r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12019
Expires: Sun, 18 Dec 2022 05:22:35 GMT
Date: Sun, 18 Dec 2022 02:02:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12006
Expires: Sun, 18 Dec 2022 05:22:22 GMT
Date: Sun, 18 Dec 2022 02:02:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7725
Expires: Sun, 18 Dec 2022 04:11:01 GMT
Date: Sun, 18 Dec 2022 02:02:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 01:34:16 GMT
content-type: application/json
age: 1680
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WLxxPzOXlef4IQ4zpw5GDq8D/SJM3Q2AImyFjlzTQehsZ1WxOLeVZ/zDUN+W6bFpSslRFbscZ5U=
x-amz-request-id: WRHJA6GHF338K3AW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 01:53:55 GMT
age: 501
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
aans1.blogspot.com/2013/11/fahmi-pernah-dituduh-merogol-fazira-4.html
142.250.74.33200 OK 16 kB URL HTTP/1.1 aans1.blogspot.com/2013/11/fahmi-pernah-dituduh-merogol-fazira-4.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4988)
Hash 1aa681680e50f46c76015bd3517aac3c
b289e0cf6df0fcbf31e466db0981facfc3e5b0aa
342bc58df287b40295685da26529630e5aa63d687c53d62142c1f6d42066f6ca
Analyzer Verdict Alert fortinet Malware
GET /2013/11/fahmi-pernah-dituduh-merogol-fazira-4.html HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 18 Dec 2022 02:02:16 GMT
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 11 Dec 2022 15:07:43 GMT
ETag: W/"d5b42205dbf7985ed9c9f9ee81914a7b047479157f30449788c15c0adb834b4f"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16105
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 02:02:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Josefin+Slab
142.250.74.106200 OK 295 B URL HTTP/1.1 fonts.googleapis.com/css?family=Josefin+Slab
IP 142.250.74.106:0
Hash 8d74fecd94bb3a255c2603538ea257a1
7021cec753ddbcfbd2ba682610c769dd30e837b4
aa1d0524faaaa495bc15a6c3b66679288e1243f4ca5e34294631fb5ed5502ba0
GET /css?family=Josefin+Slab HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 18 Dec 2022 02:02:16 GMT
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
apis.google.com/js/plusone.js
172.217.21.174200 OK 21 kB URL HTTP/1.1 apis.google.com/js/plusone.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 296a5a06eafc4950f2cbcfb331e84089
7f9819fc037359fc7af6808bfcc6cf2c56718845
84877268694e5d2d037b75970fe362a7fc4775cfd76ebc9d7f7676b820019d00
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 20933
Date: Sun, 18 Dec 2022 02:02:16 GMT
Expires: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "a255ff5eb9ebf9b5"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
aans1.blogspot.com/js/cookienotice.js
142.250.74.33200 OK 2.0 kB URL HTTP/1.1 aans1.blogspot.com/js/cookienotice.js
IP 142.250.74.33:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/2013/11/fahmi-pernah-dituduh-merogol-fazira-4.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Sun, 18 Dec 2022 02:02:16 GMT
Expires: Sun, 25 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 17 Dec 2022 17:50:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
go.padstm.com/?id=292517
139.45.197.238302 Moved Temporarily 138 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /?id=292517 HTTP/1.1
Host: go.padstm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 18 Dec 2022 02:02:16 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.padsdel.com/?id=292517
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
go.padstm.com/?id=292519
139.45.197.238302 Moved Temporarily 138 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /?id=292519 HTTP/1.1
Host: go.padstm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 18 Dec 2022 02:02:16 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.padsdel.com/?id=292519
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 702412865d7c7fe537f320d7d506cd7a
bfad3c0ed7b2bc7d6af44af5aba84ca9c4adb092
26c6a24cf31c692c0b483e304a711a12ae3b61239a0b62fa10a74e4eeb6c1ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 702412865d7c7fe537f320d7d506cd7a
bfad3c0ed7b2bc7d6af44af5aba84ca9c4adb092
26c6a24cf31c692c0b483e304a711a12ae3b61239a0b62fa10a74e4eeb6c1ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
w.sharethis.com/button/buttons.js
54.230.111.82301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/buttons.js
IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 18 Dec 2022 02:02:16 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/buttons.js
X-Cache: Redirect from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wHOyxhAkZ64Zn617hXBkab4dwByhlIVGNvkpU-w8q6uuu4vpfeYIeQ==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 702412865d7c7fe537f320d7d506cd7a
bfad3c0ed7b2bc7d6af44af5aba84ca9c4adb092
26c6a24cf31c692c0b483e304a711a12ae3b61239a0b62fa10a74e4eeb6c1ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2092647672-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 02:10:48 GMT
expires: Fri, 15 Dec 2023 02:10:48 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 10 Dec 2022 00:52:24 GMT
content-type: text/javascript
age: 258688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:13 GMT
expires: Sat, 16 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 16 Dec 2022 03:52:09 GMT
content-type: text/javascript
age: 131343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Dec 2022 15:56:25 GMT
expires: Sun, 17 Dec 2023 15:56:25 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 17 Dec 2022 07:49:59 GMT
content-type: text/css
age: 36351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/1.1 www.blogger.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 162
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Dec 2022 18:52:02 GMT
Expires: Tue, 20 Dec 2022 18:52:02 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 13 Dec 2022 14:51:37 GMT
Content-Type: image/gif
Age: 371414
w.sharethis.com/button/buttons.js
54.230.111.82200 OK 17 kB URL HTTP/2 w.sharethis.com/button/buttons.js
IP 54.230.111.82:0
File type ASCII text, with very long lines (60851), with no line terminators
Hash 6df1e6fb302d1bcb35d898105f0327de
2336688fde43d37fc38dbd842b76f728d7423034
3acec848060440ee2c01f063023d2cc0122ad46f1de910ca0738e6715a6c2e67
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://aans1.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 16989
cache-control: max-age=259200
content-encoding: gzip
date: Thu, 15 Dec 2022 06:55:45 GMT
etag: W/"634f1855-edb3"
expires: Sun, 18 Dec 2022 06:55:45 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jOnj2J0AWoU4MNjbzToj06jyC8ZR3BE_qEc5prLrZgZh89mFQa1uMA==
age: 241591
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 702412865d7c7fe537f320d7d506cd7a
bfad3c0ed7b2bc7d6af44af5aba84ca9c4adb092
26c6a24cf31c692c0b483e304a711a12ae3b61239a0b62fa10a74e4eeb6c1ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.padsdel.com/?id=292517
139.45.197.239200 OK 8 B URL HTTP/1.1 go.padsdel.com/?id=292517
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
GET /?id=292517 HTTP/1.1
Host: go.padsdel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 02:02:16 GMT
Content-Type: application/octet-stream
Content-Length: 8
Connection: keep-alive
go.padsdel.com/?id=292519
139.45.197.239200 OK 8 B URL HTTP/1.1 go.padsdel.com/?id=292519
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
GET /?id=292519 HTTP/1.1
Host: go.padsdel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 02:02:16 GMT
Content-Type: application/octet-stream
Content-Length: 8
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5450c699fd766ff699b734ba0105f44
c30d5168d5a1c34769f913634fb049bcbfbdbc5b
95625cfe5f5d106ce9999b77bfcac203bac660fb1a398187e0869df06ecb3855
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/josefinslab/v20/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2
142.250.74.35200 OK 10 kB URL HTTP/1.1 fonts.gstatic.com/s/josefinslab/v20/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 10024, version 1.0\012- data
Hash 29db13120ec478925e9486c2fb8aa79a
59af3d7d251693ee0ef2f14566d3bd165028bb0f
f48b859d4f27ad5d59d75e405c3c4a847effd7b56308c1315e5d8f9dbac89bd0
GET /s/josefinslab/v20/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://aans1.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 10024
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Dec 2022 18:53:14 GMT
Expires: Wed, 13 Dec 2023 18:53:14 GMT
Cache-Control: public, max-age=31536000
Age: 371342
Last-Modified: Mon, 11 Jul 2022 20:59:21 GMT
Content-Type: font/woff2
4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif
142.250.74.65200 OK 354 B URL HTTP/1.1 4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif
IP 142.250.74.65:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash 63518cf04cae6c58308feb72ea17aeb4
899fbaf9f628bc09483dbca246f580596beb8378
c33b76e5a92e675fbef817c95a1414f9b9a661d46f6e66b9eb58b05679d69fd5
GET /-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="subcribe thesis.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 354
X-XSS-Protection: 0
Date: Sun, 18 Dec 2022 02:02:16 GMT
Expires: Sat, 17 Dec 2022 02:48:15 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v248c"
Content-Type: image/gif
Age: 0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 86c6f2978574b067bffce10c41b3ce1e
49af247de9e0b8e5b115abbf0fc1da89eaeb06e1
29a5e54b09dc38bb4cd5d3731b70af79ec47559f3ffb07be77f595781e8eb123
GET /_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51253
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 19:13:14 GMT
expires: Wed, 13 Dec 2023 19:13:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
content-type: text/javascript; charset=UTF-8
age: 370142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-smeDvxZChFQ/UpmIz4WDuMI/AAAAAAAA9FA/CxFs6mgssT8/s400/5.jpg
142.250.74.161200 OK 18 kB URL HTTP/1.1 1.bp.blogspot.com/-smeDvxZChFQ/UpmIz4WDuMI/AAAAAAAA9FA/CxFs6mgssT8/s400/5.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 220x244, components 3\012- data
Hash 75e346d078e5c12206745acffe018cf0
84afb9e367504a770e27204c4f063487d90ca67a
b79098db7c144f6fa1186bcf55bc6219051a5b591d817b7a252a61f373d0483c
GET /-smeDvxZChFQ/UpmIz4WDuMI/AAAAAAAA9FA/CxFs6mgssT8/s400/5.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vf451"
Expires: Mon, 19 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="5.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 18 Dec 2022 02:02:16 GMT
Server: fife
Content-Length: 18245
X-XSS-Protection: 0
1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg
142.250.74.161200 OK 194 kB URL HTTP/1.1 1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1500x500, components 3\012- data
Size 194 kB (194499 bytes)
Hash 0fa92c86b3eda00830d8bdf4241ca997
df18a5b62d190a3d5e20577ff40eae4046d9e9c2
5610b5ea3ee9980442e7ecb7f199e6fb7c9dc28dea4c83502d7badbe76cc53a1
GET /-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="FotorCreated.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 194499
X-XSS-Protection: 0
Date: Sun, 18 Dec 2022 02:02:16 GMT
Expires: Mon, 12 Dec 2022 02:19:45 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v29a9"
Content-Type: image/jpeg
Age: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 01:33:23 GMT
age: 1733
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
aans1.blogspot.com/feeds/posts/default/-/Misteri?alt=json-in-script&callback=related_results_labels&max-results=17
142.250.74.33200 OK 19 kB URL HTTP/1.1 aans1.blogspot.com/feeds/posts/default/-/Misteri?alt=json-in-script&callback=related_results_labels&max-results=17
IP 142.250.74.33:0
File type Unicode text, UTF-8 text, with very long lines (65454)
Hash 2a16c9e50a7bfa69165f8eb39ee1560e
91b8970d7cee43636c836192d3c661785214676c
210df7fa9f409a9aaa59b28968bf510182045de5e3b4862cea42d3909c8f78b2
GET /feeds/posts/default/-/Misteri?alt=json-in-script&callback=related_results_labels&max-results=17 HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/2013/11/fahmi-pernah-dituduh-merogol-fazira-4.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"ed980058e4d19d8074987921603379daf71ac61d05a77b2584e876ab2f23bfe3"
Date: Sun, 18 Dec 2022 02:02:16 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sun, 18 Dec 2022 02:02:17 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Sun, 11 Dec 2022 15:07:43 GMT
Content-Encoding: gzip
Content-Length: 19253
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg
142.250.74.161200 OK 122 kB URL HTTP/1.1 1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 851x315, components 3\012- data
Size 122 kB (121948 bytes)
Hash fdb16fd9d11da34115a3d36756ec2cd8
88f5eff84192079db87a49713aadc38e498e080c
b24bc09a6345b5ff13f8ed35497ae71ecb464dbde6470fdb6ff9a409d7cdd59a
GET /-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v28d3"
Expires: Mon, 19 Dec 2022 02:02:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="12.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 18 Dec 2022 02:02:16 GMT
Server: fife
Content-Length: 121948
X-XSS-Protection: 0
www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 18 Dec 2022 02:02:16 GMT
Connection: keep-alive
Content-Length: 0
1.bp.blogspot.com/-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/bullet.gif
142.250.74.161200 OK 311 B URL HTTP/1.1 1.bp.blogspot.com/-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/bullet.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 13 x 11\012- data
Hash 028bcf92cf62e42de0acfa130f3d351e
68e32de8443766f9ed1ddc91c4f6436cc2facf4a
a9ded55ec2249c5d0fc740e775d521dc79e6b38bb8f28f80fdd8348975ca11d4
GET /-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/bullet.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bullet.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 311
X-XSS-Protection: 0
Date: Sun, 18 Dec 2022 02:02:16 GMT
Expires: Wed, 14 Dec 2022 10:34:21 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4ca"
Content-Type: image/gif
Age: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 496d96f69203ab6ad46a661482df3c81
1e09de48fbd4df599eab45d9339ebf6cee9825d7
b43e2510e05b3ca9adfc47f8526c71c732b3f530bd1ecec189a21b777f131498
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2399
Cache-Control: max-age=134458
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:16 GMT
Etag: "639dd583-1d7"
Expires: Mon, 19 Dec 2022 15:23:14 GMT
Last-Modified: Sat, 17 Dec 2022 14:43:15 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2361
Cache-Control: max-age=114235
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:17 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 09:46:12 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.clicksasia.com/openx/www/delivery/inline.js
185.38.110.121200 OK 47 B URL HTTP/1.1 www.clicksasia.com/openx/www/delivery/inline.js
IP 185.38.110.121:0
Hash 511b5d4a2aef166d9dc32d1c02c07ac9
0f1a044a15467fcd79f0eed930ef3089093724e4
8bc7dba4bd487ef7bf47ad5e54a2eb55618d75518d5f98c8eb83a9901ac05f38
Analyzer Verdict Alert fortinet Malware
GET /openx/www/delivery/inline.js HTTP/1.1
Host: www.clicksasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Sun, 18 Dec 2022 02:02:17 GMT
Content-Length: 47
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f5715bf6f14616e5231af16293c37f7b
c7705e7ffb12c63095664823cd11af8868e28b6f
2b7205371d7a48322eb985a4fa3948d44959d55c53862939c0d4e0f747c21ae9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.208.13.28101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.13.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1tGkQrQQegDJ71boMAjJ5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N7UHw3T/eLthc6xd7z+45bPyIb0=
developers.google.com/
172.217.21.174301 Moved Permanently 0 B IP 172.217.21.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 5ded414bdecdb58a3fec51d9c703474a
Date: Sun, 18 Dec 2022 02:02:17 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__
142.250.74.109200 OK 4.7 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2267)
Hash 8708a951261c6cb0e0b969d41299f2dc
c96556101f5d9f16954feff959284e189a4a344c
52d64bcd39524cc524693498eb47ac0881801f306968493d0a13f25421fb05df
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Dec 2022 02:02:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-r0FsI24fFd1aUBeGsuyn5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 37434fb69e0fd5a59afba685ad9b5067
6857a50527bae620b1ff205ee73367495dbab3e2
c1feabfd0c1993a6d6b9fb2abea0309d72e4400641c8ff784fd55b223f81ea87
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144689
Date: Sun, 18 Dec 2022 02:02:17 GMT
Etag: "639e06b1-1d7"
Expires: Mon, 19 Dec 2022 18:13:46 GMT
Last-Modified: Sat, 17 Dec 2022 18:13:05 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9k2jfAid5kaXIIjXospYudYGIYHg9TG4Uy5bGTIa16FmARUK2HVJ3g==
Age: 41
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 02:02:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1671328933039.47436&hostname=aans1.blogspot.com&location=%2F2013%2F11%2Ffahmi-pernah-dituduh-merogol-fazira-4.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2013%2F11%2Ffahmi-pernah-dituduh-merogol-fazira-4.html&title=FAHMI%20PERNAH%20DITUDUH%20MEROGOL%20FAZIRA%204%20BULAN%20SEBELUM%20MEREKA%20BERNIKAH%20TETAPI%20...&sop=false&description=Akhbar%20The%20Star%20melaporkan%2C%20bekas%20suami%20gadis%20remaja%20beusia%2013%20tahun%2C%20Nor%20Fazira%20Saad%20disahkan%20dituduh%20di%20mahkamah%20pada%2015%20Julai%20tahun%20lalu%20...&description=Akhbar%20The%20Star%20melaporkan%2C%20bekas%20suami%20gadis%20remaja%20beusia%2013%20tahun%2C%20Nor%20Fazira%20Saad%20disahkan%20dituduh%20di%20mahkamah%20pada%2015%20Julai%20tahun%20lalu%20...&img_pview=true
18.192.225.91204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1671328933039.47436&hostname=aans1.blogspot.com&location=%2F2013%2F11%2Ffahmi-pernah-dituduh-merogol-fazira-4.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2013%2F11%2Ffahmi-pernah-dituduh-merogol-fazira-4.html&title=FAHMI%20PERNAH%20DITUDUH%20MEROGOL%20FAZIRA%204%20BULAN%20SEBELUM%20MEREKA%20BERNIKAH%20TETAPI%20...&sop=false&description=Akhbar%20The%20Star%20melaporkan%2C%20bekas%20suami%20gadis%20remaja%20beusia%2013%20tahun%2C%20Nor%20Fazira%20Saad%20disahkan%20dituduh%20di%20mahkamah%20pada%2015%20Julai%20tahun%20lalu%20...&description=Akhbar%20The%20Star%20melaporkan%2C%20bekas%20suami%20gadis%20remaja%20beusia%2013%20tahun%2C%20Nor%20Fazira%20Saad%20disahkan%20dituduh%20di%20mahkamah%20pada%2015%20Julai%20tahun%20lalu%20...&img_pview=true
IP 18.192.225.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1671328933039.47436&hostname=aans1.blogspot.com&location=%2F2013%2F11%2Ffahmi-pernah-dituduh-merogol-fazira-4.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2013%2F11%2Ffahmi-pernah-dituduh-merogol-fazira-4.html&title=FAHMI%20PERNAH%20DITUDUH%20MEROGOL%20FAZIRA%204%20BULAN%20SEBELUM%20MEREKA%20BERNIKAH%20TETAPI%20...&sop=false&description=Akhbar%20The%20Star%20melaporkan%2C%20bekas%20suami%20gadis%20remaja%20beusia%2013%20tahun%2C%20Nor%20Fazira%20Saad%20disahkan%20dituduh%20di%20mahkamah%20pada%2015%20Julai%20tahun%20lalu%20...&description=Akhbar%20The%20Star%20melaporkan%2C%20bekas%20suami%20gadis%20remaja%20beusia%2013%20tahun%2C%20Nor%20Fazira%20Saad%20disahkan%20dituduh%20di%20mahkamah%20pada%2015%20Julai%20tahun%20lalu%20...&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 18 Dec 2022 02:02:17 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8784
Expires: Sun, 18 Dec 2022 04:28:42 GMT
Date: Sun, 18 Dec 2022 02:02:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8784
Expires: Sun, 18 Dec 2022 04:28:42 GMT
Date: Sun, 18 Dec 2022 02:02:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8784
Expires: Sun, 18 Dec 2022 04:28:42 GMT
Date: Sun, 18 Dec 2022 02:02:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dg3c2lWr1FbFUalH5QB05VrQIkpt3LNuUM-VxJZiaXy3nJu-cfd5jg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 15793
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xFbmIbrDz7MnhaF8tqHeTDzjrwbsP7SbmYb_OLLWZPb7poAmecfDew==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 15793
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cde09a4-7b92-4452-ab94-7a69956cac79.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cde09a4-7b92-4452-ab94-7a69956cac79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74d11c8c5c4cd0e0f73e6f57a5e66a86
c22be5adb0f7c024eaff5feb131a8406b04935b0
122a82dd7caa4a895978100cd9b2d54e7dbd6176cc2129444e5f3988e5dfcd3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cde09a4-7b92-4452-ab94-7a69956cac79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15272
x-amzn-requestid: dfe892b5-9f18-4acb-a5ab-83ddb8b54828
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2GKEgTIAMFQFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e36f4-2a9e13c234a8b9d127c9aa22;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JhuKtV1nTvVUMp3IYwCM9jewA5VmmeBAoWMgiBoCVYQG6yICdPWcJg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:50:33 GMT
age: 15105
etag: "c22be5adb0f7c024eaff5feb131a8406b04935b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NWh-ecaQXJITj6VyK4qutXz95L557E8kCDxs-fNBRmkjUk_ZG0Oygg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 15793
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa858257c-13a0-4bf7-8523-d887bddc927f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa858257c-13a0-4bf7-8523-d887bddc927f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7fe54a10e7867701c60ed6939377d1c
b09c66a09cf85c14d098a820eb9e59063914bbe1
2ed4d0620d371d9c8039a8b0919a6006ede6f48c3b6129d315602818c2abf23e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa858257c-13a0-4bf7-8523-d887bddc927f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9504
x-amzn-requestid: 823489b2-8fbb-4566-8c96-f2a085a97c3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT3PBHYAoAMFjmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e38c6-5a5d2a6b093c3316678b6326;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:46:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b_vPqJeP8-66BtgekADeD4RIwy8thrdaXS94wNalw6FloDFOm5sumA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:10 GMT
age: 14888
etag: "b09c66a09cf85c14d098a820eb9e59063914bbe1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JHDfcd35b-bHZm6oayBIN5NDt6ZeGygBfvu7IKU18wFiLHMGEPQPkQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:02:19 GMT
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
age: 14399
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2