gempaqgiler.blogspot.hu/2013/11/pengawal-keselamatan-tembak-pegawai.html
142.250.74.161302 Moved Temporarily 215 B URL HTTP/1.1 gempaqgiler.blogspot.hu/2013/11/pengawal-keselamatan-tembak-pegawai.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b3acb4dc7affc1975a8062c7b4f873ea
ff9b8418dff25762edcc5f409e5884c8b3a897ea
7233ce351ee712239c5ac76a6a421e4c7c30d703e03259de69949c9fb7895b0e
Analyzer Verdict Alert fortinet Malware
GET /2013/11/pengawal-keselamatan-tembak-pegawai.html HTTP/1.1
Host: gempaqgiler.blogspot.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://gempaqgiler.blogspot.com/2013/11/pengawal-keselamatan-tembak-pegawai.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 11 Dec 2022 03:57:46 GMT
Expires: Sun, 11 Dec 2022 03:57:46 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 215
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13413
Expires: Sun, 11 Dec 2022 07:41:19 GMT
Date: Sun, 11 Dec 2022 03:57:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11089
Expires: Sun, 11 Dec 2022 07:02:35 GMT
Date: Sun, 11 Dec 2022 03:57:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7982
Expires: Sun, 11 Dec 2022 06:10:48 GMT
Date: Sun, 11 Dec 2022 03:57:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 11 Dec 2022 03:33:29 GMT
content-type: application/json
age: 1457
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wW52e30T58W6YhVdlbKArb7gqmOlFSuhb5OT2PvEyP/NlTnYssHdScAkWD8WWD5ooCMWPSy/t2k=
x-amz-request-id: 61X4DKPGN71R0JNZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 11 Dec 2022 03:49:03 GMT
age: 523
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 03:57:46 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 142.250.74.74:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 12:38:21 GMT
Expires: Thu, 07 Dec 2023 12:38:21 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 314366
w.sharethis.com/button/buttons.js
54.230.111.32301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/buttons.js
IP 54.230.111.32:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 11 Dec 2022 03:57:47 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/buttons.js
X-Cache: Redirect from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: C1ouuJwIq5PqSSrz7b8ycDsJ1_FtPlMLEJHTxLRrcK0kyaJa81Wzag==
gempaqgiler.blogspot.com/2013/11/pengawal-keselamatan-tembak-pegawai.html
142.250.74.161200 OK 32 kB URL HTTP/1.1 gempaqgiler.blogspot.com/2013/11/pengawal-keselamatan-tembak-pegawai.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (27950)
Hash f728c0e5e3608431941707c31117d110
7bf71ad927368c5470ca57d8194666e8974691e9
01d578928133e5552ebe10156f6f4f525f3be3da73b4ed63bdd91c5006a42de8
Analyzer Verdict Alert fortinet Malware
GET /2013/11/pengawal-keselamatan-tembak-pegawai.html HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 11 Dec 2022 03:57:47 GMT
Date: Sun, 11 Dec 2022 03:57:47 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 10 Dec 2022 08:59:58 GMT
ETag: W/"9a88695b37502b12c3a5487a0f777ceabee18a8482b79d947e6548767be81220"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 32441
Server: GSE
cdn.innity.net/admanager.js
23.32.97.102200 OK 3.3 kB URL HTTP/1.1 cdn.innity.net/admanager.js
IP 23.32.97.102:0
File type ASCII text, with very long lines (10252), with no line terminators
Hash 67f70474488554526256d7b6c332ab34
e4e77246c8564d7ed7983ed1b665f78a87d3d4ac
1c7447c854562f1cb49f51443725ecb7a1483cab2a5ff39382528236af20014f
GET /admanager.js HTTP/1.1
Host: cdn.innity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sat, 28 Aug 2021 09:22:10 GMT
ETag: "280c-5ca9b226f1480-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 3250
Content-Type: application/javascript
Unused62: 8096267
Cache-Control: max-age=86400
Expires: Mon, 12 Dec 2022 03:57:47 GMT
Date: Sun, 11 Dec 2022 03:57:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
w.sharethis.com/button/buttons.js
54.230.111.32200 OK 17 kB URL HTTP/2 w.sharethis.com/button/buttons.js
IP 54.230.111.32:0
File type ASCII text, with very long lines (60851), with no line terminators
Hash 6df1e6fb302d1bcb35d898105f0327de
2336688fde43d37fc38dbd842b76f728d7423034
3acec848060440ee2c01f063023d2cc0122ad46f1de910ca0738e6715a6c2e67
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 16989
cache-control: max-age=259200
content-encoding: gzip
date: Fri, 09 Dec 2022 06:55:45 GMT
etag: W/"634f1855-edb3"
expires: Mon, 12 Dec 2022 06:55:45 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HI_u4GcMFUMI99ZJtOeJI7D3F1EH9dz5uVbzVDol_bLauWYOdjzrPQ==
age: 162122
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 206711ed21519facab94fc6cf8f2e293
10502bd550eaf6c0e24cabb9a2b1f91de8372cb1
75d472a30f3e6096a935a86aad8ce760b0233fcdf33b5e22e29221a2b55401b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a7e9d9b61e2b9db5e3023443d32d4427
9d80c1ee0239e50048ad2f893b3039a523b47a61
376b28f6b5f0fb941b0365e3b6a75d072476ef557b658744064eda823d2113b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 11 Dec 2022 03:33:15 GMT
age: 1472
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 395764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1279)
Hash 327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sun, 11 Dec 2022 03:57:47 GMT
expires: Sun, 11 Dec 2022 03:57:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "34fae0e5dab49917"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 09 Dec 2022 12:51:35 GMT
content-type: text/javascript
age: 138274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/img/blogger_logo_round_35.png
216.58.207.233200 OK 2.5 kB URL HTTP/1.1 www.blogger.com/img/blogger_logo_round_35.png
IP 216.58.207.233:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2531
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 16:32:53 GMT
Expires: Tue, 13 Dec 2022 16:32:53 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 06 Dec 2022 04:51:45 GMT
Content-Type: image/png
Age: 386694
resources.blogblog.com/img/blank.gif
216.58.207.233200 OK 43 B URL HTTP/1.1 resources.blogblog.com/img/blank.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /img/blank.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 43
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 11:18:22 GMT
Expires: Tue, 13 Dec 2022 11:18:22 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 05 Dec 2022 19:52:21 GMT
Content-Type: image/gif
Age: 405565
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sun, 11 Dec 2022 03:57:47 GMT
expires: Sun, 11 Dec 2022 03:57:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-SDEN3vh-3sw/UbQo9cttyRI/AAAAAAAAMR4/C5GbqCoqzoE/s72-c/stim.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 2.bp.blogspot.com/-SDEN3vh-3sw/UbQo9cttyRI/AAAAAAAAMR4/C5GbqCoqzoE/s72-c/stim.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 187a760a69a4baff21cc2cbd68e8c8ee
353bbb6f4f40d581eb2836f98a46553b42c28eaa
6679e450549c9b7b8a58a5ab1cfcb9f1d24aed20674c262436ed19892476b34e
GET /-SDEN3vh-3sw/UbQo9cttyRI/AAAAAAAAMR4/C5GbqCoqzoE/s72-c/stim.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="stim.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3496
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:08 GMT
Expires: Mon, 05 Dec 2022 11:44:32 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 2019
ETag: "v311f"
Content-Type: image/jpeg
gempaqgiler.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 gempaqgiler.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/2013/11/pengawal-keselamatan-tembak-pegawai.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 10 Dec 2022 20:09:28 GMT
Expires: Sat, 17 Dec 2022 20:09:28 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 10 Dec 2022 17:49:47 GMT
Content-Type: text/javascript
Age: 28099
1.bp.blogspot.com/-5k56afKkkfg/UlaYuppH10I/AAAAAAAAQTI/kJ3RZ-UJZbY/s72-c/gmb.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/1.1 1.bp.blogspot.com/-5k56afKkkfg/UlaYuppH10I/AAAAAAAAQTI/kJ3RZ-UJZbY/s72-c/gmb.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d3f3bd9d171c558aaa48a15347612f4
a644724fb3d742f1b10651c6a8c1b7ba84074d63
eb3302d64a055403b1190c05cf842803c78321998aae375782f807a27d2c287e
GET /-5k56afKkkfg/UlaYuppH10I/AAAAAAAAQTI/kJ3RZ-UJZbY/s72-c/gmb.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gmb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2617
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:08 GMT
Expires: Mon, 12 Dec 2022 03:24:08 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4133"
Content-Type: image/jpeg
Age: 2019
2.bp.blogspot.com/-nrN-cIIpkVc/UA3TY0ljAqI/AAAAAAAACkk/eFi418P6ocs/s72-c/air-mani.jpg
142.250.74.161200 OK 3.9 kB URL HTTP/1.1 2.bp.blogspot.com/-nrN-cIIpkVc/UA3TY0ljAqI/AAAAAAAACkk/eFi418P6ocs/s72-c/air-mani.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 64d4165bc1719cc50f2f3605974d0ea7
cfd98db515937351114b510f2de0bb2abd054131
2a53b30f6f67d6df12929a8f27d0d0ec6555f0c226d3fda30c7a592691f687db
GET /-nrN-cIIpkVc/UA3TY0ljAqI/AAAAAAAACkk/eFi418P6ocs/s72-c/air-mani.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="air-mani.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3854
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:08 GMT
Expires: Mon, 05 Dec 2022 11:44:33 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 2019
ETag: "va49"
Content-Type: image/jpeg
3.bp.blogspot.com/-yzLOvQY4qT8/UeiD5N-g4NI/AAAAAAAAOFs/nUwuIHwK-SE/s72-c/gt.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/1.1 3.bp.blogspot.com/-yzLOvQY4qT8/UeiD5N-g4NI/AAAAAAAAOFs/nUwuIHwK-SE/s72-c/gt.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 2032b56901163ea8f34a7a773ba8cfec
40bc352161f8b570903f64bb6f77b55e84629839
1c2f88284fea38d1ebfddf67d553f90317dd88719b326e4fdbb30462448c385c
GET /-yzLOvQY4qT8/UeiD5N-g4NI/AAAAAAAAOFs/nUwuIHwK-SE/s72-c/gt.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gt.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3420
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:07 GMT
Expires: Mon, 12 Dec 2022 03:24:07 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v385c"
Content-Type: image/jpeg
Age: 2020
1.bp.blogspot.com/-pqlbaG1yKak/U27dHeAEeWI/AAAAAAAAUWM/_EZHMnxlV_Y/s72-c/rogol+di+stesyen+minyak.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/1.1 1.bp.blogspot.com/-pqlbaG1yKak/U27dHeAEeWI/AAAAAAAAUWM/_EZHMnxlV_Y/s72-c/rogol+di+stesyen+minyak.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e4b6359c29cebcdf0ac6c35db41071a0
269f3c586a3208edad1d0774d9a96fce6208a5c4
e1d85560f88693d5dd856fe4dbd69933b6acad8969ec7f8576a2bcfc8319ede8
GET /-pqlbaG1yKak/U27dHeAEeWI/AAAAAAAAUWM/_EZHMnxlV_Y/s72-c/rogol+di+stesyen+minyak.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rogol di stesyen minyak.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3435
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:08 GMT
Expires: Mon, 12 Dec 2022 03:24:08 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5164"
Content-Type: image/jpeg
Age: 2019
2.bp.blogspot.com/-PWj-ApK0zxg/UlKW9Uj2jvI/AAAAAAAAQKk/r6EdNgFpwbc/s72-c/doktor+ani.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 2.bp.blogspot.com/-PWj-ApK0zxg/UlKW9Uj2jvI/AAAAAAAAQKk/r6EdNgFpwbc/s72-c/doktor+ani.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash de50d1dd0e89f2a112919529fd702752
4b7d3fdfe5f13f913ea147ff0c04d5d55029498d
72300702c233f10161f3645ed2e9703dd4b88436908014d569bfb04fb00071d7
GET /-PWj-ApK0zxg/UlKW9Uj2jvI/AAAAAAAAQKk/r6EdNgFpwbc/s72-c/doktor+ani.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="doktor ani.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3308
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:08 GMT
Expires: Mon, 12 Dec 2022 03:24:08 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v40aa"
Content-Type: image/jpeg
Age: 2019
3.bp.blogspot.com/-z8XDHu8-TJQ/U2DmqdfWUHI/AAAAAAAAT_0/1iTJciRg1_E/s72-c/mainn.JPG
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 3.bp.blogspot.com/-z8XDHu8-TJQ/U2DmqdfWUHI/AAAAAAAAT_0/1iTJciRg1_E/s72-c/mainn.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8f36a1577f49c96c38d561823f94c0a0
0cae48ae752a6f4d83bae0e47937382204373a2e
8b1c4be21c4fe0922762d2462f5e8a9c1c5a0f258414652bf17a053d278bfa8d
GET /-z8XDHu8-TJQ/U2DmqdfWUHI/AAAAAAAAT_0/1iTJciRg1_E/s72-c/mainn.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="mainn.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2899
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:08 GMT
Expires: Mon, 12 Dec 2022 03:24:08 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4ffe"
Content-Type: image/jpeg
Age: 2019
www.blogger.com/static/v1/widgets/2092647672-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 265622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-x7eZlraCkGw/U1I0uUl9iII/AAAAAAAATos/rRom9lhyKLY/s72-c/sgt.JPG
142.250.74.161200 OK 3.1 kB URL HTTP/1.1 1.bp.blogspot.com/-x7eZlraCkGw/U1I0uUl9iII/AAAAAAAATos/rRom9lhyKLY/s72-c/sgt.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 901d20a054bd12aef91f6b03f19dce22
93e8c69a0c0830d056b9dc4a3f70152434a925d5
9744e0ece19c3948aa776091c066e2eef86e2535288ffb409320b0a34972fe42
GET /-x7eZlraCkGw/U1I0uUl9iII/AAAAAAAATos/rRom9lhyKLY/s72-c/sgt.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sgt.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3141
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:07 GMT
Expires: Mon, 12 Dec 2022 03:24:07 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4e8c"
Content-Type: image/jpeg
Age: 2020
1.bp.blogspot.com/-Dr4ghM5MgfE/UcuG1BVyyUI/AAAAAAAAM8s/-_Zc5Lw60hc/s72-c/bayi+kembar.jpg
142.250.74.161200 OK 4.7 kB URL HTTP/1.1 1.bp.blogspot.com/-Dr4ghM5MgfE/UcuG1BVyyUI/AAAAAAAAM8s/-_Zc5Lw60hc/s72-c/bayi+kembar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 40de9679f9b2fa6f430534720ed0adbc
a08d5584507fc3258b4064e26544560976b2f8f9
d3022ca45fefc6821f44cf8d3572bad9bb7936ed649a66044d3dd9cef7bafd68
GET /-Dr4ghM5MgfE/UcuG1BVyyUI/AAAAAAAAM8s/-_Zc5Lw60hc/s72-c/bayi+kembar.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bayi kembar.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4674
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:08 GMT
Expires: Thu, 08 Dec 2022 07:39:03 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 2019
ETag: "v33cc"
Content-Type: image/jpeg
2.bp.blogspot.com/-wbEFCWCuLT0/UiFd4XCvruI/AAAAAAAAPNc/6uUA5sdNEpQ/s72-c/doktor+gtl.JPG
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 2.bp.blogspot.com/-wbEFCWCuLT0/UiFd4XCvruI/AAAAAAAAPNc/6uUA5sdNEpQ/s72-c/doktor+gtl.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash da2e9832bba485626cce224fc35d9582
7dc0e557299885542601228093079ee4c649536a
edc2a3dcd609a1867326777b6a292f529073e13084cb6a8b525d9ce4de985b5d
GET /-wbEFCWCuLT0/UiFd4XCvruI/AAAAAAAAPNc/6uUA5sdNEpQ/s72-c/doktor+gtl.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="doktor gtl.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3825
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:24:07 GMT
Expires: Mon, 12 Dec 2022 03:24:07 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3cd8"
Content-Type: image/jpeg
Age: 2020
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.46200 OK 149 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.46:0
File type ASCII text, with very long lines (580)
Size 149 kB (148970 bytes)
Hash 3890ab0a78427be244a5919961d77449
8a3c4fca53c2c41d818ae09c075dceddf0127280
571d15e85825e4183d95663c917a6a7911346b2915ce796cff3ffba121474a58
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 148970
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 11:00:45 GMT
expires: Sat, 09 Dec 2023 11:00:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 147422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (4885)
Hash 0a9d04851ee7b68ba4adf622ee0d7c7a
bca77dd860656f8178d1c487c8ccc0953d30c212
574f49d50e1b812cdc27dc6eec71adc7a7b4b3deeb494cd9d43d59600658c0ac
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sun, 11 Dec 2022 03:57:47 GMT
Expires: Sun, 11 Dec 2022 03:57:47 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 14144174982459615811
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52057
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a7e9d9b61e2b9db5e3023443d32d4427
9d80c1ee0239e50048ad2f893b3039a523b47a61
376b28f6b5f0fb941b0365e3b6a75d072476ef557b658744064eda823d2113b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5117
Cache-Control: max-age=110060
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:47 GMT
Etag: "63944c2a-1d7"
Expires: Mon, 12 Dec 2022 10:32:07 GMT
Last-Modified: Sat, 10 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
2.bp.blogspot.com/-3tX4uKXVG40/UCLjjLW1TyI/AAAAAAAAAu0/iqkFd5F9Oxg/s1600/m.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 2.bp.blogspot.com/-3tX4uKXVG40/UCLjjLW1TyI/AAAAAAAAAu0/iqkFd5F9Oxg/s1600/m.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-3tX4uKXVG40/UCLjjLW1TyI/AAAAAAAAAu0/iqkFd5F9Oxg/s1600/m.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:47 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
3.bp.blogspot.com/-qcqxuwepuw8/T7Ts0Iso9VI/AAAAAAAAAkg/oGskZqNwrZY/s1600/search_icon.gif
142.250.74.161404 Not Found 832 B URL HTTP/1.1 3.bp.blogspot.com/-qcqxuwepuw8/T7Ts0Iso9VI/AAAAAAAAAkg/oGskZqNwrZY/s1600/search_icon.gif
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-qcqxuwepuw8/T7Ts0Iso9VI/AAAAAAAAAkg/oGskZqNwrZY/s1600/search_icon.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:47 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
gempaqgiler.blogspot.com/feeds/posts/default/-/info%20semasa?alt=json-in-script&callback=relpostimgcuplik&max-results=50
142.250.74.161200 OK 50 kB URL HTTP/1.1 gempaqgiler.blogspot.com/feeds/posts/default/-/info%20semasa?alt=json-in-script&callback=relpostimgcuplik&max-results=50
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (65362)
Hash f7083732156341d8b31db4a50b1a12e0
a187da4ef9b1814af1c792c46b9693303d37b46e
d5d864ac8d39bcda54407096951e6acb0f035e4467b51924a8ab88babe5d52ca
GET /feeds/posts/default/-/info%20semasa?alt=json-in-script&callback=relpostimgcuplik&max-results=50 HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/2013/11/pengawal-keselamatan-tembak-pegawai.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"2e4d8301660bde3ec4e2d288e17f4982f028f48718fa9938e19b2853160211b7"
Date: Sun, 11 Dec 2022 03:57:47 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Sat, 10 Dec 2022 08:59:58 GMT
Content-Encoding: gzip
Content-Length: 50147
X-Frame-Options: SAMEORIGIN
blogmalaya.com/button/21c210cef37a05437cddbe1432299ad3.png
209.59.191.64301 Moved Permanently 251 B URL HTTP/1.1 blogmalaya.com/button/21c210cef37a05437cddbe1432299ad3.png
IP 209.59.191.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ded8c175bed627035ddb79fdafa8f23a
dfaa2f6b9b41c47757ca5808a0d1a9ebb1eea342
ece74dacb8d7324a71c88411adee2e85da1233f98a6ba78deb2b43ac772fa079
GET /button/21c210cef37a05437cddbe1432299ad3.png HTTP/1.1
Host: blogmalaya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Dec 2022 03:57:47 GMT
Server: Apache
Location: https://www.diveglobal.com/travel/malaysia/
Cache-Control: max-age=600
Expires: Sun, 11 Dec 2022 04:07:47 GMT
Content-Length: 251
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
4.bp.blogspot.com/-MWxfWNVbvqM/Un7rP2lXCDI/AAAAAAAAQj8/Hl5TrZHXQBQ/s320/dt.jpg
142.250.74.161200 OK 34 kB URL HTTP/1.1 4.bp.blogspot.com/-MWxfWNVbvqM/Un7rP2lXCDI/AAAAAAAAQj8/Hl5TrZHXQBQ/s320/dt.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 278x320, components 3\012- data
Hash 506c000b1211dd1ed684ddfd5641b860
fb0de16c15246fba2f78c4a42f6a2fdaeccba1ff
cf0b29e8c8ced4d550001cfc0b1a62ada72db489c8a489b4efa7f6034093fd4e
GET /-MWxfWNVbvqM/Un7rP2lXCDI/AAAAAAAAQj8/Hl5TrZHXQBQ/s320/dt.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4240"
Expires: Mon, 12 Dec 2022 03:57:47 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dt.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:47 GMT
Server: fife
Content-Length: 34152
X-XSS-Protection: 0
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CEi/EmeaBM4sabcQj+6iXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vCP8d9EleNkJ61hhhCWgkVaAHpk=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7e1a1161b9d75b0136416d9612633e30
dab0b00da82bd324a77e2b2276fb2b4b03a07441
90bad2231a959edfa0bc16af2c48e7c08399f85af68e3a11c83151cf441abf36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99902
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:47 GMT
Etag: "63943879-116"
Expires: Mon, 12 Dec 2022 07:42:49 GMT
Last-Modified: Sat, 10 Dec 2022 07:42:49 GMT
Server: nginx
Content-Length: 278
www.diveglobal.com/travel/malaysia/
104.21.57.41200 OK 11 kB URL HTTP/2 www.diveglobal.com/travel/malaysia/
IP 104.21.57.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4537), with CRLF, LF line terminators
Hash d006d63e450b2b338311cd8563204eba
15a5d021c4a34afe295d1a8c1cb1964f0d8a02d5
3535bceb18e811c1bc23f4e9134a3b34786668e640911d38a3032ea1a2259546
GET /travel/malaysia/ HTTP/1.1
Host: www.diveglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 03:57:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.37
link: <https://www.diveglobal.com/wp-json/>; rel="https://api.w.org/", <https://www.diveglobal.com/?p=286>; rel=shortlink
vary: Accept-Encoding,User-Agent
cache-control: max-age=86400
cf-cache-status: HIT
age: 2014
last-modified: Sun, 11 Dec 2022 03:24:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LLnVqlLx7fmAvuYZBPHh2%2BnoWZVtoj%2BlRn6BhKpC6PC5QGHLQxoTJUsJIlvIwGQTMp9lHPClHDrfSE%2FY02FvgpPGiWBe%2F827UkNhE7nWkDVGQfbA1YMi6df%2FnK9pORV1HcfbLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777b4c560ea7b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.carimember.com/banner.png
85.208.116.194404 Not Found 4.8 kB URL HTTP/1.1 www.carimember.com/banner.png
IP 85.208.116.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 003039d2127216ae418bc159c62ca04c
9337fef90450d22340a9f661ac74617c70767f50
da1a604a8ed97cbe9feab8c1001a066083c34a6f95877dbbfbae6c21f973d8bd
GET /banner.png HTTP/1.1
Host: www.carimember.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Date: Sun, 11 Dec 2022 03:57:47 GMT
Content-Length: 4837
as.innity.com/synd/?cb=1670731066109&ver=1&pub=ae3539867aaeec609a4260c6feb725f4&zone=37711&output=js&flash=0&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&width=300&height=250&vpw=1268&vph=939&auction=cff45da8-4c6176a
119.81.192.141200 OK 0 B URL HTTP/1.1 as.innity.com/synd/?cb=1670731066109&ver=1&pub=ae3539867aaeec609a4260c6feb725f4&zone=37711&output=js&flash=0&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&width=300&height=250&vpw=1268&vph=939&auction=cff45da8-4c6176a
IP 119.81.192.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /synd/?cb=1670731066109&ver=1&pub=ae3539867aaeec609a4260c6feb725f4&zone=37711&output=js&flash=0&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&width=300&height=250&vpw=1268&vph=939&auction=cff45da8-4c6176a HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 03:57:47 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Sun, 11 Dec 2022 03:57:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=5337db4e03ed71d8d8edc7f323d14059; expires=Tue, 10-Dec-2024 03:57:47 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
Content-Length: 0
Content-Type: text/javascript; charset=utf-8
2.bp.blogspot.com/-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s72-c/pelacur+muda.jpg
142.250.74.161200 OK 5.6 kB URL HTTP/1.1 2.bp.blogspot.com/-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s72-c/pelacur+muda.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d733b44ba07c9279a6e670d28d6a4244
83f67a5c709428e415aa05727547f80742bdbd7f
9db29312f4670e3d27c9fb8af4c27401178c00511ec97f6e5672c3c256151d36
GET /-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s72-c/pelacur+muda.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="pelacur muda.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5591
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:57:48 GMT
Expires: Mon, 05 Dec 2022 11:44:33 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v539e"
Content-Type: image/jpeg
Age: 0
draft.blogger.com/dyn-css/authorization.css?targetBlogID=8276956487562511376&zx=f1f2bb78-17b9-4a5b-93dd-02c42d44e805
216.58.207.233200 OK 21 B URL HTTP/2 draft.blogger.com/dyn-css/authorization.css?targetBlogID=8276956487562511376&zx=f1f2bb78-17b9-4a5b-93dd-02c42d44e805
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8276956487562511376&zx=f1f2bb78-17b9-4a5b-93dd-02c42d44e805 HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Dec 2022 03:57:48 GMT
last-modified: Sun, 11 Dec 2022 03:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-PNn4y8GhjRk/U4schUWEC5I/AAAAAAAAUuE/zlvqcxRgjD0/s72-c/punca+utama+budak+2+tahun+dipenggal.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 1.bp.blogspot.com/-PNn4y8GhjRk/U4schUWEC5I/AAAAAAAAUuE/zlvqcxRgjD0/s72-c/punca+utama+budak+2+tahun+dipenggal.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 4952832c81c5469b2c9a855a4b1b624a
59edb3af5d2d0b8d75529a49d0a13b6ad3c7178e
da19872d25bed4c1a71dcf482801607ffa6d2507c670417019ecca10d9bdf405
GET /-PNn4y8GhjRk/U4schUWEC5I/AAAAAAAAUuE/zlvqcxRgjD0/s72-c/punca+utama+budak+2+tahun+dipenggal.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v52e2"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="punca utama budak 2 tahun dipenggal.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 3848
X-XSS-Protection: 0
1.bp.blogspot.com/-uJR3AO9spas/U47zMJYA8xI/AAAAAAAAUu4/uqkH5_fbxb0/s72-c/gaduh+nampak+sepender.jpg
142.250.74.161200 OK 3.0 kB URL HTTP/1.1 1.bp.blogspot.com/-uJR3AO9spas/U47zMJYA8xI/AAAAAAAAUu4/uqkH5_fbxb0/s72-c/gaduh+nampak+sepender.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash fc906dca720e541cab241b0d44669da1
08bfc1f33097698585210d8d22e75d55f8899555
76547c2f5ff2df8626ab1d01de6ab2bf949e4a036cbd8106bcaa8df71434b001
GET /-uJR3AO9spas/U47zMJYA8xI/AAAAAAAAUu4/uqkH5_fbxb0/s72-c/gaduh+nampak+sepender.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v52ef"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gaduh nampak sepender.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 2971
X-XSS-Protection: 0
4.bp.blogspot.com/-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s72-c/dicabul+jurujual+gas.JPG
142.250.74.161200 OK 4.6 kB URL HTTP/1.1 4.bp.blogspot.com/-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s72-c/dicabul+jurujual+gas.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 272b8b068c71d8cdfdc16b845ed426fa
c13c920f78da5462ad039a5553b817c01293c321
8f3abb10de9cc99be7e7b61b69309fc8d7e390e3e1789af85c88325f62e19494
GET /-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s72-c/dicabul+jurujual+gas.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v535a"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dicabul jurujual gas.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 4640
X-XSS-Protection: 0
2.bp.blogspot.com/-OgnvOqSGYzo/U3SdyCNnuLI/AAAAAAAAUfk/X8j8jAMiTpg/s72-c/rosmah+masa+muda+1.jpg
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 2.bp.blogspot.com/-OgnvOqSGYzo/U3SdyCNnuLI/AAAAAAAAUfk/X8j8jAMiTpg/s72-c/rosmah+masa+muda+1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 4b1fc9258adb80ac4e6e066def1e786e
cb763d0a698b1bcfbcebf9993049d56fe2898d1d
2b6b737201d77fbb9753b9e9955c9e30fed8cf0f0a22fb12f85798d4412012d0
GET /-OgnvOqSGYzo/U3SdyCNnuLI/AAAAAAAAUfk/X8j8jAMiTpg/s72-c/rosmah+masa+muda+1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v51fa"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="rosmah masa muda 1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 4000
X-XSS-Protection: 0
gempaqgiler.blogspot.com/feeds/posts/default/-/info%20semasa?alt=json-in-script&callback=related_results_labels_thumbs&max-results=999
142.250.74.161200 OK 140 kB URL HTTP/1.1 gempaqgiler.blogspot.com/feeds/posts/default/-/info%20semasa?alt=json-in-script&callback=related_results_labels_thumbs&max-results=999
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (65362)
Size 140 kB (139709 bytes)
Hash 23554306316298d38fe4bcbfe7cffde6
b25a14f41fa53caccf5d28f8cdd68d8c1d51fa17
c05bd9db9d0d03aa5128f06d337e2319a3e6149b3881c187bd58e5190ffdc4d2
GET /feeds/posts/default/-/info%20semasa?alt=json-in-script&callback=related_results_labels_thumbs&max-results=999 HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/2013/11/pengawal-keselamatan-tembak-pegawai.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"0028ce25732ccc1706d2edea7d5471a0d90fd1ef607e982f3cd223790c2f4076"
Date: Sun, 11 Dec 2022 03:57:47 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Sat, 10 Dec 2022 08:59:58 GMT
Content-Encoding: gzip
Content-Length: 139709
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-fJNpPpFGH_o/U4m1LxZCLOI/AAAAAAAAUqs/ePLSlwYgZ4A/s72-c/penculik+mati.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 4.bp.blogspot.com/-fJNpPpFGH_o/U4m1LxZCLOI/AAAAAAAAUqs/ePLSlwYgZ4A/s72-c/penculik+mati.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0f72b809ca838b76f48381433e58ede5
3546cc0fed4fef6cd4cd12c0fa2f12bcd8645353
852530d818cd1dbe9d11db9398e88c9f288612e550f87a52fa9a06ca0f0ed28f
GET /-fJNpPpFGH_o/U4m1LxZCLOI/AAAAAAAAUqs/ePLSlwYgZ4A/s72-c/penculik+mati.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="penculik mati.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3469
X-XSS-Protection: 0
Date: Sun, 11 Dec 2022 03:57:48 GMT
Expires: Thu, 08 Dec 2022 07:39:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v52ac"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-epjWQSeZWJM/U5bi_fqxDEI/AAAAAAAAUxI/_1gDyodCQok/s72-c/kena+tangkap.jpg
142.250.74.161200 OK 3.1 kB URL HTTP/1.1 2.bp.blogspot.com/-epjWQSeZWJM/U5bi_fqxDEI/AAAAAAAAUxI/_1gDyodCQok/s72-c/kena+tangkap.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash cc6a92f91fb0b5e7dc3445b044a146e6
aa83091f983b0a9ff8fa979b0425cdc243abbc90
e53019ae18cf68d4b48ec6cebcf363da229955d991a39ff00ee9e399ff3ec3cf
GET /-epjWQSeZWJM/U5bi_fqxDEI/AAAAAAAAUxI/_1gDyodCQok/s72-c/kena+tangkap.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5313"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="kena tangkap.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 3092
X-XSS-Protection: 0
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
172.217.21.162200 OK 47 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 172.217.21.162:0
Hash 7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Server: cafe
Content-Length: 47
X-XSS-Protection: 0
Date: Sat, 10 Dec 2022 13:41:14 GMT
Expires: Sat, 24 Dec 2022 13:41:14 GMT
Cache-Control: public, max-age=1209600
Age: 51394
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
3.bp.blogspot.com/-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s72-c/cina+hina+islam.JPG
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 3.bp.blogspot.com/-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s72-c/cina+hina+islam.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 91b0d402eece23c7e386c7ab9e880ad8
22f4a78bdef23e7ee9fbf1327c6f64f87431c172
f3a9e7a80e52c899a88cf296ad3f2afe8a201180b8bd6ea1f7450984d2310e84
GET /-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s72-c/cina+hina+islam.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v539a"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cina hina islam.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 3810
X-XSS-Protection: 0
2.bp.blogspot.com/-8y6NB2SvaVY/U4samOjmVcI/AAAAAAAAUt4/Wqj5v2Gj1c8/s72-c/budak+sekolah+terlampau.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/1.1 2.bp.blogspot.com/-8y6NB2SvaVY/U4samOjmVcI/AAAAAAAAUt4/Wqj5v2Gj1c8/s72-c/budak+sekolah+terlampau.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c753eecf1b5d964c8e739d1a8ad9cff7
f57b8f25c8713b930dca7f4edc0487d578390ff6
f5d04a61a2da0d3da8c0c8ae1c5c8017e2b279099848ec700f6d7551117c3f0c
GET /-8y6NB2SvaVY/U4samOjmVcI/AAAAAAAAUt4/Wqj5v2Gj1c8/s72-c/budak+sekolah+terlampau.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v52df"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="budak sekolah terlampau.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 4458
X-XSS-Protection: 0
2.bp.blogspot.com/-uMpXrr-4Yc0/U4prTdXMdiI/AAAAAAAAUsM/8vas_j4w_pA/s72-c/gadis+kena+rejam.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 2.bp.blogspot.com/-uMpXrr-4Yc0/U4prTdXMdiI/AAAAAAAAUsM/8vas_j4w_pA/s72-c/gadis+kena+rejam.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 2f6b7331b5eb29ce80ede6e7b4f677da
6c0390242f95e7323fa0ec8383e5d34ed84b8e02
f51c288899c975f68fddcf40bba95ed843f075cf33ffe100e3147d62c7d02b72
GET /-uMpXrr-4Yc0/U4prTdXMdiI/AAAAAAAAUsM/8vas_j4w_pA/s72-c/gadis+kena+rejam.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v52c4"
Expires: Mon, 12 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gadis kena rejam.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 11 Dec 2022 03:57:48 GMT
Server: fife
Content-Length: 4383
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
date: Sun, 11 Dec 2022 03:53:16 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 968823771
etag: W/"980881274"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:FEFF_2E69C9F0:0050_6395553C_B6FF:16F97
x-iplb-instance: 42306
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221206/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 10 Dec 2022 20:14:57 GMT
expires: Sat, 24 Dec 2022 20:14:57 GMT
cache-control: public, max-age=1209600
age: 27771
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f92a2bb000cce48c9e3a15eabdf68598
df678017f0fc38151632727222b2cbf413563692
6472df82d6bea9408d3738f8aa43d368f4914c4b24b7627c4eea82a3d441f862
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3765933820679304&plah=gempaqgiler.blogspot.com&bust=31071220
172.217.21.162200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3765933820679304&plah=gempaqgiler.blogspot.com&bust=31071220
IP 172.217.21.162:0
File type ASCII text, with very long lines (5821)
Size 120 kB (120018 bytes)
Hash e098e872bf27cad1ccfc35097b47dc1f
dae5f2b39d03f85de71ea0b56d013777c3e87066
8194da54e21c655f9c4b20fc42f7146487a700691de8d4317b92ef6df28bc66f
GET /pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3765933820679304&plah=gempaqgiler.blogspot.com&bust=31071220 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 11 Dec 2022 03:57:48 GMT
expires: Sun, 11 Dec 2022 03:57:48 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16280807326828678305
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 120018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
developers.google.com/
172.217.21.174301 Moved Permanently 0 B IP 172.217.21.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 32ca155d64f4ea8327c1c9db4c148a4a
Date: Sun, 11 Dec 2022 03:57:48 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 633462c5bc4d631d0f28109676f1c4ef
5e971024687c599a40822616459355ab75a69aa6
464513db00c7735b28f8140ecd0a3a0641fce311481f736a946a1ed8e8e881d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
142.250.74.131200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 142.250.74.131:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 06:19:27 GMT
expires: Mon, 04 Dec 2023 06:19:27 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Dec 2022 03:14:01 GMT
content-type: text/javascript
age: 596301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.carimember.com/banner.png
85.208.116.194404 Not Found 4.8 kB URL HTTP/1.1 www.carimember.com/banner.png
IP 85.208.116.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 003039d2127216ae418bc159c62ca04c
9337fef90450d22340a9f661ac74617c70767f50
da1a604a8ed97cbe9feab8c1001a066083c34a6f95877dbbfbae6c21f973d8bd
GET /banner.png HTTP/1.1
Host: www.carimember.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Date: Sun, 11 Dec 2022 03:57:48 GMT
Content-Length: 4837
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 289226b62d8042b69d9e40a017dcd2ee
fd659cb6511731ff6d06df61b5430a2d126bdd8e
aff5359649ce1253d942d2aac6ea84cd98328df5ff273aa8ef7d843bc0c6b349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=gempaqgiler.blogspot.com&callback=_gfp_s_&client=ca-pub-3765933820679304&gpid_exp=1
216.58.207.226200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=gempaqgiler.blogspot.com&callback=_gfp_s_&client=ca-pub-3765933820679304&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 44aed1d2ab77588ae1335f5ec520d4de
dc02455e7f444c98fae5b96bfb9e24b12ad9e8c3
0e24ba4e570275437f2fc5d2f19690c7c6c7d691594c9992cab09ecde75c7c12
GET /gampad/cookie.js?domain=gempaqgiler.blogspot.com&callback=_gfp_s_&client=ca-pub-3765933820679304&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 11 Dec 2022 03:57:48 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=gempaqgiler.blogspot.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=gempaqgiler.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=gempaqgiler.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 11 Dec 2022 03:57:48 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f69c32ac7b9825b1255fed72f425fe77
58e0fb4b9d5c835bb222a73b5fd939af76991485
7e61ce2f34c53d0730f5e88d26fb87651af80f1356ccb9ccc5a6efa2b255195c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=gempaqgiler.blogspot.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=gempaqgiler.blogspot.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=gempaqgiler.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 11 Dec 2022 03:57:48 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 289226b62d8042b69d9e40a017dcd2ee
fd659cb6511731ff6d06df61b5430a2d126bdd8e
aff5359649ce1253d942d2aac6ea84cd98328df5ff273aa8ef7d843bc0c6b349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/all.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 11 Dec 2022 03:57:48 GMT
Connection: keep-alive
Content-Length: 0
tcr.tynt.com/ti.js
104.18.36.173200 OK 16 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Hash a384492ef8f3bb035fc8ecba870e86d3
a6da9b212e2d640261cc1c1a5c98096aef5d8778
9232a4a99aa4630732414441f411afe936b0e95047f3d018e46c40f211fc1ede
GET /ti.js HTTP/1.1
Host: tcr.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 03:57:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-b4ff"
content-encoding: gzip
CF-Cache-Status: HIT
Age: 117264
Expires: Wed, 14 Dec 2022 03:57:48 GMT
Cache-Control: public, max-age=259200
Server: cloudflare
CF-RAY: 777b4c5c6b97b4f1-OSL
draft.blogger.com/followers.g?blogID=8276956487562511376&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=5460185891587197880&origin=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
216.58.207.233302 Moved Temporarily 469 B URL HTTP/1.1 draft.blogger.com/followers.g?blogID=8276956487562511376&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=5460185891587197880&origin=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
IP 216.58.207.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (508)
Hash b1322f84ee9e5d067c44e11c7a62e84c
6ae354f4678258b0a1a61903b64855b0011ca234
628f1c8988994c8c0856f2243e6e5a0a8b90bc1e0ee64e3529f3bf9c13ab6116
GET /followers.g?blogID=8276956487562511376&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=5460185891587197880&origin=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1 HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: https://draft.blogger.com/followers.g?blogID=8276956487562511376&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=5460185891587197880&origin=http://gempaqgiler.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.geaHZXF2-fw.O/d%3D1/rs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%3D__features__&bpli=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 11 Dec 2022 03:57:48 GMT
Expires: Sun, 11 Dec 2022 03:57:48 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 469
Server: GSE
ws.sharethis.com/button/css/buttons-secure.css
54.230.111.32200 OK 3.9 kB URL HTTP/2 ws.sharethis.com/button/css/buttons-secure.css
IP 54.230.111.32:0
File type ASCII text, with very long lines (23158), with no line terminators
Hash 61da924a747e08c5f54a6cb31c724a48
8e49d971d6a667c3888a481b742e05cafcf72a43
54302324d4b6aa780466c869b9932504d0b1eaa7ef1df6c5481b35fb0625343a
GET /button/css/buttons-secure.css HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3851
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sat, 10 Dec 2022 04:17:41 GMT
etag: W/"634f1895-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 93swwE68hwSa2dJ6x4a6_jKRL3_pZFThqlDfVaNe5uX8fZHiMLyhkA==
age: 85207
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a49ab5ecc317aa7e4724050053737549
3ffff77715bf8c5dbcbb5e17abbbc2c683c36f60
844f25237f9906c3fb977d58259e132c41dacbbe546adc8b45e9992e6ee711c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 5e5c9a7de70a32e4a2e456bde6fdce9e
ea516d4de51e375c6843f851de12bf1cf45d4252
941070d9fcf17d3f9ecb370184b8531d6fec475666960f7baaf6b80e764a9d6b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141566
Date: Sun, 11 Dec 2022 03:57:48 GMT
Etag: "6394cc2c-1d7"
Expires: Mon, 12 Dec 2022 19:17:14 GMT
Last-Modified: Sat, 10 Dec 2022 18:13:00 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KsfFSuaFeiGT3y1fBkVDl0jPUDSci_LF03cXUh3kAywM73WNVp6SOQ==
Age: 3854
ws.sharethis.com/images/2017/facebook_counter.png
54.230.111.32200 OK 2.4 kB URL HTTP/2 ws.sharethis.com/images/2017/facebook_counter.png
IP 54.230.111.32:0
File type PNG image data, 120 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ba4aa0077ecbfdad7b112b723bf3b89
8d85c1b4ca791a4a9010c304c3af620cdc2fac94
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
GET /images/2017/facebook_counter.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2423
accept-ranges: bytes
cache-control: max-age=31536000
date: Sun, 13 Nov 2022 03:11:53 GMT
etag: "634f1850-977"
expires: Mon, 13 Nov 2023 03:11:53 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rdYAscnp3f_lsDXo-bL4266s-umrgF_XxUrJhL7JZBv0r4SGXRSBqA==
age: 2421956
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/twitter_counter.png
54.230.111.32200 OK 2.5 kB URL HTTP/2 ws.sharethis.com/images/2017/twitter_counter.png
IP 54.230.111.32:0
File type PNG image data, 120 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f3b085b38e3d832d18351c78ac1a0e1
a5ecafc51f237b39afdbaabbb60e198bd4592f06
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
GET /images/2017/twitter_counter.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2478
accept-ranges: bytes
cache-control: max-age=31536000
date: Sat, 12 Nov 2022 06:04:09 GMT
etag: "634f1850-9ae"
expires: Sun, 12 Nov 2023 06:04:09 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lvO2oOplakK8qFIGd67lBSnE7d-fj7_xrOEAaxbd2qVWVYOtbB7krg==
age: 2498020
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/linkedin_counter.png
54.230.111.32200 OK 2.5 kB URL HTTP/2 ws.sharethis.com/images/2017/linkedin_counter.png
IP 54.230.111.32:0
File type PNG image data, 120 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash fe09cd7fe7814958b566642c4471e7ed
d3e649a373de39af33aa03ec2faa563c87630d5f
0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993
GET /images/2017/linkedin_counter.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2529
accept-ranges: bytes
cache-control: max-age=31536000
date: Wed, 30 Nov 2022 07:16:13 GMT
etag: "634f1850-9e1"
expires: Thu, 30 Nov 2023 07:16:13 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UPZNXgtPpkbb1ehOY5dAB-pQUW91C53Chps0MELTfVT9VK8uIP4AYw==
age: 938496
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 664 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 89486fe9ec07bff5d79774e8d16db47e
f0230bbcbe6c9b34f55418ce31e55a6846918fae
dbdb631be170e6ab604cdf0bd3548704097d4030b97aa559b325fce656acb6ba
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 11 Dec 2022 03:57:49 GMT
date: Sun, 11 Dec 2022 03:57:49 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 664
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/email_counter.png
54.230.111.32200 OK 1.9 kB URL HTTP/2 ws.sharethis.com/images/2017/email_counter.png
IP 54.230.111.32:0
File type PNG image data, 120 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 661e3d497a53bf0c26f60db4dc3a4951
2d14d4e9c2d0af7945c247c9e81f191e47ab20cf
af6c4b21f7b4a51cf290db1dc17ff613cd7db54e14574587bebb6b9cf2a2082d
GET /images/2017/email_counter.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1857
accept-ranges: bytes
cache-control: max-age=31536000
date: Tue, 06 Dec 2022 02:29:01 GMT
etag: "634f1850-741"
expires: Wed, 06 Dec 2023 02:29:01 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kIwo84nnLga2n6xgc3OVlZBTs4gy9tjXarj8lzwdu2aMp3dA2MmFXA==
age: 437328
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/sharethis_counter.png
54.230.111.32200 OK 2.6 kB URL HTTP/2 ws.sharethis.com/images/2017/sharethis_counter.png
IP 54.230.111.32:0
File type PNG image data, 120 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash c0cbf421acb6c3a3cd615542054e0536
d56aa81a6df18e79a5ad752d4871a2948bf8ada6
4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413
GET /images/2017/sharethis_counter.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2648
accept-ranges: bytes
cache-control: max-age=31536000
date: Tue, 06 Dec 2022 01:59:58 GMT
etag: "634f1850-a58"
expires: Wed, 06 Dec 2023 01:59:58 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6DwM8OEtk45GlWbbbhX4RJRGstw3nPRvKC-mWZ5KFj4Lb-BATQYrOQ==
age: 439071
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/secure/images/bubble_arrow.png
54.230.111.32200 OK 979 B URL HTTP/2 ws.sharethis.com/secure/images/bubble_arrow.png
IP 54.230.111.32:0
File type PNG image data, 4 x 6, 8-bit colormap, non-interlaced\012- data
Hash 9466fb05cc9cae591337910debe1282e
03a3bc8a8c1a744dd1b283ad82fa392f01cafc09
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
GET /secure/images/bubble_arrow.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 979
accept-ranges: bytes
cache-control: max-age=31536000
date: Tue, 29 Nov 2022 06:20:32 GMT
etag: "634f1895-3d3"
expires: Wed, 29 Nov 2023 06:20:32 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 70_UyDGetOi9lZ7fRiay2fVFBcJAjr5mn--eX_PezhICfT6if9k11Q==
age: 1028237
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1670731066040.18888&hostname=gempaqgiler.blogspot.com&location=%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&title=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&sop=false
18.197.222.56204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1670731066040.18888&hostname=gempaqgiler.blogspot.com&location=%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&title=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&sop=false
IP 18.197.222.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1670731066040.18888&hostname=gempaqgiler.blogspot.com&location=%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&title=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&sop=false HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gempaqgiler.blogspot.com
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: http://gempaqgiler.blogspot.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 11 Dec 2022 03:57:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a74fa5dd905762b44b74b4d58711e135
16de1a2938d1add414e348345fc032a092207621
7d8fabc440dcd4fe20cbb48dcbec57e8a904c4f4e767e6fc9583f22868659295
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D8FABC440DCD4FE20CBB48DCBEC57E8A904C4F4E767E6FC9583F22868659295"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6835
Expires: Sun, 11 Dec 2022 05:51:44 GMT
Date: Sun, 11 Dec 2022 03:57:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b10da7c40fd218e052cac5276be21d93
723dfdd1320ae0949196715d2d073320c4e4753d
ad3a489d2aa632e337fda00c7851dda9ecfb04798f432b6d5656f976c7ab3f2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 985
Cache-Control: max-age=154180
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Etag: "639508a8-1d7"
Expires: Mon, 12 Dec 2022 22:47:29 GMT
Last-Modified: Sat, 10 Dec 2022 22:31:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 057187c32917b544c7e7f0f38bb6e794
9b25659ad9a709548ce4b09dd398e4c9d3fd51f0
d38a62c30e6280f6eecc192b7dcf5c3b1584417e6e3384fed8bd0f6b63a83aec
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 62d48b09acd08061fa9c718e74a5017e
etag: "396fec92b053c31d965334d234b777ed"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 11 Dec 2022 04:08:53 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: BXGHwykXtUTH5/Dzi7bnlA==
x-fb-debug: 9zvKcO1ZFLWTxibVMgOI5zVmeH9bDZmP6Q2VBzraOWBJmxlmp1PeHl+qQPfx0+vHzyUKwLS+akrXK3Dyv/nCWw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Sun, 11 Dec 2022 03:57:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b10da7c40fd218e052cac5276be21d93
723dfdd1320ae0949196715d2d073320c4e4753d
ad3a489d2aa632e337fda00c7851dda9ecfb04798f432b6d5656f976c7ab3f2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 985
Cache-Control: max-age=154180
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Etag: "639508a8-1d7"
Expires: Mon, 12 Dec 2022 22:47:29 GMT
Last-Modified: Sat, 10 Dec 2022 22:31:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
developers.google.com/
172.217.21.174200 OK 173 kB IP 172.217.21.174:0
Size 173 kB (172968 bytes)
Hash 13ac5af1fcaa320617ca13cb30c64431
56aba27a0b6762f4e623e603663b3d25da755c71
4c6d60d863fbc1f225f4d7289ed922ff63e0794abaf03028769afa841033b7f2
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 18:10:23 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.119030821.1670731068; Expires=Tue, 10 Dec 2024 03:57:48 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-l3loY+FXd5CovQ8Ppd3MOzocXcKR4B' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: cbaeaabed732a1db542ce4846ad955bd
vary: Accept-Encoding
date: Sun, 11 Dec 2022 03:57:48 GMT
server: Google Frontend
content-length: 22695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2559
Expires: Sun, 11 Dec 2022 04:40:28 GMT
Date: Sun, 11 Dec 2022 03:57:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78068ece5c05e5936bfc1eac61c627f8
0c1118eaf153c16f6bcb731767b1237ee72a5541
9b7f84ec789ec853dc463e5839c63d8395e8921cc0599b8b7e694eebb1d22b9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6850
x-amzn-requestid: a7a24880-17cf-4873-9da2-1cdedb1d351b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csWC5GsFIAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6a12-186b17d55261c18243dc0302;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:00:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sDsH55clVyWxDLGhhtm54gFyuNmot4rM-vu8Qm3ic4zNjiOpw_fnwA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:54:58 GMT
age: 21771
etag: "0c1118eaf153c16f6bcb731767b1237ee72a5541"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31aca93e-2858-4933-b847-8f2f94143051.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31aca93e-2858-4933-b847-8f2f94143051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8fb99efffa43a89258e8f6fa88b57b3d
af9e7836bb609a2fa5ada07bb46a547f007a70ac
117238c7ac845cb0b65576ea779bb64e6f93ea715eaa2df5a05338743646839c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31aca93e-2858-4933-b847-8f2f94143051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9385
x-amzn-requestid: c465c6db-4228-4455-b5d5-0b6bec43928c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xkmGn7oAMFTnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc83-1903b69055c1d5bc70c3adea;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:39:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tAKuAJvVLxVkluWQejBJV7rvGMnU6yFI112cd2Y8Ci2eF9x9CJSAOg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:52:48 GMT
age: 21901
etag: "af9e7836bb609a2fa5ada07bb46a547f007a70ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaa3b191-2ccf-43a7-98dc-75eb1a8968b6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaa3b191-2ccf-43a7-98dc-75eb1a8968b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a1d9ee9604803ac5d63a3806a2ef506
6c378dcff1d9fe7585312bed9dad74a64730f9e0
a3a99498c052c9b998816dd688a9a790fd5b59b9c9f8017af7591cd5537f72d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaa3b191-2ccf-43a7-98dc-75eb1a8968b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11520
x-amzn-requestid: 02c1a493-e1bb-4db4-a628-d8c79def1607
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xTBEAxoAMF7Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc13-4f35a8f837675761185ce4ad;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PEeF3P6XjtEsFq418c-VrkvkTetvPYmgqX2iPy4nu8YIXwOx8FLU0g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:52:12 GMT
age: 21937
etag: "6c378dcff1d9fe7585312bed9dad74a64730f9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SG-8rL_rUN3MpXHhkAaHmIqKf7mSHtv0kEAkBOAIPcqq755Qh-mc3Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:52:26 GMT
age: 21923
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: daca166e-fa82-4491-9065-a4629141fd11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c4OQAGLyoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63932a66-0551e77243e4a6472b377f9d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 12:30:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: miR7RxPy5ldYudl8lYXWkth-_liryMFY7aZsvNC4mDVtf13qJg0NZA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 00:46:21 GMT
age: 11488
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc37f6826-7810-4f1a-9a56-c59cdd71c138.png
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc37f6826-7810-4f1a-9a56-c59cdd71c138.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3022b016b72f68bf8e7e01a40e12776
5ac98677c4c9eef040ef13ddd6c5aad6fcabf6cb
777447e4ad32d4f1c50128a73d39d9cc6e33995e0fb3298ebf9e00dfa5dd3bd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc37f6826-7810-4f1a-9a56-c59cdd71c138.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4676
x-amzn-requestid: dfd0ce16-43e4-4d02-b2df-de60b7afff41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xTBHtVoAMFUVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc13-4881af19704538471b2c85fb;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _5gzRpSKunXL-dt4-0Dm2xy4Ep02TcjQAqLT2_6Xg4MuruQcq3imTg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:52:45 GMT
age: 21904
etag: "5ac98677c4c9eef040ef13ddd6c5aad6fcabf6cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js?hash=2a979cdd816ba9f43da7555f77a57965
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=2a979cdd816ba9f43da7555f77a57965
IP 31.13.72.12:0
File type ASCII text, with very long lines (18605)
Hash b0fea20c8950b45cfeb56fa9980da885
34a494a0b7e0547cf75aa825e653885cc3281133
3ec11c49e89b922ee46e7fef378f9dbc35fcce9a4c54d5bf697cc3a9868a05f3
GET /en_US/all.js?hash=2a979cdd816ba9f43da7555f77a57965 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gempaqgiler.blogspot.com
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b26e0a97081726a9bd299ac1471e73b8
etag: "71e42e6f28647b1e9f937bf860c55041"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Dec 2023 01:39:37 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: sP6iDIlQtFz+tW+pmA2ohQ==
x-fb-debug: yQS9F6Gm8FqxQtXUwuobfJxvZrgQodJure0WqJxXfxR5LAht8x5jhUpMp1DA/lUXelvZHvS0xREe1V7DSrbCHg==
content-length: 88325
x-fb-trip-id: 1904183273
date: Sun, 11 Dec 2022 03:57:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&cb=stButtons.processCB&wd=true
54.230.111.84200 OK 197 B URL HTTP/2 count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&cb=stButtons.processCB&wd=true
IP 54.230.111.84:0
File type ASCII text, with no line terminators
Hash fc0fc1a2e9e5aa14c55215aa19749319
7fcc4b38260e68b44824914e1bf87ea63d398bc0
609ba22f8a3c371f12defda7485b744a7831b89711ec6e94dd9460c1605fc96a
GET /v2.0/get_counts?url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&cb=stButtons.processCB&wd=true HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 197
date: Sun, 11 Dec 2022 03:57:49 GMT
etag: fc0fc1a2e9e5aa14c55215aa19749319
cache-control: public, max-age=900
apigw-requestid: c9pBliW_oAMESGQ=
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BsciHocXLfTIJTQr5g2GuX7RrQOeMzexHvG0uqwzh8A3dzUJU5u3ug==
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s4.histats.com/stats/2361969.php?2361969&@f16&@g1&@h1&@i1&@j1670731067043&@k0&@l1&@mPengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-183328906&@b3:1670731067&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&@w
149.56.240.27200 OK 108 B URL HTTP/1.1 s4.histats.com/stats/2361969.php?2361969&@f16&@g1&@h1&@i1&@j1670731067043&@k0&@l1&@mPengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-183328906&@b3:1670731067&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&@w
IP 149.56.240.27:0
File type ASCII text, with no line terminators
Hash fe19abdcf937ae9881fee58f199505d9
aabd955408612f836561a05a2347afab7d00424e
d06a221e44d0e806ce3e46ed52f7bd4060e5fb0f751d0e3f7e7d61da8cd24e42
GET /stats/2361969.php?2361969&@f16&@g1&@h1&@i1&@j1670731067043&@k0&@l1&@mPengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-183328906&@b3:1670731067&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 03:57:49 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 108
Connection: close
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.14200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://draft.blogger.com/
Origin: https://draft.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://draft.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 11 Dec 2022 03:57:49 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+019; expires=Tue, 10-Dec-2024 03:57:49 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Dec 2022 03:57:49 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.14200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1558
Origin: https://draft.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://draft.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 11 Dec 2022 03:57:49 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+067; expires=Tue, 10-Dec-2024 03:57:49 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Dec 2022 03:57:49 GMT
X-Firefox-Spdy: h2
s10.histats.com/counters/cc_10.js
46.105.201.240200 OK 7.6 kB URL HTTP/2 s10.histats.com/counters/cc_10.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (17833), with no line terminators
Hash 1d9460c984f25ea64e208b9ea21c492a
ec720873c6e352f435a40e0a6d11c878e451faa5
05a939636a8285b28ee6dce67902e97a148fa19288bc882cee6eb98ae74f1414
GET /counters/cc_10.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 03:51:30 GMT
etag: "-21747805"
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
x-request-id: 89688750
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7570
X-Firefox-Spdy: h2
gempaqgiler.blogspot.com/favicon.ico
142.250.74.161200 OK 290 B URL HTTP/1.1 gempaqgiler.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 4171c424740dfaeda72fccb8224b1983
26a2f9b2876dd7440b6fa47d0af3b691444a0c75
4b6cc0c3304cc4458171983765a5ee50cae1508a918b9e80795867d7a0cee51b
GET /favicon.ico HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/2013/11/pengawal-keselamatan-tembak-pegawai.html
Cookie: HstCfa2361969=1670731067043; HstCla2361969=1670731067043; HstCmu2361969=1670731067043; HstPn2361969=1; HstPt2361969=1; HstCnv2361969=1; HstCns2361969=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Sun, 11 Dec 2022 03:57:49 GMT
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 10 Dec 2022 08:59:58 GMT
ETag: W/"9a88695b37502b12c3a5487a0f777ceabee18a8482b79d947e6548767be81220"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 290
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5bdd65780397c16e1f11d2144025fed
7631c404b4f9bcb38d95ef6527de5b9ca8104579
bc8cdd03ed2e87ad1405c91f28d8d6a3b88972f75756e531e854165111b07ecd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 041ee7bbd80e836023d3c1109d2979de
0bbaad731238f365695a432792b4c6b6199a830c
fcc16dfe49146995d9828166eb169a90664dedee131e3f01c2576a8160ea908d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 03:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:33:45 GMT
Expires: Wed, 14 Dec 2022 23:33:44 GMT
Etag: "0bbaad731238f365695a432792b4c6b6199a830c"
Cache-Control: max-age=329154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777b4c5f0b78b521-OSL
1.bp.blogspot.com/-eOTkv8TuF2E/VwB7HKw6yWI/AAAAAAAACU4/TdmqpYhgLskKlYrrwUzX4794yLlbCU1vg/s45-c/20150301_135416.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 1.bp.blogspot.com/-eOTkv8TuF2E/VwB7HKw6yWI/AAAAAAAACU4/TdmqpYhgLskKlYrrwUzX4794yLlbCU1vg/s45-c/20150301_135416.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 567a59874f8f7fff44f9cdea1a8ed5d3
fe177a9c1bf63a98e826de034f3908950391c909
426636310fc023de152148c7714c3eb837e9406113cf49394bb67687569e534f
GET /-eOTkv8TuF2E/VwB7HKw6yWI/AAAAAAAACU4/TdmqpYhgLskKlYrrwUzX4794yLlbCU1vg/s45-c/20150301_135416.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20150301_135416.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2194
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:24:10 GMT
expires: Mon, 12 Dec 2022 03:24:10 GMT
cache-control: public, max-age=86400, no-transform
etag: "v94f"
content-type: image/jpeg
age: 2019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-yj7Q3kZyK2s/ULI_MGc95UI/AAAAAAAAAvY/U4RkAJemx3A/s45-c/DSC02855%25252B-%25252BCopy.JPG
142.250.74.161200 OK 2.0 kB URL HTTP/2 2.bp.blogspot.com/-yj7Q3kZyK2s/ULI_MGc95UI/AAAAAAAAAvY/U4RkAJemx3A/s45-c/DSC02855%25252B-%25252BCopy.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 5918f5a70496f0f5bd8f1d5dff254149
f404532bddff301da5eb102e3ee4fdcd06682039
f21e15c66c92957f899f9b574bebc494b87fa76da572d2cd48b3ff8f753b8ae7
GET /-yj7Q3kZyK2s/ULI_MGc95UI/AAAAAAAAAvY/U4RkAJemx3A/s45-c/DSC02855%25252B-%25252BCopy.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="DSC02855%2B-%2BCopy.JPG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2023
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:24:10 GMT
expires: Mon, 12 Dec 2022 03:24:10 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2f6"
content-type: image/jpeg
age: 2019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6d24fb409274bf70a340acf342ba7608
76017f8d8ae7d8767819a894d277a9896efbd20b
820ea05ddb4e13dbeef083d2cfa9505ef927cf772d23d2f6002286d1d4225d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 041ee7bbd80e836023d3c1109d2979de
0bbaad731238f365695a432792b4c6b6199a830c
fcc16dfe49146995d9828166eb169a90664dedee131e3f01c2576a8160ea908d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 03:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:33:45 GMT
Expires: Wed, 14 Dec 2022 23:33:44 GMT
Etag: "0bbaad731238f365695a432792b4c6b6199a830c"
Cache-Control: max-age=329154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777b4c613c16b521-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/AD5-WCkQE4rfG1H_HrdbGHD-Vwxh5MrpJ-0E9fYDOOEFeA=s45-c
142.250.74.97200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCkQE4rfG1H_HrdbGHD-Vwxh5MrpJ-0E9fYDOOEFeA=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 40dc069ca50116cc9afab6cf702c1baa
3554dd2df8647391d035b0698a6840d37a037cef
28e3db92c153cd4efb40a85b30f630b0ea42d8ce5cd36f12332d6cad2f1d48ad
GET /a-/AD5-WCkQE4rfG1H_HrdbGHD-Vwxh5MrpJ-0E9fYDOOEFeA=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1908
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7df"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCkNQ6VVJXRpqM9PRfGyhrqdJKNXkNZMTBH3A2kukw=s45-c
142.250.74.97200 OK 2.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCkNQ6VVJXRpqM9PRfGyhrqdJKNXkNZMTBH3A2kukw=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 8acea5f4b31c3d6d00d7e70b3a15633d
21a9e0fdb291aea5d99d84a427d3c33219b69eb1
1a6240e3fc63798802ef3e7558d09eff86a9b25e17b7a2dc1a284f259ed53f09
GET /a-/AD5-WCkNQ6VVJXRpqM9PRfGyhrqdJKNXkNZMTBH3A2kukw=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2515
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Thu, 08 Dec 2022 06:05:26 GMT
cache-control: public, max-age=86400, no-transform
etag: "v211"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/_7VgnsUgKcUY/S0gxUKp1wBI/AAAAAAAAACM/p9xj_T6Q5Ng/S45-s45-c/t192.jpg
142.250.74.161200 OK 1.5 kB URL HTTP/2 4.bp.blogspot.com/_7VgnsUgKcUY/S0gxUKp1wBI/AAAAAAAAACM/p9xj_T6Q5Ng/S45-s45-c/t192.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash bc889ff29990e318e8a7b196c6e3cfc3
c7f7eb1587eb0f08d0f0c545f2b2788098074d1a
51b2787dd0cbfaffd3660571c9eb924e04ecd7a58be0a5f7d28314e4c614ef61
GET /_7VgnsUgKcUY/S0gxUKp1wBI/AAAAAAAAACM/p9xj_T6Q5Ng/S45-s45-c/t192.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="t192.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1527
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:24:10 GMT
expires: Thu, 08 Dec 2022 05:30:30 GMT
cache-control: public, max-age=86400, no-transform
age: 2019
etag: "v23"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WClcxbbuB_9nVBnlPhgcp9m9-tex3qdRMvSh4LxQ-w=s45-c
142.250.74.97200 OK 1.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WClcxbbuB_9nVBnlPhgcp9m9-tex3qdRMvSh4LxQ-w=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash c16770b1d494591a1fda019fade9770c
46dc045bcea71b0ad15bf3709e9e1d790492641b
818c98f3e9a9fe9e7fa4e7d32e9a2e113ee460b9bb1b8d7006d01ccfe44dda12
GET /a-/AD5-WClcxbbuB_9nVBnlPhgcp9m9-tex3qdRMvSh4LxQ-w=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1845
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Thu, 08 Dec 2022 06:05:26 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3a1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCn-zbYjCoHl5_prL6H1SZ09gPSXrIo_N07RpKIBcg=s45-c
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCn-zbYjCoHl5_prL6H1SZ09gPSXrIo_N07RpKIBcg=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash e17a1c10b8b9062a8ef5ca01099fb6f8
a29ec8f6b615a4de9b214989e66d92282fd67296
cdab548657eaea76fc844260ec73422596a6be9dcdccac88bfa3adca85967443
GET /a-/AD5-WCn-zbYjCoHl5_prL6H1SZ09gPSXrIo_N07RpKIBcg=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2210
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Wed, 07 Dec 2022 13:15:11 GMT
cache-control: public, max-age=86400, no-transform
etag: "ve36"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCm4CyBzwVLqJZaH7k5m88HrH-FfM6e5O-0fY2Q3=s45-c
142.250.74.97200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCm4CyBzwVLqJZaH7k5m88HrH-FfM6e5O-0fY2Q3=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash f31267699d9a446b33b36444608b92c8
ac7e5b941eba2c1bf3d28d5b058957237a527a31
48a23a63553e1c9ecccb8c5da020209e9f0fd9988f25453bc81db371e93b499b
GET /a-/AD5-WCm4CyBzwVLqJZaH7k5m88HrH-FfM6e5O-0fY2Q3=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1898
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WClkEffqQ7Ow-W1l3RbdXaNLI4yhvQqC433NhXY49A=s45-c
142.250.74.97200 OK 1.3 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WClkEffqQ7Ow-W1l3RbdXaNLI4yhvQqC433NhXY49A=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 90a60d0c73c8a70ea21432dea25dc7b6
c4c160d373d560546af0191af85a512124a0c283
f96c3d410e5cbb7ca542ca154edfec62d497912ad669207fa48b41f25056d713
GET /a-/AD5-WClkEffqQ7Ow-W1l3RbdXaNLI4yhvQqC433NhXY49A=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1286
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Thu, 08 Dec 2022 06:05:26 GMT
cache-control: public, max-age=86400, no-transform
etag: "v28f3"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCnrH0qwMULUCQLKEBY5HHsSc6FnX7LGziahzRjz=s45-c
142.250.74.97200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCnrH0qwMULUCQLKEBY5HHsSc6FnX7LGziahzRjz=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 8179b13f167cbd44270f5e3d6f9c68e2
78b1489547d6fe5282890a6b7e08f9820b9146d4
413a13dfd90db213de7cabf87f5c942c18517c22359b14f58ec7b1c2d7c03ef5
GET /a-/AD5-WCnrH0qwMULUCQLKEBY5HHsSc6FnX7LGziahzRjz=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2138
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1c6"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WClbwzfHpYnv23RCXLH42y4dpn6snBLkXj0KbwmyeSI=s45-c
142.250.74.97200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WClbwzfHpYnv23RCXLH42y4dpn6snBLkXj0KbwmyeSI=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 768bd068743b7cfdbdfcfc9d1ff5a733
f14e21bcf28707c84fc33bb8b5694916635525f0
963b1cd9e6aa758530c065017cd15dff8956d03fc3143507d120ce271ec80de9
GET /a-/AD5-WClbwzfHpYnv23RCXLH42y4dpn6snBLkXj0KbwmyeSI=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4267
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Thu, 08 Dec 2022 06:05:26 GMT
cache-control: public, max-age=86400, no-transform
etag: "vb295"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/AD5-WCl1tY3t5we3SITuF9LDWQthzqbvarvJ2IyybuvP8Q=s45-c
142.250.74.97200 OK 1.4 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCl1tY3t5we3SITuF9LDWQthzqbvarvJ2IyybuvP8Q=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash f45ba22b919a4c31063ff9898c5fac97
b3930f68aaf8daf667bf6ff8ea56e0c9a884e99e
02ddf2a271904871c9453a36dda5b8edb5d85f398ff9dc28bc73404b18b0a457
GET /a-/AD5-WCl1tY3t5we3SITuF9LDWQthzqbvarvJ2IyybuvP8Q=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1368
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2299"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCnQ6XwepTNKLWZZ17j5aUOiXWo35cAb_ib_fUB5=s45-c
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCnQ6XwepTNKLWZZ17j5aUOiXWo35cAb_ib_fUB5=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash dd7693e5ac516dd91432a21ab7c4cd29
945b9cbe2b1fc92688e925d86e4338513d58c2b8
05a54a8ee7f11c1fc6857efc9786d9f5f09f0e8c202a6e9e42b880daabc9dad2
GET /a-/AD5-WCnQ6XwepTNKLWZZ17j5aUOiXWo35cAb_ib_fUB5=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2208
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5c38deefc57f11dc1b5e6ac7f6409d8e
8022f6670db1e724161ff7a14fbc9d235c131bc2
e49b90830d43c258c274a51dd0ada138ec24d0ff2358c2cdeb0af26215168d9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1670731066040.18888&hostname=gempaqgiler.blogspot.com&location=%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&title=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&sop=false&img_pview=true
18.197.222.56204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1670731066040.18888&hostname=gempaqgiler.blogspot.com&location=%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&title=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&sop=false&img_pview=true
IP 18.197.222.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1670731066040.18888&hostname=gempaqgiler.blogspot.com&location=%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html&title=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&sop=false&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 11 Dec 2022 03:57:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
lh3.googleusercontent.com/a-/AD5-WCmYoSzOs8HgGHRyX5L-6ZnEppb8AWHLTRqNEn0b=s45-c
142.250.74.97200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmYoSzOs8HgGHRyX5L-6ZnEppb8AWHLTRqNEn0b=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 70c5ce9d3b875c4f6f2601582f77c09f
89988526d210a73c8566c5a7e31f67072079b378
d93dcf2f40d0a4e0a27c4fd025398d985fde5c485bad6a667c0601dfa7c8351e
GET /a-/AD5-WCmYoSzOs8HgGHRyX5L-6ZnEppb8AWHLTRqNEn0b=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2051
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Thu, 08 Dec 2022 05:33:18 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1a"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCm6-EhVS53JBm9qROKLNC_a4gd6fg58_V_23lIkwQ=s45-c
142.250.74.97200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCm6-EhVS53JBm9qROKLNC_a4gd6fg58_V_23lIkwQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 60bb72ac4856c18194e68b54c4e0e7c1
cf6781c46f27f89839ef2b577aa1611bfaedc283
abd2969acff858b8341b5006759a420d413e680456793caccc52ad46cb71f3c3
GET /a-/AD5-WCm6-EhVS53JBm9qROKLNC_a4gd6fg58_V_23lIkwQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1856
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Thu, 08 Dec 2022 06:05:26 GMT
cache-control: public, max-age=86400, no-transform
etag: "v20e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCky45wnC0Omib-smGsAvdytMCA7VNzW_UzRXsAf7Q=s45-c
142.250.74.97200 OK 5.4 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCky45wnC0Omib-smGsAvdytMCA7VNzW_UzRXsAf7Q=s45-c
IP 142.250.74.97:0
File type gzip compressed data\012- data
Hash e4a24ab74fcad1c9899e333153c0291b
b0fbb78d8b40ab013393d01b9394ffdafc9026b6
980fe2d052c12fc9fb97559bfccf0c50dad06e5b274c6bf369eed2e539d56120
GET /a-/AD5-WCky45wnC0Omib-smGsAvdytMCA7VNzW_UzRXsAf7Q=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2003
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2767"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6d24fb409274bf70a340acf342ba7608
76017f8d8ae7d8767819a894d277a9896efbd20b
820ea05ddb4e13dbeef083d2cfa9505ef927cf772d23d2f6002286d1d4225d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/AD5-WCkJAShGYOYADmHqnwq7KhSlmCL2zEiJgwoDhb2g7g=s45-c
142.250.74.97200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCkJAShGYOYADmHqnwq7KhSlmCL2zEiJgwoDhb2g7g=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 7b3137164d96dc2c60922ba83fdb3a85
cfca16a0b0d93b28098928831debbb32046331f6
ef2324dfa4b8bde52225e5f2d2a20b94501796920679349f4cec64860b19b4da
GET /a-/AD5-WCkJAShGYOYADmHqnwq7KhSlmCL2zEiJgwoDhb2g7g=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2083
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v20f1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5c38deefc57f11dc1b5e6ac7f6409d8e
8022f6670db1e724161ff7a14fbc9d235c131bc2
e49b90830d43c258c274a51dd0ada138ec24d0ff2358c2cdeb0af26215168d9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/AD5-WCmlqcuVr-3XljXoYsh2tpkZYU-hR9JF36YHPyQ-Mg=s45-c
142.250.74.97200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmlqcuVr-3XljXoYsh2tpkZYU-hR9JF36YHPyQ-Mg=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash fa4affdfa733f181d9198599abbd5ad3
b04f49d46fa15705819cbf868b72b57ac86f1449
be8b3f9567453e6a9b98d8cc7168777ec044d0965fb9958862a8f381ae4312a3
GET /a-/AD5-WCmlqcuVr-3XljXoYsh2tpkZYU-hR9JF36YHPyQ-Mg=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1952
x-xss-protection: 0
date: Sun, 11 Dec 2022 03:57:49 GMT
expires: Fri, 09 Dec 2022 20:49:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2ea8"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 194986
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 213426
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 11 Dec 2022 03:57:49 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipO7j9LAT-6RZWyRjSo239vefwK7N-NBRMyZd00r=s45-c?key=CK-wle7fgrnsiQE
142.250.74.97404 Not Found 904 B URL HTTP/2 lh3.googleusercontent.com/p/AF1QipO7j9LAT-6RZWyRjSo239vefwK7N-NBRMyZd00r=s45-c?key=CK-wle7fgrnsiQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 288ba721beee9352ca47b2a130423c86
5dd28e65cfc52620335ca1a10be532ed9e44ff14
6ee738d016e2e0d81bb5da04d1c97a4b33d9ec9f3bfc3cee450b33d1dd997cc4
GET /p/AF1QipO7j9LAT-6RZWyRjSo239vefwK7N-NBRMyZd00r=s45-c?key=CK-wle7fgrnsiQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Sun, 11 Dec 2022 03:57:49 GMT
server: fife
content-length: 904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipMqm6Jz2u6K-ChjDSLnR4FdPMJiN9Ix6r2ZLnhB=s45-c?key=COrdpbXQy6v3EQ
142.250.74.97200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMqm6Jz2u6K-ChjDSLnR4FdPMJiN9Ix6r2ZLnhB=s45-c?key=COrdpbXQy6v3EQ
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 0c303d5b431ddc18b366dd87c5f01189
eceba0b2aee7339f788ecabeadb3ba5750be1318
aaafc2a58fe40b8f36471449dd6d2136bfe797dcaa4963069343fc80ce61e2de
GET /p/AF1QipMqm6Jz2u6K-ChjDSLnR4FdPMJiN9Ix6r2ZLnhB=s45-c?key=COrdpbXQy6v3EQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3183"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 11 Dec 2022 03:57:49 GMT
server: fife
content-length: 4308
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F2013%2F11%2Fpengawal-keselamatan-tembak-pegawai.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 11 Dec 2022 03:57:49 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNWmIRVc2fiySVY1U0Ba-UJH6KQttvNbFuQyEhX=s45-c?key=CKq9qZ-hsIvuVg
142.250.74.97200 OK 5.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNWmIRVc2fiySVY1U0Ba-UJH6KQttvNbFuQyEhX=s45-c?key=CKq9qZ-hsIvuVg
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 7b15d53e8b6421cc0832f0a15fbcf455
d2c744bfbb18f4430e7441db2ec78f313a1cbca1
ca1321b6ef7083fff3dab5ec94d5fc9b9ee69632dd0f46ec2a3a92a67be92df9
GET /p/AF1QipNWmIRVc2fiySVY1U0Ba-UJH6KQttvNbFuQyEhX=s45-c?key=CKq9qZ-hsIvuVg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v408"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 11 Dec 2022 03:57:49 GMT
server: fife
content-length: 5431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg&t=Pengawal%20Keselamatan%20Tembak%20Pegawai%20Bank%20Berjaya%20Ditangkap HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 11 Dec 2022 03:57:49 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=a6AIeU7GCr4P2Oacwqm_6r&dn=TI&cc=1&r=
67.202.105.32200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=a6AIeU7GCr4P2Oacwqm_6r&dn=TI&cc=1&r=
IP 67.202.105.32:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=a6AIeU7GCr4P2Oacwqm_6r&dn=TI&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Mon, 12 Dec 2022 03:57:50 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Sun, 11 Dec 2022 03:57:49 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 11 Dec 2022 03:57:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 11 Dec 2022 03:57:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0&img=http%3A%2F%2F4.bp.blogspot.com%2F-MWxfWNVbvqM%2FUn7rP2lXCDI%2FAAAAAAAAQj8%2FHl5TrZHXQBQ%2Fs72-c%2Fdt.jpg HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 11 Dec 2022 03:57:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1670731067607&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 11 Dec 2022 03:57:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c1cf6fa3c237b3787a10955e0b5af10
c1156ed13ac18a06c363121b6c8254b034a6adc2
bd3a3d063b08b4faecfc485e382883bc3b73ce4a81b98330ee47a01df4e21920
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 03:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws.sharethis.com/secure5x/index.html
54.230.111.32200 OK 4.1 kB URL HTTP/2 ws.sharethis.com/secure5x/index.html
IP 54.230.111.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (452)
Hash d359b835f361ce395cf1e1d23d6100f4
88013b75781073cf0d0103de6aaf32dd1b91a135
a8a78f8e2ee2c683adb5576b1f884d86d1e3e565a70dc4cc09d3b2b5567dcab2
GET /secure5x/index.html HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 4080
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sat, 10 Dec 2022 07:20:20 GMT
etag: W/"634f1895-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zIuuZNstW-PwwKvWlk9SzcfBSAPfnlqpTPyHS2ykdgBUUWGdFwvuJQ==
age: 74251
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
54.230.111.32200 OK 5.6 kB URL HTTP/2 ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
IP 54.230.111.32:0
File type C source, ASCII text, with very long lines (16630), with no line terminators
Hash 94b39eb0a8fb0b06a11ad4d75b2e74b9
5d9f3beab6794398f43e43625b651cb16f6514ed
db64545fc1dedef33184fb39df6e927e83fb783555622cafe426dc83c87e17c1
GET /secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 5630
cache-control: max-age=31536000
content-encoding: gzip
date: Thu, 10 Nov 2022 00:25:10 GMT
etag: W/"634f1895-40f6"
expires: Fri, 10 Nov 2023 00:25:10 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vhUGyOqoqKD2jiIlMG7YVGWgF155rhciIzT_FwIbu6K4ZSPTSqdyZw==
age: 2691161
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgempaqgiler.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.109200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgempaqgiler.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.109:0
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgempaqgiler.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Dec 2022 03:57:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-ytgBqtYk0QIlCJvDiYCYfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sc.tynt.com/script/sc/a6AIeU7GCr4P2Oacwqm_6r.js
172.64.151.83200 OK 0 B URL HTTP/2 sc.tynt.com/script/sc/a6AIeU7GCr4P2Oacwqm_6r.js
IP 172.64.151.83:0
GET /script/sc/a6AIeU7GCr4P2Oacwqm_6r.js HTTP/1.1
Host: sc.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 03:57:50 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
status: 200 OK
x-rack-cache: fresh
cache-control: max-age=86400, public, s-maxage=172800
last-modified: Sat, 10 Dec 2022 15:09:05 GMT
x-xss-protection: 1; mode=block
x-request-id: b0f0939b-8328-456f-8a0f-00d5cb7592ee
x-content-digest: 310650b3c8fb6e52713116c6812ae354fbd0eb01
x-runtime: 0.002401
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Mon, 12 Dec 2022 02:53:27 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 777b4c60fe11b4f4-OSL
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js
54.230.111.32200 OK 0 B URL HTTP/2 ws.sharethis.com/secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js
IP 54.230.111.32:0
GET /secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
cache-control: max-age=31536000
content-encoding: gzip
date: Tue, 18 Oct 2022 23:15:55 GMT
etag: W/"634f1895-211a0"
expires: Wed, 18 Oct 2023 23:15:55 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rIKLV1VLX2udEpRx7iU3m8QvDVhzWpEEgWefmdfgPrb4C30UwgsJaQ==
age: 4596116
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2