksiE-bookGratis.1.gif
142.250.74.46200 OK 0 B URL HTTP/1.1 feeds.feedburner.com/KoleksiE-bookGratis.1.gif
IP 142.250.74.46:0
GET /KoleksiE-bookGratis.1.gif HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bisnis79.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Tue, 29 Nov 2022 19:49:38 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 02 Dec 2022 12:54:17 GMT
Report-To: {"group":"RaichuFeedServer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/RaichuFeedServer/external"}]}
Cross-Origin-Resource-Policy: same-site
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: same-origin; report-to="RaichuFeedServer"
Content-Security-Policy: script-src 'nonce-76hBjnp0RwFsO0gklNFK6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff