firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 08:45:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QRw0-2CTnJX_t77m6DOLGC3itlghw5F_0mI5YMeOoU1w2SoxAfyGtg==
Age: 2265
ferrellgially.blogspot.com/2021/12/how-to-hide-apps-on-kindle-fire.html
301 Moved Permanently 213 B URL HTTP/1.1 ferrellgially.blogspot.com/2021/12/how-to-hide-apps-on-kindle-fire.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 05cca3db286b1b5f8e9b0f6c8c66ed2c
839f56197753311095d855a7203cf35c9df1652c
cd4c8b20e4427397b5f509f29b6df1f10efc462dd1831dfa79da8a4f1cf25f15
GET /2021/12/how-to-hide-apps-on-kindle-fire.html HTTP/1.1
Host: ferrellgially.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://ferrellgially.blogspot.com/2021/12/how-to-hide-apps-on-kindle-fire.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 19 Sep 2022 09:23:00 GMT
Expires: Mon, 19 Sep 2022 09:23:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 213
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6312
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 09:23:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DK__sDbP455hXKT9a4_MXFqdioc6NKQVxqZXeqWJv39hHEyOb93M1Q==
age: 17267
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 07566e7f0afe22aa412420cd4521193c
0d7ad3ad7187052880bd11576a49d5ce88faaf6a
f33d32e8d07bd001bf1205deadf439ea3009de7341719f33c1798d41faa71876
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:23:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 10:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rcmvbJLNhY8BUlKVsdj-Uuporpg5RpnlHp_-HeLGGgkGJYeVgMuZCg==
Age: 1179
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 07566e7f0afe22aa412420cd4521193c
0d7ad3ad7187052880bd11576a49d5ce88faaf6a
f33d32e8d07bd001bf1205deadf439ea3009de7341719f33c1798d41faa71876
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ferrellgially.blogspot.com/2021/12/how-to-hide-apps-on-kindle-fire.html
200 OK 63 kB URL HTTP/2 ferrellgially.blogspot.com/2021/12/how-to-hide-apps-on-kindle-fire.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7031)
Hash 36181366eee73438f039bfcd0d123720
2db8a0474e9a702f18e66bf8ec6e53b752f8facc
c81058a24a25c97d11f338386a405fe4c0feef8d8224e0fbfe8ce41d59cf154a
GET /2021/12/how-to-hide-apps-on-kindle-fire.html HTTP/1.1
Host: ferrellgially.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 19 Sep 2022 09:23:01 GMT
date: Mon, 19 Sep 2022 09:23:01 GMT
cache-control: private, max-age=0
last-modified: Wed, 07 Sep 2022 12:35:46 GMT
etag: W/"8e7db00538f7d6d0937f451e0dedda958662de2e409f88cd2f310f10c6a4af71"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 63137
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Last-Modified: Mon, 19 Sep 2022 08:44:27 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 52c37c4d77fac06c9ae0bb67cb75d833
9889a71e2e46b87368c8b1182ec3eb376ee0b895
2b8b4de98acde6db4158743bf1c3cd63ff4396bdc4916c12cf82b18bcac4dfbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 394bcb7d2d03225cc35ac7afed1ca636
f9527034abeec236e7ffacc23473930958e04224
0254137487ef4a909a8c18cd47f5080e989796a5e1fe7873950617953a58c8d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 394bcb7d2d03225cc35ac7afed1ca636
f9527034abeec236e7ffacc23473930958e04224
0254137487ef4a909a8c18cd47f5080e989796a5e1fe7873950617953a58c8d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Mon, 19 Sep 2022 09:23:01 GMT
expires: Mon, 19 Sep 2022 09:23:01 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 394bcb7d2d03225cc35ac7afed1ca636
f9527034abeec236e7ffacc23473930958e04224
0254137487ef4a909a8c18cd47f5080e989796a5e1fe7873950617953a58c8d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3753684042-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3753684042-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 9310029f33929201831992bd74c13953
092fc9b60b0fcc7e24b80eb89f40178e91effb98
ed0ad17efb3c922e7bc8feffa0a5718d2ad226c44f2bb183b6ad163684f3b982
GET /static/v1/widgets/3753684042-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57039
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 01:53:41 GMT
expires: Fri, 15 Sep 2023 01:53:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
content-type: text/javascript
age: 372560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 18:36:04 GMT
expires: Mon, 18 Sep 2023 18:36:04 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 18 Sep 2022 02:49:24 GMT
content-type: text/javascript
age: 53217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash d70fcc84d705c565b31a5835c0938d5b
d28e5dc9fcc6239d67986df3205468072023d2d7
1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 07:25:35 GMT
expires: Mon, 18 Sep 2023 07:25:35 GMT
cache-control: public, max-age=31536000
age: 93446
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 394bcb7d2d03225cc35ac7afed1ca636
f9527034abeec236e7ffacc23473930958e04224
0254137487ef4a909a8c18cd47f5080e989796a5e1fe7873950617953a58c8d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Sun, 18 Sep 2022 22:16:39 GMT
expires: Sun, 02 Oct 2022 22:16:39 GMT
cache-control: public, max-age=1209600
age: 39982
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3a54b5c77aa17745895b6f59302ef77c
7b565c59ae775105e69cc5fef379e39f8277cbf9
3fe680b125290b1774ea48387b4f0b573c34fbe93d15598a863d148757e12b35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4255
Cache-Control: max-age=112742
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Etag: "632739bc-117"
Expires: Tue, 20 Sep 2022 16:42:03 GMT
Last-Modified: Sun, 18 Sep 2022 15:31:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
www.blogger.com/dyn-css/authorization.css?targetBlogID=5965718407436204039&zx=5f506187-b693-4dd3-ab8e-7a2fe992888e
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5965718407436204039&zx=5f506187-b693-4dd3-ab8e-7a2fe992888e
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5965718407436204039&zx=5f506187-b693-4dd3-ab8e-7a2fe992888e HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 19 Sep 2022 09:23:01 GMT
last-modified: Mon, 19 Sep 2022 09:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3a54b5c77aa17745895b6f59302ef77c
7b565c59ae775105e69cc5fef379e39f8277cbf9
3fe680b125290b1774ea48387b4f0b573c34fbe93d15598a863d148757e12b35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3510
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Last-Modified: Mon, 19 Sep 2022 08:24:31 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hza8oiFouiyxDElhHaEMBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ITvyj+4z4q7jZIUtx0e6lZwmxwk=
fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7924, version 1.0\012- data
Hash e535f7856b24153e0f3146e8f90a45c5
e5da5f96d38b08cc6ed2973735b5a9b9af066458
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
GET /s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 00:40:52 GMT
expires: Tue, 19 Sep 2023 00:40:52 GMT
cache-control: public, max-age=31536000
age: 31329
last-modified: Tue, 19 Feb 2019 22:26:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f9a503792f8f6de76673f960e880e25f
eaa2f78297d9749d552f9d75ad05613e49214590
cb537938f4539e314d077967fb41aaf4d1ffed7a2e3ba3d76e2c6f75cfeb9a3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB537938F4539E314D077967FB41AAF4D1FFED7A2E3BA3D76E2C6F75CFEB9A3A"
Last-Modified: Fri, 16 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13502
Expires: Mon, 19 Sep 2022 13:08:03 GMT
Date: Mon, 19 Sep 2022 09:23:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f9a503792f8f6de76673f960e880e25f
eaa2f78297d9749d552f9d75ad05613e49214590
cb537938f4539e314d077967fb41aaf4d1ffed7a2e3ba3d76e2c6f75cfeb9a3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB537938F4539E314D077967FB41AAF4D1FFED7A2E3BA3D76E2C6F75CFEB9A3A"
Last-Modified: Fri, 16 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9320
Expires: Mon, 19 Sep 2022 11:58:21 GMT
Date: Mon, 19 Sep 2022 09:23:01 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1gHKYKl4ybJC6Is02Lxpa__I4XG1JzXksNpeuUfM-WhzWiM3GcTlVWfmAkBg3Ndk4Ey1KmxhQu3VxOhU6TbEmvn-pGPP2tzkqnAq4pA1ty7tFyTtE2IperquqkJ-8x63JiVX63=w72-h72-p-k-no-nu
200 OK 3.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1gHKYKl4ybJC6Is02Lxpa__I4XG1JzXksNpeuUfM-WhzWiM3GcTlVWfmAkBg3Ndk4Ey1KmxhQu3VxOhU6TbEmvn-pGPP2tzkqnAq4pA1ty7tFyTtE2IperquqkJ-8x63JiVX63=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 832d63ad0fc26e9156020e6fca8f31f5
c43932b920311ddbdd834a7387e3fd69300d2da4
35d7169dcf8d87469bf0f5d5494ec674d793b96eaec4b9624379adf3ab870eef
GET /blogger_img_proxy/ANbyha1gHKYKl4ybJC6Is02Lxpa__I4XG1JzXksNpeuUfM-WhzWiM3GcTlVWfmAkBg3Ndk4Ey1KmxhQu3VxOhU6TbEmvn-pGPP2tzkqnAq4pA1ty7tFyTtE2IperquqkJ-8x63JiVX63=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 09:23:01 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 09:23:01 GMT
server: fife
content-length: 3048
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9517f7dfe0b74e5812a98a41f645aac2
c1cd3fddb0054b891454467d4212f32d17fd3e1c
dcd4f6c7c5eba66ee30050cc7cf7de2c0ca2c00c03bb4c6211d861ae8e161b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCD4F6C7C5EBA66EE30050CC7CF7DE2C0CA2C00C03BB4C6211D861AE8E161B40"
Last-Modified: Mon, 19 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Mon, 19 Sep 2022 15:22:41 GMT
Date: Mon, 19 Sep 2022 09:23:01 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash a885189cd9a522cfaaac98af1a03b512
a4045ce6f8d8e14582bb5245694d73b40da7f0f7
6afe80cbbc72285aa8f73e7d64bdeb755148410a8ec6c0eb13df255548ef17ad
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 19 Sep 2022 09:23:02 GMT
date: Mon, 19 Sep 2022 09:23:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0WDNU8noyblP20OStA28y0mNtODPWr4n7Y-F-9WaFcMKukCVEmW2o8dPsGMvg3OUkvNqbyVDOQzr4i-P7LY__W-hbpepIIijNJQU1xUWrZlc4CUJGhPVmne-og-qTv4_JFPZ7NzyJIyB4MlHJmRzTOY4rsyvl2JnXgbWdJSG8=w72-h72-p-k-no-nu
200 OK 1.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0WDNU8noyblP20OStA28y0mNtODPWr4n7Y-F-9WaFcMKukCVEmW2o8dPsGMvg3OUkvNqbyVDOQzr4i-P7LY__W-hbpepIIijNJQU1xUWrZlc4CUJGhPVmne-og-qTv4_JFPZ7NzyJIyB4MlHJmRzTOY4rsyvl2JnXgbWdJSG8=w72-h72-p-k-no-nu
IP
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash b817f1d33799fbf55cdb33b902ec9963
99a0cb3f753f78079dcb251e2d9f0731506d545e
5d2670cff273b9fa99f715b1dfdef3084ddc82757ed5319ee0b547c42e0e6b80
GET /blogger_img_proxy/ANbyha0WDNU8noyblP20OStA28y0mNtODPWr4n7Y-F-9WaFcMKukCVEmW2o8dPsGMvg3OUkvNqbyVDOQzr4i-P7LY__W-hbpepIIijNJQU1xUWrZlc4CUJGhPVmne-og-qTv4_JFPZ7NzyJIyB4MlHJmRzTOY4rsyvl2JnXgbWdJSG8=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 09:23:02 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 09:23:02 GMT
server: fife
content-length: 1105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 445533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 09:23:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+667; expires=Wed, 18-Sep-2024 09:23:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Sep 2022 09:23:02 GMT
cache-control: private
X-Firefox-Spdy: h2
www.extremetech.com/wp-content/uploads/2011/12/kindle-unknown-sources1-300x187.jpg
200 OK 12 kB URL HTTP/2 www.extremetech.com/wp-content/uploads/2011/12/kindle-unknown-sources1-300x187.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x187, components 3\012- data
Hash 76ab52185a27fbd48dc8307de71a52c4
fb6ab080480f033b23f77b737534672ef1b3f7c7
c10fce0c09b1770b5f71a49882d8df4baf12bf88003074ea7aef83d834b5bcdf
GET /wp-content/uploads/2011/12/kindle-unknown-sources1-300x187.jpg HTTP/1.1
Host: www.extremetech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:02 GMT
content-type: image/jpeg
content-length: 12491
last-modified: Thu, 09 Jun 2022 19:49:05 GMT
etag: "62a24eb1-30cb"
strict-transport-security: max-age=63072000;
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqA9iigx7BP4prcBIKy3IvAhkwbWG2gd5L0sqEoYTn38y4C7PjXkLKOFchYJjrK%2F9BAFOhBOVAzSA5nyEDDfF8Y1%2BwrDngchi8km5K0AHgSSUtg1WS%2F1yNfsatbV4iTsCxDsv64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
expires: Tue, 19 Sep 2023 09:23:02 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 74d1429f1d310b06-OSL
X-Firefox-Spdy: h2
www.extremetech.com/wp-content/uploads/2011/12/kindle-launcher-348x196.jpg
200 OK 22 kB URL HTTP/2 www.extremetech.com/wp-content/uploads/2011/12/kindle-launcher-348x196.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 348x196, components 3\012- data
Hash ad068dcb6bbd124fa2ea9a26a228aeb7
52d7ecb004ef4c16aeec6b3b40c9244dae1e9b79
cae7070c62d844010adc18d21a1fcf42d854c76503945495da90d1e2e9f57c7f
GET /wp-content/uploads/2011/12/kindle-launcher-348x196.jpg HTTP/1.1
Host: www.extremetech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:02 GMT
content-type: image/jpeg
content-length: 21573
last-modified: Thu, 09 Jun 2022 18:01:03 GMT
etag: "62a2355f-5445"
strict-transport-security: max-age=63072000;
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYNYwMVzuJhhSnMnVxZROrls2iHk6p5qyq7rO2bMsD%2B8Zu7IZaJy4SzA6VOETBvgjaf%2BUwaxrH3VmYtBgzFSKB%2BzDLIvKePGiw1k3LoApv1M4xY47Sr1Jp1kJLWnbHrNVccB2Og%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
expires: Tue, 19 Sep 2023 09:23:02 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 74d1429edcfe0b06-OSL
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2974
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 19 Sep 2022 09:23:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+923; expires=Wed, 18-Sep-2024 09:23:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Sep 2022 09:23:02 GMT
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha17WPMbGK7a8AxlTsjVDOh5naNYbqdQ7kIwGbKSRWh5nGIyJ8P-SOZ6hv6jHE_xn9MG5YsIRHcsGeaDEZMFeyGdwpUxP3xMwAWAa7BS4vGbwvhMOhmUi2H97UVjWcHFsUxXCYLHb4vJFRYfISfbVqSROPh19SQ=w72-h72-p-k-no-nu
200 OK 4.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha17WPMbGK7a8AxlTsjVDOh5naNYbqdQ7kIwGbKSRWh5nGIyJ8P-SOZ6hv6jHE_xn9MG5YsIRHcsGeaDEZMFeyGdwpUxP3xMwAWAa7BS4vGbwvhMOhmUi2H97UVjWcHFsUxXCYLHb4vJFRYfISfbVqSROPh19SQ=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 396d9efb109287d693215bb669ab40eb
9a025318324e1be1d0ccd0a9c28692e91e33cb88
76b975bfbb9aa486239fa0e3281136f918ec4c323af62e6d94b7ad82214fa7c0
GET /blogger_img_proxy/ANbyha17WPMbGK7a8AxlTsjVDOh5naNYbqdQ7kIwGbKSRWh5nGIyJ8P-SOZ6hv6jHE_xn9MG5YsIRHcsGeaDEZMFeyGdwpUxP3xMwAWAa7BS4vGbwvhMOhmUi2H97UVjWcHFsUxXCYLHb4vJFRYfISfbVqSROPh19SQ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 09:23:02 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 09:23:02 GMT
server: fife
content-length: 3955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0cReiKTkqgZBzjeaCUEQPAI_CNpXVzNaMse2q7FY4JF4ODqqK6VMroDk1Rw7UQ5nsEv-pdU16nj_YBAA76cnoBprO80KhvFgEpqrAB-HvpBeNmHx3S2RFjn6rDzL685GoePrE1XiggPKhNFcQ3-WSwdMHs=w72-h72-p-k-no-nu
200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0cReiKTkqgZBzjeaCUEQPAI_CNpXVzNaMse2q7FY4JF4ODqqK6VMroDk1Rw7UQ5nsEv-pdU16nj_YBAA76cnoBprO80KhvFgEpqrAB-HvpBeNmHx3S2RFjn6rDzL685GoePrE1XiggPKhNFcQ3-WSwdMHs=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash c2fcab94dd26020da2fa944197b15870
345a6d57336d57ebda66349464edbb51b556b3ac
da724687e76a2f30d937a29f78567c57161644fd3199eba1785ecc62f5411b6a
GET /blogger_img_proxy/ANbyha0cReiKTkqgZBzjeaCUEQPAI_CNpXVzNaMse2q7FY4JF4ODqqK6VMroDk1Rw7UQ5nsEv-pdU16nj_YBAA76cnoBprO80KhvFgEpqrAB-HvpBeNmHx3S2RFjn6rDzL685GoePrE1XiggPKhNFcQ3-WSwdMHs=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 09:23:02 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 09:23:02 GMT
server: fife
content-length: 3071
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ibikini.cyou/native2
307 Temporary Redirect 1 B IP
ASN #58487 Rumahweb Indonesia CV.
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /native2 HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_4=native2; expires=Wed, 19-Oct-2022 09:23:02 GMT; Max-Age=2592000; path=/
prli_visitor=632834f665dc7; expires=Tue, 19-Sep-2023 09:23:02 GMT; Max-Age=31536000; path=/
location: https://annesuspense.com/87b30457de7ee06c41c2443ab2e5e148/invoke.js
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 09:23:02 GMT
server: Apache
X-Firefox-Spdy: h2
ibikini.cyou/dojoo
307 Temporary Redirect 1 B IP
ASN #58487 Rumahweb Indonesia CV.
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /dojoo HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_6=dojoo; expires=Wed, 19-Oct-2022 09:23:02 GMT; Max-Age=2592000; path=/
prli_visitor=632834f67ce34; expires=Tue, 19-Sep-2023 09:23:02 GMT; Max-Age=31536000; path=/
location: https://pop.dojo.cc/5832.js
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 09:23:02 GMT
server: Apache
X-Firefox-Spdy: h2
ibikini.cyou/social2
307 Temporary Redirect 1 B IP
ASN #58487 Rumahweb Indonesia CV.
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /social2 HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_3=social2; expires=Wed, 19-Oct-2022 09:23:02 GMT; Max-Age=2592000; path=/
prli_visitor=632834f692d5e; expires=Tue, 19-Sep-2023 09:23:02 GMT; Max-Age=31536000; path=/
location: https://annesuspense.com/44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 09:23:02 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13656
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13656
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13656
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13656
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13656
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:23:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 41149
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
age: 41364
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
age: 41364
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f2b49224f40b4ea819e0c66fc155eec
d37b9b044bdb469678433766470ed36a2384817f
b94b1d4e0df0bac9b4a2b5c86bee900248614756fb24e2b7b182a871b425b2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11345
x-amzn-requestid: 6b78aa51-b7d1-494b-93f9-6906911efa7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YowwkHc9IAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632694d0-0f0b85eb5172e8014f0db2a9;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:47:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: en9bQR-hlcvBUJkgkKnLgBtYNUbSywwHJ4GZE76oN8eP6m8EnlDgdw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 07:21:09 GMT
age: 7314
etag: "d37b9b044bdb469678433766470ed36a2384817f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 20344
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:54:31 GMT
age: 19712
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 18bc6d8114f7e8379159a54601b308b4
b52366f769a90a056925001e69f0f55257241b42
26dcb05c9fdb4839ffb0730d37af77b55207a6a27b444cd2912ad07f4c52544a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26DCB05C9FDB4839FFB0730D37AF77B55207A6A27B444CD2912AD07F4C52544A"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3619
Expires: Mon, 19 Sep 2022 10:23:23 GMT
Date: Mon, 19 Sep 2022 09:23:04 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:13:35 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 61539331
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eff3ed547593755c07d1e1d3b9d6a11c
25d889bd4f48e14d9c2aea3b204158bd80db8694
4f18d10e931cd1dbdee1e699e60a3d98353aa4cd32968732380a22d73d335a7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F18D10E931CD1DBDEE1E699E60A3D98353AA4CD32968732380A22D73D335A7C"
Last-Modified: Sun, 18 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21283
Expires: Mon, 19 Sep 2022 15:17:48 GMT
Date: Mon, 19 Sep 2022 09:23:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eff3ed547593755c07d1e1d3b9d6a11c
25d889bd4f48e14d9c2aea3b204158bd80db8694
4f18d10e931cd1dbdee1e699e60a3d98353aa4cd32968732380a22d73d335a7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F18D10E931CD1DBDEE1E699E60A3D98353AA4CD32968732380A22D73D335A7C"
Last-Modified: Sun, 18 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17520
Expires: Mon, 19 Sep 2022 14:15:05 GMT
Date: Mon, 19 Sep 2022 09:23:05 GMT
Connection: keep-alive
annesuspense.com/87b30457de7ee06c41c2443ab2e5e148/invoke.js
200 OK 9.3 kB URL HTTP/1.1 annesuspense.com/87b30457de7ee06c41c2443ab2e5e148/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Hash 68f0cb63b632cb10945b422da4a698c2
ff8df070fd3e6b94d37ff896deae64e900b95954
27a398ed08d6484d03589c1571967814171ea304259f00e4143d704fb57586cc
Analyzer Verdict Alert quad9 Sinkholed
GET /87b30457de7ee06c41c2443ab2e5e148/invoke.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ferrellgially.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 09:23:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f00af4d80827f5ec5f85c929b3ee4eb5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
annesuspense.com/44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js
200 OK 13 kB URL HTTP/1.1 annesuspense.com/44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37112), with no line terminators
Hash 28d4f9838f62b005706c39b10bde1f3c
7a27f0608e5fa80bb7d22e40fbb426f8e003164f
cea4eeeababfe4c7d04c36c39e673763370381f7f323cae6415984a962eb65e1
Analyzer Verdict Alert quad9 Sinkholed
GET /44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ferrellgially.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 09:23:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ed9f8c563764e94e02ffe580e5b0fa2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 278 B IP
Hash 00b79985d12bcdd71d65065a0866dc11
fff92e1cb194d81f626c0e51118f530088cbd908
cead40e06d32df572beb799818ee4ebd27748cdceb0d13b5f463de35ea8e7904
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:05 GMT
Last-Modified: Mon, 19 Sep 2022 08:07:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9fc04c55e695731dd8b9e69a36ef1c76
e5267f385dcab77d6dcd11e86267c0ae55e59bc4
f5558100b1c676f1a3495e560e3495a832b3b94c7acf8a032002f3fc18862d1e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 09:23:05 GMT
Last-Modified: Mon, 19 Sep 2022 07:46:13 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0pvVz6UIPKCHCJF9cMlHNRHFNtoqhYpCHueEeA0869JraZSa3mlX6A==
Age: 5812
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash ba19c635e3db90d0237c452efa7c64cd
225e9b17fa3753cb5f284b73e6421697d85bc4b6
b9388cb8071df9eda6ee82e0ca3b1e205fe578236fe21f7ea8da2b163407d13a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ferrellgially.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=143c1621-189a-44de-af2d-3833122f1dad:1:1; expires=Thu, 16 Sep 2032 09:23:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
annesuspense.com/22445398d1a51748dcdb9dcab239afd3/invoke.js
200 OK 9.8 kB URL HTTP/1.1 annesuspense.com/22445398d1a51748dcdb9dcab239afd3/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Hash b4a005012518018370f9cb9836fccda7
2338da642c77fd0c61ebb8b810314cceab4cac68
6bbf01342e765d14fad74141244501bbcc3be3ebc6ebb3351170a668a83b4338
Analyzer Verdict Alert quad9 Sinkholed
GET /22445398d1a51748dcdb9dcab239afd3/invoke.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 09:23:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b6fdf6c4ca0bd7905a1f657278632617
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9fc04c55e695731dd8b9e69a36ef1c76
e5267f385dcab77d6dcd11e86267c0ae55e59bc4
f5558100b1c676f1a3495e560e3495a832b3b94c7acf8a032002f3fc18862d1e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 09:23:05 GMT
Last-Modified: Mon, 19 Sep 2022 07:35:23 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QfUBQMJUltycrv8s56C9IomsezoN5qLFuAjsqsVYiLCRK2NAfsYzpg==
Age: 6462
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash bc2eac5cc7fdbf3fdedb8f1b20057f39
c3e787f91fc02269829419b468d09a537c510666
77a147b7e5074828cda1b391c0b506e60920731f137c7605f131def056f194f4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ferrellgially.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=b1d56918-da75-4ead-8ea4-a5ef578f240a:1:1; expires=Thu, 16 Sep 2032 09:23:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 00b79985d12bcdd71d65065a0866dc11
fff92e1cb194d81f626c0e51118f530088cbd908
cead40e06d32df572beb799818ee4ebd27748cdceb0d13b5f463de35ea8e7904
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4535
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:06 GMT
Last-Modified: Mon, 19 Sep 2022 08:07:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b5b55f6c9e2acbd5fc33381ecc4603c5
e0b3afa431be81a599695046880db9ed3dbaa6e5
4ec3f3c2b480545e5d85ad5d67e5b80b1c18c324ce181136be5d10081fd626c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EC3F3C2B480545E5D85AD5D67E5B80B1C18C324CE181136BE5D10081FD626C1"
Last-Modified: Mon, 19 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14069
Expires: Mon, 19 Sep 2022 13:17:35 GMT
Date: Mon, 19 Sep 2022 09:23:06 GMT
Connection: keep-alive
peeredgerman.com/watch.293161403088.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22how%22%2C%22to%22%2C%22hide%22%2C%22apps%22%2C%22on%22%2C%22kindle%22%2C%22fire%22%2C%22-%22%2C%22ferrell%22%2C%22gially%22%5D&refer=https%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&tz=0&dev=r&res=12.31&uuid=143c1621-189a-44de-af2d-3833122f1dad%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 peeredgerman.com/watch.293161403088.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22how%22%2C%22to%22%2C%22hide%22%2C%22apps%22%2C%22on%22%2C%22kindle%22%2C%22fire%22%2C%22-%22%2C%22ferrell%22%2C%22gially%22%5D&refer=https%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&tz=0&dev=r&res=12.31&uuid=143c1621-189a-44de-af2d-3833122f1dad%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.293161403088.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22how%22%2C%22to%22%2C%22hide%22%2C%22apps%22%2C%22on%22%2C%22kindle%22%2C%22fire%22%2C%22-%22%2C%22ferrell%22%2C%22gially%22%5D&refer=https%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&tz=0&dev=r&res=12.31&uuid=143c1621-189a-44de-af2d-3833122f1dad%3A1%3A1 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 09:23:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ferrellgially.blogspot.com
Access-Control-Allow-Origin: https://ferrellgially.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://peeredgerman.com/watch.293161403088.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22how%22%2C%22to%22%2C%22hide%22%2C%22apps%22%2C%22on%22%2C%22kindle%22%2C%22fire%22%2C%22-%22%2C%22ferrell%22%2C%22gially%22%5D&refer=https%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&tz=0&dev=r&res=12.31&uuid=143c1621-189a-44de-af2d-3833122f1dad%3A1%3A1&shu=6f0ad1e59a50f3b7aeb1acb1dbf6b576cdc77afef9638751e9d889d6ebc2856b2d695fe8f52d50081034b775d5abd2a73e1da6e21d0e90292b57077b08962c22b64bbbe15397f5b9f3e60b528cec482da2bab17b76aebbe2f65c85038648d2&pst=1663579446&rmtc=t
Set-Cookie: u_pl=16073926; expires=Tue, 20 Sep 2022 09:23:06 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA3MzkyNiwiayI6IjIyNDQ1Mzk4ZDFhNTE3NDhkY2RiOWRjYWIyMzlhZmQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDkxMjI3LCJwaWQiOjI4MjYxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJqZWpkYjQ5Nml5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2ZlcnJlbGxnaWFsbHkuYmxvZ3Nwb3QuY29tLzIwMjEvMTIvaG93LXRvLWhpZGUtYXBwcy1vbi1raW5kbGUtZmlyZS5odG1sIn19.CNPuAvM9i53cdAP1dZJaYYr5SKslEH1r80FS42WXyFg; expires=Mon, 19 Sep 2022 09:24:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb94031277b716e5b64ad783b622a98b
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4543018&@f16&@g1&@h1&@i1&@j1663579365550&@k0&@l1&@mHow%20To%20Hide%20Apps%20On%20Kindle%20Fire%20-%20Ferrell%20Gially&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40728613&@b3:1663579366&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&@w
200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4543018&@f16&@g1&@h1&@i1&@j1663579365550&@k0&@l1&@mHow%20To%20Hide%20Apps%20On%20Kindle%20Fire%20-%20Ferrell%20Gially&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40728613&@b3:1663579366&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&@w
IP
File type ASCII text, with no line terminators
Hash 4673301ab20003aa575d5e46d863f5dc
52b385b8a223daf3bc2fccd1a0491f9e6e696464
1748ae7c66473736ff2235f145eeedc8be5aa0a011635b6df02d86059658a727
GET /stats/0.php?4543018&@f16&@g1&@h1&@i1&@j1663579365550&@k0&@l1&@mHow%20To%20Hide%20Apps%20On%20Kindle%20Fire%20-%20Ferrell%20Gially&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40728613&@b3:1663579366&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 09:23:06 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
peeredgerman.com/watch.293161403088.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22how%22%2C%22to%22%2C%22hide%22%2C%22apps%22%2C%22on%22%2C%22kindle%22%2C%22fire%22%2C%22-%22%2C%22ferrell%22%2C%22gially%22%5D&refer=https%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&tz=0&dev=r&res=12.31&uuid=143c1621-189a-44de-af2d-3833122f1dad%3A1%3A1&shu=6f0ad1e59a50f3b7aeb1acb1dbf6b576cdc77afef9638751e9d889d6ebc2856b2d695fe8f52d50081034b775d5abd2a73e1da6e21d0e90292b57077b08962c22b64bbbe15397f5b9f3e60b528cec482da2bab17b76aebbe2f65c85038648d2&pst=1663579446&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 peeredgerman.com/watch.293161403088.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22how%22%2C%22to%22%2C%22hide%22%2C%22apps%22%2C%22on%22%2C%22kindle%22%2C%22fire%22%2C%22-%22%2C%22ferrell%22%2C%22gially%22%5D&refer=https%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&tz=0&dev=r&res=12.31&uuid=143c1621-189a-44de-af2d-3833122f1dad%3A1%3A1&shu=6f0ad1e59a50f3b7aeb1acb1dbf6b576cdc77afef9638751e9d889d6ebc2856b2d695fe8f52d50081034b775d5abd2a73e1da6e21d0e90292b57077b08962c22b64bbbe15397f5b9f3e60b528cec482da2bab17b76aebbe2f65c85038648d2&pst=1663579446&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2630)
Hash 75ed15e233de7e56a839f02f5e30dd35
3faf4a4a1a3df9fc522e97b5229716db3924eb1d
39c758387e5621ff6ff8a494820047835e5aa32ce2e8053abad9ea815ad8bbcb
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.293161403088.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22how%22%2C%22to%22%2C%22hide%22%2C%22apps%22%2C%22on%22%2C%22kindle%22%2C%22fire%22%2C%22-%22%2C%22ferrell%22%2C%22gially%22%5D&refer=https%3A%2F%2Fferrellgially.blogspot.com%2F2021%2F12%2Fhow-to-hide-apps-on-kindle-fire.html&tz=0&dev=r&res=12.31&uuid=143c1621-189a-44de-af2d-3833122f1dad%3A1%3A1&shu=6f0ad1e59a50f3b7aeb1acb1dbf6b576cdc77afef9638751e9d889d6ebc2856b2d695fe8f52d50081034b775d5abd2a73e1da6e21d0e90292b57077b08962c22b64bbbe15397f5b9f3e60b528cec482da2bab17b76aebbe2f65c85038648d2&pst=1663579446&rmtc=t HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Referer: https://ferrellgially.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16073926; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA3MzkyNiwiayI6IjIyNDQ1Mzk4ZDFhNTE3NDhkY2RiOWRjYWIyMzlhZmQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDkxMjI3LCJwaWQiOjI4MjYxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJqZWpkYjQ5Nml5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2ZlcnJlbGxnaWFsbHkuYmxvZ3Nwb3QuY29tLzIwMjEvMTIvaG93LXRvLWhpZGUtYXBwcy1vbi1raW5kbGUtZmlyZS5odG1sIn19.CNPuAvM9i53cdAP1dZJaYYr5SKslEH1r80FS42WXyFg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 09:23:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ferrellgially.blogspot.com
Access-Control-Allow-Origin: https://ferrellgially.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=143c1621-189a-44de-af2d-3833122f1dad:1:1; expires=Mon, 26 Sep 2022 09:23:06 GMT; secure; SameSite=None
iprc653d92ff98b5d72e4c5fb9eff370dcf4=3569806; expires=Mon, 19 Sep 2022 13:23:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 20 Sep 2022 09:23:06 GMT; secure; SameSite=None
uncs=1; expires=Tue, 20 Sep 2022 09:23:06 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 20 Sep 2022 09:23:06 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 20 Sep 2022 09:23:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d45fb40171fe293c88223760327e4f83
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e9645643e1a43d77b51841592522035e
f68948762b7c3e69fab5f71bf690f77b6cd76155
aa340c2215536bc9f307bd8c245f43b792f19dd5ee4b528621054ea8bcac9ca3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA340C2215536BC9F307BD8C245F43B792F19DD5EE4B528621054EA8BCAC9CA3"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10475
Expires: Mon, 19 Sep 2022 12:17:42 GMT
Date: Mon, 19 Sep 2022 09:23:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3560fd0459a75cf29346caa46f7e84a1
f4ddcaf667912056478156ea67a9c16cfdacc0b0
f2f4b9cb192aba52569b22fa34a39420113c1ae958b17b6b59652182ffa10eed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2F4B9CB192ABA52569B22FA34A39420113C1AE958B17B6B59652182FFA10EED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12659
Expires: Mon, 19 Sep 2022 12:54:06 GMT
Date: Mon, 19 Sep 2022 09:23:07 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:07 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Wed, 21 Sep 2022 09:23:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=b1d56918-da75-4ead-8ea4-a5ef578f240a&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=44035c191f4c0ed7ba5fb93f9738442c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b1d56918-da75-4ead-8ea4-a5ef578f240a&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=44035c191f4c0ed7ba5fb93f9738442c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b1d56918-da75-4ead-8ea4-a5ef578f240a&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=44035c191f4c0ed7ba5fb93f9738442c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 09:23:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08b0c255f4687a452643497c4ff5cddc
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfc9aaafc9c0f1b983b36b0463facfd9
30be3ecd99121d5805e71c9a8f12f22b396a3460
7331be4ac7bc26c3164c2744811b08b2522a559a4cae8f9a7910382db370c6ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7331BE4AC7BC26C3164C2744811B08B2522A559A4CAE8F9A7910382DB370C6ED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=909
Expires: Mon, 19 Sep 2022 09:38:17 GMT
Date: Mon, 19 Sep 2022 09:23:08 GMT
Connection: keep-alive
forgerylimit.com/sbar.json?key=44035c191f4c0ed7ba5fb93f9738442c&uuid=b1d56918-da75-4ead-8ea4-a5ef578f240a%3A1%3A1
200 OK 4.1 kB URL HTTP/1.1 forgerylimit.com/sbar.json?key=44035c191f4c0ed7ba5fb93f9738442c&uuid=b1d56918-da75-4ead-8ea4-a5ef578f240a%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5815), with no line terminators
Hash 07a2adb3c27ea28b7688c41b31099275
dd7e2f16b1339a114a158f8542a182c02e69e5ba
a2e371218054282b6d7f1539356fe767967bdd5547c08bad70243cddcce464ed
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=44035c191f4c0ed7ba5fb93f9738442c&uuid=b1d56918-da75-4ead-8ea4-a5ef578f240a%3A1%3A1 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 09:23:08 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ferrellgially.blogspot.com
Access-Control-Allow-Origin: https://ferrellgially.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16598140; expires=Tue, 20 Sep 2022 09:23:08 GMT; secure; SameSite=None
uid_id2=b1d56918-da75-4ead-8ea4-a5ef578f240a:1:1; expires=Mon, 26 Sep 2022 09:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 20 Sep 2022 09:23:08 GMT; secure; SameSite=None
uncs=1; expires=Tue, 20 Sep 2022 09:23:08 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 20 Sep 2022 09:23:08 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 20 Sep 2022 09:23:08 GMT; secure; SameSite=None
slec44035c191f4c0ed7ba5fb93f9738442c=[3364848]; expires=Mon, 19 Sep 2022 09:23:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 569ac0137377507f8cf5bd0b78eaf902
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash fc9690095d8bb20684ff346ec692f089
967aa881cafda44334eb614a6bcc0abd1c61e106
7a1df33f796d4cc8447019b71d84683cf1c46c5f2d945fb62a6d8c8d82990276
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4194
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:08 GMT
Last-Modified: Mon, 19 Sep 2022 08:13:14 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 279
forgerylimit.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRTGq5M9iJ6UIKgoI3iI4E66Z3qmZ8whGNeV4CYbEiXetLqqerbcmq6mqrp7dhFZDEqO43%2FQ%2B81ulmgQBa9GnQ3ksKeMpzm4f0NEEIQIMpPVwQfNe6%2B%2FV%2FCrr96Xu%2Fkx8ZHT6cplvS2Voudadb929sMgOF9bk2k%2BqA067Y%2Fa4fmaKd7stuv%2B67V3BdvU5xp%2B4PuBH9RWpRGJHpybiZDZ3W5Q7%2Fr1sFEPWiEG5v%2B9zT1Y6oEXx%2BQ5SD5Zuu%2BdgWRjpP3vVoTddDp7451%2BrqjTBgU%2F%2BCDdTHWZor8oE%2BMhSQ9OpqHtw9V70On%2BHBe6%2BG8wlhPiPbiHOD04gURc7M05YwWRIubPoCzGEGoMScdg%2BiYkf0gAxnFlHWn%2F9hVtSrr1RKUzdUKW%2FvwDspyQpd%2FOIO1%2Fe1HJQe26VrmTOrUYJBXkYAzZGyPLD%2BG2T0GWh2Duc0hOkPYrSD59LQ54q90NOsucRq3lUFC%2B3BE0XKYtkbSiTtIIfTo3RsoxZDKGEkNQ6yGffdJDnnjIMw99Pq2xIAginzPqd7qMNXkk4jb3AxolAQ38dgc5m7EP4bIhmBqCmR1kZgebcgiT%2Fwy7UcFyD9YRFLxCKQhKS1BSglISlI6gLKp9rmzDVre5snkcnOTGSW5WI%2B16u%2FG%2Bdj2RPr2bHZNn54b9vfIpNsW0FoZ%2Bs8WCbpCEzBc8imkribvNpBs1O2HYYLCygrSn5tfclhPy%2FC8vIZMTsrT%2BF2J6CKsOweRp0Pxl0HIUNXzQjVHY8bGdTl%2Fd0KXTpZFOuA1p3FYiC1GPle7ZTLs6031wXSFzS3Bb3q46Ji%2FM6Zo3HkGwowsfx5cnv995DGYqZKbCJ%2FI%2BQU%2FdGl3TJdm7pktLvl%2FPnOzLbTp76uuOOkG%2Bfk9sldrwSyt2eOctNhNm5d33hXVrNOUy7VnyzUXJuTCr2jBBfrxkb4j4am43LuYmzbO1q2%2BvXupnRlgrdToGlRNCHhyByQl56of9%2BRa%2F%2BMVnkGYMk1fo50fkJCD1IVi2A5st%2BK0mMGoxE2ceyrwamUa8%2BKkkgRKLnsYVrDj66dG%2Fhxb1rr2FnnkF1N2cL29hKhSqAlVD2Pz0yGXm6MKvzXkgVt4oVsbbi5VRXz0x18ppLWo2fdrutoIooiKKw0YnaQec0kbYbrTbtAlnJ%2Bxs%2BPgfAAAA%2F%2F8BAAD%2F%2F7CtQYWQBAAA
200 OK 7 B URL HTTP/1.1 forgerylimit.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRTGq5M9iJ6UIKgoI3iI4E66Z3qmZ8whGNeV4CYbEiXetLqqerbcmq6mqrp7dhFZDEqO43%2FQ%2B81ulmgQBa9GnQ3ksKeMpzm4f0NEEIQIMpPVwQfNe6%2B%2FV%2FCrr96Xu%2Fkx8ZHT6cplvS2Voudadb929sMgOF9bk2k%2BqA067Y%2Fa4fmaKd7stuv%2B67V3BdvU5xp%2B4PuBH9RWpRGJHpybiZDZ3W5Q7%2Fr1sFEPWiEG5v%2B9zT1Y6oEXx%2BQ5SD5Zuu%2BdgWRjpP3vVoTddDp7451%2BrqjTBgU%2F%2BCDdTHWZor8oE%2BMhSQ9OpqHtw9V70On%2BHBe6%2BG8wlhPiPbiHOD04gURc7M05YwWRIubPoCzGEGoMScdg%2BiYkf0gAxnFlHWn%2F9hVtSrr1RKUzdUKW%2FvwDspyQpd%2FOIO1%2Fe1HJQe26VrmTOrUYJBXkYAzZGyPLD%2BG2T0GWh2Duc0hOkPYrSD59LQ54q90NOsucRq3lUFC%2B3BE0XKYtkbSiTtIIfTo3RsoxZDKGEkNQ6yGffdJDnnjIMw99Pq2xIAginzPqd7qMNXkk4jb3AxolAQ38dgc5m7EP4bIhmBqCmR1kZgebcgiT%2Fwy7UcFyD9YRFLxCKQhKS1BSglISlI6gLKp9rmzDVre5snkcnOTGSW5WI%2B16u%2FG%2Bdj2RPr2bHZNn54b9vfIpNsW0FoZ%2Bs8WCbpCEzBc8imkribvNpBs1O2HYYLCygrSn5tfclhPy%2FC8vIZMTsrT%2BF2J6CKsOweRp0Pxl0HIUNXzQjVHY8bGdTl%2Fd0KXTpZFOuA1p3FYiC1GPle7ZTLs6031wXSFzS3Bb3q46Ji%2FM6Zo3HkGwowsfx5cnv995DGYqZKbCJ%2FI%2BQU%2FdGl3TJdm7pktLvl%2FPnOzLbTp76uuOOkG%2Bfk9sldrwSyt2eOctNhNm5d33hXVrNOUy7VnyzUXJuTCr2jBBfrxkb4j4am43LuYmzbO1q2%2BvXupnRlgrdToGlRNCHhyByQl56of9%2BRa%2F%2BMVnkGYMk1fo50fkJCD1IVi2A5st%2BK0mMGoxE2ceyrwamUa8%2BKkkgRKLnsYVrDj66dG%2Fhxb1rr2FnnkF1N2cL29hKhSqAlVD2Pz0yGXm6MKvzXkgVt4oVsbbi5VRXz0x18ppLWo2fdrutoIooiKKw0YnaQec0kbYbrTbtAlnJ%2Bxs%2BPgfAAAA%2F%2F8BAAD%2F%2F7CtQYWQBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRTGq5M9iJ6UIKgoI3iI4E66Z3qmZ8whGNeV4CYbEiXetLqqerbcmq6mqrp7dhFZDEqO43%2FQ%2B81ulmgQBa9GnQ3ksKeMpzm4f0NEEIQIMpPVwQfNe6%2B%2FV%2FCrr96Xu%2Fkx8ZHT6cplvS2Voudadb929sMgOF9bk2k%2BqA067Y%2Fa4fmaKd7stuv%2B67V3BdvU5xp%2B4PuBH9RWpRGJHpybiZDZ3W5Q7%2Fr1sFEPWiEG5v%2B9zT1Y6oEXx%2BQ5SD5Zuu%2BdgWRjpP3vVoTddDp7451%2BrqjTBgU%2F%2BCDdTHWZor8oE%2BMhSQ9OpqHtw9V70On%2BHBe6%2BG8wlhPiPbiHOD04gURc7M05YwWRIubPoCzGEGoMScdg%2BiYkf0gAxnFlHWn%2F9hVtSrr1RKUzdUKW%2FvwDspyQpd%2FOIO1%2Fe1HJQe26VrmTOrUYJBXkYAzZGyPLD%2BG2T0GWh2Duc0hOkPYrSD59LQ54q90NOsucRq3lUFC%2B3BE0XKYtkbSiTtIIfTo3RsoxZDKGEkNQ6yGffdJDnnjIMw99Pq2xIAginzPqd7qMNXkk4jb3AxolAQ38dgc5m7EP4bIhmBqCmR1kZgebcgiT%2Fwy7UcFyD9YRFLxCKQhKS1BSglISlI6gLKp9rmzDVre5snkcnOTGSW5WI%2B16u%2FG%2Bdj2RPr2bHZNn54b9vfIpNsW0FoZ%2Bs8WCbpCEzBc8imkribvNpBs1O2HYYLCygrSn5tfclhPy%2FC8vIZMTsrT%2BF2J6CKsOweRp0Pxl0HIUNXzQjVHY8bGdTl%2Fd0KXTpZFOuA1p3FYiC1GPle7ZTLs6031wXSFzS3Bb3q46Ji%2FM6Zo3HkGwowsfx5cnv995DGYqZKbCJ%2FI%2BQU%2FdGl3TJdm7pktLvl%2FPnOzLbTp76uuOOkG%2Bfk9sldrwSyt2eOctNhNm5d33hXVrNOUy7VnyzUXJuTCr2jBBfrxkb4j4am43LuYmzbO1q2%2BvXupnRlgrdToGlRNCHhyByQl56of9%2BRa%2F%2BMVnkGYMk1fo50fkJCD1IVi2A5st%2BK0mMGoxE2ceyrwamUa8%2BKkkgRKLnsYVrDj66dG%2Fhxb1rr2FnnkF1N2cL29hKhSqAlVD2Pz0yGXm6MKvzXkgVt4oVsbbi5VRXz0x18ppLWo2fdrutoIooiKKw0YnaQec0kbYbrTbtAlnJ%2Bxs%2BPgfAAAA%2F%2F8BAAD%2F%2F7CtQYWQBAAA HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Cookie: u_pl=16598140; uid_id2=b1d56918-da75-4ead-8ea4-a5ef578f240a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec44035c191f4c0ed7ba5fb93f9738442c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 09:23:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b98562914fc7b1f3e909531b9ecef585
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash e653e9e35a789699da2a7d963d19e22e
659c37a91bd4f1586bc51ec571ef34aef3d4d226
a3d3d38d619c15c709c5fa37f1694b9c39d317e1c9af9a6dcaa482fcf76df7d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A3D3D38D619C15C709C5FA37F1694B9C39D317E1C9AF9A6DCAA482FCF76DF7D2"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 19 Sep 2022 11:10:30 GMT
Date: Mon, 19 Sep 2022 09:23:09 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash e653e9e35a789699da2a7d963d19e22e
659c37a91bd4f1586bc51ec571ef34aef3d4d226
a3d3d38d619c15c709c5fa37f1694b9c39d317e1c9af9a6dcaa482fcf76df7d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A3D3D38D619C15C709C5FA37F1694B9C39D317E1C9AF9A6DCAA482FCF76DF7D2"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 19 Sep 2022 11:10:30 GMT
Date: Mon, 19 Sep 2022 09:23:09 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
IP
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4058331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OyEiNVvPJJ7F7P0%2FXrW5fRhxKba6g5Aq0RAPOgY82q%2FeeVcvUoO4AjUI4NC3b3g5lRo3TUlMj%2BV%2B2Wv2bdZfcfVmDw2UfY7vFzH60LiBr7FVTwxGzffIts0ujPMX6Q%2BxNA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142ce6854b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4058331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Fhk23wzcaJILh8%2BWoMqZbMTLHDJ0J4fjcM%2B8bAuUE6yBgZlS%2B4RxoOceAYzqqK27mSXaEIAAcDsZT9YZEHX6EriP4yYtH8MX%2Fr1WPmAerF3%2F3w1qHcYv7AZDQf8%2BlUqGEA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142ce6856b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4058331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rR5V2bj2VtrVs8foSzjALqR2iJ0JCFQ8TykWs%2BuFAm6XiT3eLGL%2Fwwmnl3M%2BInFDxavOPFs1x2oLu4on%2BgZ2NY3mHZgKpfVRmyFglBKdJgS4DQUFNCltJlD2V8gYyU6bJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142ce6859b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
200 OK 157 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 157 kB (157252 bytes)
Hash 70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4058331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l%2BNZnwitqF9d6Cvni0I77H4pgyjXuoy3BqNaalTeRaanIzUN6DopbRVsTOX6xdriYVd0ihufNBl4c5sdwzOzgXqvtsEgjQVP1fO5SxB%2FumEBaFUckCIymxjfRfkaY0Ly9c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142ce685bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=597
200 OK 0 B URL HTTP/1.1 forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=597
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=597 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Cookie: u_pl=16598140; uid_id2=b1d56918-da75-4ead-8ea4-a5ef578f240a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec44035c191f4c0ed7ba5fb93f9738442c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 09:23:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash e653e9e35a789699da2a7d963d19e22e
659c37a91bd4f1586bc51ec571ef34aef3d4d226
a3d3d38d619c15c709c5fa37f1694b9c39d317e1c9af9a6dcaa482fcf76df7d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A3D3D38D619C15C709C5FA37F1694B9C39D317E1C9AF9A6DCAA482FCF76DF7D2"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 19 Sep 2022 11:10:30 GMT
Date: Mon, 19 Sep 2022 09:23:09 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Hash de178b7a21d1808aa10491ca81df4c43
233f0f1b2720023e002fdba95e60c6597e8d4c4f
8160a36f3490a67a5afda9804afa925fc81bd1e8739d1873ad026c2c8b979327
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 09:23:09 GMT
date: Mon, 19 Sep 2022 09:23:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5cb77c783d0a7589987f41067077245a
df872e3d49a20afa12f780a849bad885f6f15b9b
f6a840dcc0680aca859b292bdc241dbe6083b1142d2e0742a709344142863850
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A840DCC0680ACA859B292BDC241DBE6083B1142D2E0742A709344142863850"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18965
Expires: Mon, 19 Sep 2022 14:39:14 GMT
Date: Mon, 19 Sep 2022 09:23:09 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajKX7QcnmZqorsdzv0g%2FlWQVE425Wz0pED6iKURHOw45v0P5lYj903NY%2BqXg%2BvPl1C0iDn5F8zL5dlnnNw5UGvGyPG1C6ePyvwMNnaVDID9yMaTjp1tHJJivWj01LgZIu5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142cdffd3b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scUTZapGPqffeuljtYjbdCx%2BrrkpDfcsZuINxnpC65zjG3umNt2Ju%2FClyBT6WFlxy%2BKLH1grYFZGCTXN9LARjB2CHTmV8mmijR5dINlKZAWDueLTY3fK66fyAkrIM51E7IA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142cdffdcb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peyFFiEmuf0k390XKf31zPt0z6rBB1DquaiNJpZzxBmps1zhUBDPqWCF4zsAwOocGH4SBF%2FC%2FdNITFpDCbKQs3A4%2FNWn9CKgWAH%2BbmKHUnSS4DDcZ4QdI4m%2F%2F0g2NJSmmi0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142ceb8c4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pop.dojo.cc/5832.js
200 OK 0 B IP
GET /5832.js HTTP/1.1
Host: pop.dojo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ferrellgially.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BU8Tf0JVoQtwUkXjC5RWlmIbWwJ3a73X%2BlCMNTSmR%2FTr18FSwf62C%2BaCJGy%2Fj4JkQADyFSspoC9rSuUDNDGaTYl3QSHcaN2Halmhn%2FvbpQOlEJsKtA87jJl4X18Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d142a5a8a3b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d088e27abed928e992600c258090a56a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 09:23:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twKHBhjDcHUbLA60ikYVLtf39urKJ7AeFXXnzNqV1aP2laAuvaRPXOHhejUp5Jg6l%2FX51VgBWQu8s4iHVYB%2Bifl26mAbm3WTlawKqlGGWIQh8zm7ZI48x3u1nomd5IEgPHKP8gE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142b9ce4d7595-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferrellgially.blogspot.com
Connection: keep-alive
Referer: https://ferrellgially.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgFUGHsII0LtL6j6HV5qCMzQJuSeK%2FPweaFGCZ9cv8L3DaNHghjChDMBmaQeRki3JGQIvWe%2BC5Aq2pz07GRwSylkNPbNkrSlnzWwW8YLdXb0tjQZxLn%2BZdWjobtp2Se1EdTEyUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142ca4a9fb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:23:09 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4058331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWqyWM6gsNm6Fh8IW7NDzPuuZiU5lxbBEytmZMfGdDHbHeBUX0M2lMhYC6C5PylHJoxuETcuzTWj6Orz%2F7MDOpY7xR3SbaBQAStZFdT%2BPFCByxvRqo5YWt%2FZ7gqlpLK4u9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d142ce685cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
142.250.74.161
203.175.9.27
104.21.51.177
93.184.220.29
23.36.76.226
35.158.153.212
46.105.201.240
158.69.248.123