r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Thu, 08 Dec 2022 13:48:43 GMT
Date: Thu, 08 Dec 2022 10:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Thu, 08 Dec 2022 13:11:22 GMT
Date: Thu, 08 Dec 2022 10:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9418
Expires: Thu, 08 Dec 2022 13:05:47 GMT
Date: Thu, 08 Dec 2022 10:28:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 10:08:11 GMT
content-type: application/json
age: 1238
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9EEUNU7FgSoddMMjjihndI1bDnTfc8tFHGO9Vpzh+NaSjaeuwIA1bLgd77Jub6GTDACy6Eg+yZg=
x-amz-request-id: JZ7Z6X9WF9PC7RMC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 09:49:44 GMT
age: 2345
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 10:28:49 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 10:07:55 GMT
age: 1254
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html
172.217.21.161301 Moved Permanently 221 B URL HTTP/1.1 lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1f829374ae944ce7db67864d3c1fe11d
69c7b264258a187abf48b19fbb2141e5c09199f5
30d0e21f78b30255d70279c37acd63db0b7b6dbe493aff6b9f79b69c03cd5bd5
GET /2022/03/how-to-install-directv-player-on-mac.html HTTP/1.1
Host: lafondhernight.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 10:28:50 GMT
Expires: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 221
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 657cc99dcf677bd6e64e82ac79e8068d
abf109679285d118b3ad71fc5b60ff37106de953
8d6696efdfbac41437bed499e16dd4c0e52c0f16bc321daaa31d0051eb4b2cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 388
Cache-Control: max-age=168270
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:13:20 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H8udWp/dnRD6vZEq+xmssw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D3Vqmvqrl5jBNW6wBZe+Vf5XHIk=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 657cc99dcf677bd6e64e82ac79e8068d
abf109679285d118b3ad71fc5b60ff37106de953
8d6696efdfbac41437bed499e16dd4c0e52c0f16bc321daaa31d0051eb4b2cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 09ac9a1e368a98bc086681c2992cf97f
91ed9e2313d3b2744d33fa89001c3e74826f657e
774f645c9070697838bb4a95372a2630f53fd85735663cbd6d9ec3a204b28dd3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html
172.217.21.161200 OK 66 kB URL HTTP/2 lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7031)
Hash bacca93107fc3d098f6e718c9c19cada
50ba7bd7192ec63ad7afe3372988bf3f112cd302
f68fc86b4b8af6025bf88a6899bc9cf8ff838ffcd1ad904c49e142c6f2bd0d20
GET /2022/03/how-to-install-directv-player-on-mac.html HTTP/1.1
Host: lafondhernight.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 08 Dec 2022 10:28:50 GMT
date: Thu, 08 Dec 2022 10:28:50 GMT
cache-control: private, max-age=0
last-modified: Fri, 02 Dec 2022 14:27:15 GMT
etag: W/"2586187dc6751fc82b45679efe662f02d1039777c6a26b30d79b968846dc60ba"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 66042
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1228456
expires: Tue, 28 Nov 2023 10:28:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bicxnCEBSKvMSj3wmLuA%2BifCcYRThf99cz5vpberp4a9tqh%2Fwq14lXSbEGq4jXMpv2zQtwTKzOAJo1pWvkDacKY3uCMbJzt1ShqwSTWIDYclqcC2qyajM41o757ziltNTofjrUKM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7764d109a82eb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 08 Dec 2022 10:28:50 GMT
expires: Thu, 08 Dec 2022 10:28:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-z8MkISWV03Q/YA8T596r2_I/AAAAAAAAAlM/9ZxRBELQmj09tIVPzFhL_4xo9Fo_oXougCNcBGAsYHQ/s341/cooltext374902050871409.png
142.250.74.161200 OK 12 kB URL HTTP/2 1.bp.blogspot.com/-z8MkISWV03Q/YA8T596r2_I/AAAAAAAAAlM/9ZxRBELQmj09tIVPzFhL_4xo9Fo_oXougCNcBGAsYHQ/s341/cooltext374902050871409.png
IP 142.250.74.161:0
File type PNG image data, 341 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 26d842dbad6e9a8c5b54e782c0d27d6a
19852a857e7aadc465eb3283cddbfcec6bcfcc38
b42da531c08519e93ae2c1b9fce5a0f7a36db0cdb944c397a768d683bd0b5706
GET /-z8MkISWV03Q/YA8T596r2_I/AAAAAAAAAlM/9ZxRBELQmj09tIVPzFhL_4xo9Fo_oXougCNcBGAsYHQ/s341/cooltext374902050871409.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="cooltext374902050871409.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 11453
x-xss-protection: 0
date: Thu, 08 Dec 2022 06:57:33 GMT
expires: Wed, 17 Nov 2021 17:42:43 GMT
cache-control: public, max-age=86400, no-transform
age: 12677
etag: "v254"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 19:47:43 GMT
expires: Wed, 06 Dec 2023 19:47:43 GMT
cache-control: public, max-age=31536000
age: 139267
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: text/javascript
age: 161085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 876f9ee23010891e643b5c6427389320
f957414dfb5b02442b5a58addfc676eb849ee616
275d816a98bcf29267222afb542f12d02c5158879dd899f4ee79e1ef9dd3de13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149522
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Etag: "63916175-117"
Expires: Sat, 10 Dec 2022 04:00:53 GMT
Last-Modified: Thu, 08 Dec 2022 04:00:53 GMT
Server: nginx
Content-Length: 279
www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-4.jpg
188.114.97.1200 OK 53 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-4.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 788x424, components 3\012- data
Hash d13e4dc3b321cad7ba793bed6936bfbf
af7f994a545a92f86665748038a6b3da04e2094a
73af74aebd8a9f2fdf90bc17ef0767e980b538543fef664c81ad15d785088ae3
GET /wp-content/uploads/2020/12/windows-defender-not-turning-on-2-4.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 52827
last-modified: Wed, 16 Dec 2020 03:38:41 GMT
cache-control: public, max-age=10368000
expires: Thu, 06 Apr 2023 15:25:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnKSCqi1uApSafdXqQvfwUpwlRSt0zR%2FuB3HVuIJM30I3R79hCVY5Ohmfah2lH%2BFUikRpjLHjAMOV4nlPbOCb6W3loM6XfqA7qots3AhACkb8EiqLZgYDtimQYG2%2FImSwBs7nFXQ0ywP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a0fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/unins000.exe_-1.png
188.114.97.1200 OK 80 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/unins000.exe_-1.png
IP 188.114.97.1:0
File type PNG image data, 650 x 438, 8-bit colormap, non-interlaced\012- data
Hash 2b5bf85fe733350f0a7b97cde06b2061
693124aae3d4112f41a5604c2a89b901a8d6924f
d52948c3620b1d39af05099b0327d06f94e1215cdb36ea0c51f2399b5a1b87d8
GET /wp-content/uploads/2020/12/unins000.exe_-1.png HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/png
content-length: 80408
last-modified: Wed, 16 Dec 2020 03:34:56 GMT
cache-control: public, max-age=10368000
expires: Wed, 05 Apr 2023 19:37:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139870
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oC6GUJ4vY1omcbMwgrbqg6GX6VnkiqVCpMLT661onWUp%2B8mlKHfyihkDzKN4llEkusSFv8PvDi5qIq3xMkTEXd1%2BWlsfPshX%2FhiP7IkUNn6GPutbtVp4Xn46WT0rwDV4q8B5DVSjUya"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b2a02b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/Window_7_Run_regedit-1.jpg
188.114.97.1200 OK 24 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/Window_7_Run_regedit-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 413x210, components 3\012- data
Hash 7e41b0e12ac9630618f55c027ac95bee
268ae1f1bdac16abda16c7a9fb2b98c2c8e3c796
19cf6027314f6a48ec6869f22314b62717eae4b40e42da72b8589a35872be1d8
GET /wp-content/uploads/2020/12/Window_7_Run_regedit-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 24143
last-modified: Wed, 16 Dec 2020 03:37:43 GMT
cache-control: public, max-age=10368000
expires: Fri, 07 Apr 2023 10:22:45 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 366
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9o4TXJY4oH7%2FfZBXynLhP19hRqdpc11X8iWoYy1V0nSXLvGbyof2bUV%2BACWYI6EnfTcqst4V7erwRZcYCLi9%2BnZs9icYmPPY47G452D9quwoaUIl6t%2FI1T2YQba8AoAVnUvLbQKUCfdq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a0db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/third-party-uninstaller-IObit-Uninstaller-Free-768x491-1.jpg
188.114.97.1200 OK 12 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/third-party-uninstaller-IObit-Uninstaller-Free-768x491-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x491, components 3\012- data
Hash ab45bcadeb30e79c949c3f174621141a
b63fba74aa446376672d7254f1ddb8038369c03e
dc6f5a66eaee77b968cc5727fcc98c6bc3ef8abfb23f551d11525563f72bd388
GET /wp-content/uploads/2020/12/third-party-uninstaller-IObit-Uninstaller-Free-768x491-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 12083
last-modified: Wed, 16 Dec 2020 03:38:17 GMT
cache-control: public, max-age=10368000
expires: Thu, 06 Apr 2023 15:25:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ddOqdR5jZCDUPJsym59VwpcyEidw30qlG7iYklfgGCzaBN45lakj1EbvCpL6fTMe22TJgULzdZzxAT17jHfOwV50GPTmkVa7nJjxVrVx3oiLnXJ4ai4Qel0t4Hc%2FdegwM5e%2BWLxqaT3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a0eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/access-recently-used-apps-documents-faster-your-mac.w1456-1.jpg
188.114.97.1200 OK 51 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/access-recently-used-apps-documents-faster-your-mac.w1456-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 964x517, components 3\012- data
Hash 393d357c9dbbc993bda87276877dd842
c6aab5bb41fd1f95217f27d83cb4abe606d232b3
267e563fb767e2f87f2efc079f4d2b3bed74e997f3dd2a9fdf73c29374f2f451
GET /wp-content/uploads/2020/12/access-recently-used-apps-documents-faster-your-mac.w1456-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 51140
last-modified: Sat, 26 Dec 2020 03:11:50 GMT
cache-control: public, max-age=10368000
expires: Thu, 06 Apr 2023 15:25:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68607
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqZwVOcAfSd0QhkynORfk5pmbhZ3EmtgpVO4H1Hy61kb5jk8KV71RO4r0G6WaszCtrEisSi3KDwsCx8Mda80fVhPkI0f7HJKvmJf81Re%2B1cJfRPH2Jdi4GzKsiHLjw0lwr7sRvWktNIV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a13b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/System_Restore-1.jpg
188.114.97.1200 OK 23 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/System_Restore-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 478x384, components 3\012- data
Hash 6dd1e224a1037b7164fa2f81a7ce7e43
5485a2316bb32b5c3c9365daa9690df49a2b91b1
b3ea86d5bae2cef709494fdd0eb97f4dd35891b2dfe335d9768c7010785ecd26
GET /wp-content/uploads/2020/12/System_Restore-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 22831
last-modified: Wed, 16 Dec 2020 03:36:34 GMT
cache-control: public, max-age=10368000
expires: Wed, 05 Apr 2023 19:38:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NR9GaByBFdOBDijRlbGJoBFyTOjnnBnzw295gJ03%2FAl%2B6pNs0tXoULpHIshOZA%2FXbjivs%2BI4kkdKWuIkRB9z%2FmrtrdqwjC12dt7fKXCTJFegSzSwRcpdag4tn%2FhvtVooLcfEriLfv3Lk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a07b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.uninstallgeeks.com/wp-content/uploads/2020/12/Avast_Uninstall-1.png
188.114.97.1200 OK 77 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/Avast_Uninstall-1.png
IP 188.114.97.1:0
File type PNG image data, 788 x 504, 8-bit colormap, non-interlaced\012- data
Hash 295bd7434cc5939baae87295a5e726f3
ac2d969ae7a2456208d243acc95898e5d3949941
0de1bd4ec4c42a064a4ef82e3a4fbd60517883e8e4b41fd275fbaff2a486c8ac
GET /wp-content/uploads/2020/12/Avast_Uninstall-1.png HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/png
content-length: 77332
last-modified: Wed, 16 Dec 2020 03:37:05 GMT
cache-control: public, max-age=10368000
expires: Wed, 05 Apr 2023 19:39:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqYXH9FvpNLxN7%2F0gwFqCqe1ey%2F%2BVXahUCBKk%2FK7E%2FVgIcnppdvdmd6NyWi2E14kiA4cuD4CnmHKv32FOitwgBrVKy7%2BP6Ja8zMoHxHbnttVHj5ToRbTnzhJse%2BOkStS5aoXChbvWNjT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a08b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3222695235-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3222695235-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 9f2f688aec73940034a0266a2a6266da
af9875c8064027204827b311250191c87e55366e
a78a0cfbae13cfc525657e31c2033d5c0281c5fbec2cf3e493ff75a7e097a02a
GET /static/v1/widgets/3222695235-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56718
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 02:14:06 GMT
expires: Thu, 07 Dec 2023 02:14:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 00:52:16 GMT
content-type: text/javascript
age: 116085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-2-1.jpg
188.114.97.1200 OK 73 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-2-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 788x424, components 3\012- data
Hash 08c9a0c7e784d12bbf76a5753792b26f
948b8cddb9ff62958d775680c17d69e1507303b4
a9a45a4bb5ea1c0bf2e4e04fb2303887433a614f2d42fd9026b3953767ffc285
GET /wp-content/uploads/2020/12/windows-defender-not-turning-on-2-2-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 72697
last-modified: Wed, 16 Dec 2020 03:39:24 GMT
cache-control: public, max-age=10368000
expires: Thu, 06 Apr 2023 15:25:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDReEWNADzmYPxYQAuXLDP6ln8VfJ92yyvUpb%2BH1IjJGgq%2FpbjOLITE%2BGxAa%2F11ouMeLWMNYPST%2BJkKg%2F0qFy84Tp%2FjMKIa4AsT45m3Fs2comk2WXGWj%2BhPr0yi0fVXKptFrMZl%2BWPO6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a11b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-1-1.jpg
188.114.97.1200 OK 44 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-1-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 788x424, components 3\012- data
Hash e4954a3a8a0276db0a71f80b414af92a
0ed4337f00d095cf3fa312a456cc92ab3729706b
325de2c1da1dc871be682acceca39602d9287bfcfc8682520eb78bc448e864d5
GET /wp-content/uploads/2020/12/windows-defender-not-turning-on-2-1-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 44387
last-modified: Wed, 16 Dec 2020 03:39:02 GMT
cache-control: public, max-age=10368000
expires: Fri, 07 Apr 2023 10:22:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 361
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jz%2FLwaBxqygJj%2Fqz209m5ENqBxLWev%2BZB4x%2F1jZFH5lB9WJRpAIBH2ZHDGFB61u0CEkPgLnJfaF5A5n1Ux%2FycUiTU5EU%2FMU%2FSEStRyRdn9LH6ShxS1O0%2FosRsHD26HEQctoMHKANPGwh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a10b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/macos-mojave-launchpad-jiggle-social-card-1.png
188.114.97.1200 OK 113 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/macos-mojave-launchpad-jiggle-social-card-1.png
IP 188.114.97.1:0
File type PNG image data, 1200 x 630, 8-bit colormap, non-interlaced\012- data
Size 113 kB (112660 bytes)
Hash f4626d351edb19bc840130b539a17298
02490e36513cec955f64d4be6a69fa7b4bfaf3ce
9e9a6921f3048b9ee6ccbee3a3ba4059b973be8c4fc3edd831751b1e5dc880a2
GET /wp-content/uploads/2020/12/macos-mojave-launchpad-jiggle-social-card-1.png HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/png
content-length: 112660
last-modified: Sat, 26 Dec 2020 03:19:24 GMT
cache-control: public, max-age=10368000
expires: Thu, 06 Apr 2023 15:25:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 68606
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDthCbII%2B9h8424Sjv89unvI5Rxfj6jJBeWF5rX0ZpuKXhz7J67nQyXjFfUk303pLXTA1MzVwvuVoQ8dYGk9lQSemxZMEDmoLhsjVLtem5EZrwCMfl%2FwNyj%2Fg4Fr211g0pPCX1HI602Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b3a15b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/macos-mojave-launchpad-jiggle-social-card-2-1.png
188.114.97.1200 OK 135 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/macos-mojave-launchpad-jiggle-social-card-2-1.png
IP 188.114.97.1:0
File type PNG image data, 1200 x 630, 8-bit colormap, non-interlaced\012- data
Size 135 kB (134984 bytes)
Hash 115771ced1f7139599ebe4226a46aa81
da0d5e9566e2ea3094c8b2e48e40dabaa6276f35
c44db7207dc170f8fbda18c977494ab50abfaa4ecd3e64bb787e6e6e6a722b5e
GET /wp-content/uploads/2020/12/macos-mojave-launchpad-jiggle-social-card-2-1.png HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/png
content-length: 134984
last-modified: Sat, 26 Dec 2020 03:23:54 GMT
cache-control: public, max-age=10368000
expires: Fri, 07 Apr 2023 10:23:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 348
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4o8i909iJBBlVp7kDFekG775m5SMHD3DR%2BxbRVQvEIG87tuTLPpKBG8Vg%2FIA5rD9q8gN5JfW7aFmj8gkeZ24aIl7VJ3yVkSuViscwHWoC5lsA35%2BGLPCdAZrwgY%2FccPupT9Q0BDShIb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b4a32b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-3-768x264-1.jpg
188.114.97.1200 OK 18 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/windows-defender-not-turning-on-2-3-768x264-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x264, components 3\012- data
Hash ee4b2c74cf147c2a82313fbac989fce9
00a5e20494c05d209f4f33dcbc756c2dfd50c6e6
79406198cb74b4d114140d20b75a7de2ba698272d02da058ebb60a708a8f373e
GET /wp-content/uploads/2020/12/windows-defender-not-turning-on-2-3-768x264-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 18326
last-modified: Wed, 16 Dec 2020 03:40:29 GMT
cache-control: public, max-age=10368000
expires: Fri, 07 Apr 2023 10:23:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1rEk3bkoKQH1B3MUkO47r49weXN3JFKYsgrLTrEB%2F1tLp%2F369KDt6hzyMPsXydIKGW%2FdelWq4KYlfY2jVUVuHaELN%2F1v5ay3Ve8j7dnEyBbwANXuU9atKERJDLqyn7SAO2pDypORP%2Fl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b4a49b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.0MMFh6MzjFg.es5.O/am=cw6AQA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2KFJqopQdj6dHSEPXAgIiTyEng6w/m=_b,_tp,_r
216.58.207.233200 OK 64 kB URL HTTP/2 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.0MMFh6MzjFg.es5.O/am=cw6AQA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2KFJqopQdj6dHSEPXAgIiTyEng6w/m=_b,_tp,_r
IP 216.58.207.233:0
File type ASCII text, with very long lines (599)
Hash 2a0c1c3a9a4a367fa733608ecb61ad31
1e4bbcb5d130daf8444374c5d23e62f9ec86e10e
a161b55a8c9d46427f276b69fa0d7d7f437391d397e0000bcdb394d83782441b
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.0MMFh6MzjFg.es5.O/am=cw6AQA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP2KFJqopQdj6dHSEPXAgIiTyEng6w/m=_b,_tp,_r HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 63892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 03:50:53 GMT
expires: Fri, 08 Dec 2023 03:50:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 07 Dec 2022 09:13:50 GMT
content-type: text/javascript; charset=UTF-8
age: 23878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/image19-1.jpg
188.114.97.1200 OK 47 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/image19-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 671x416, components 3\012- data
Hash 6ad900dd4e9e63a22011063084a778af
d6c892b2cd13255bdf25174e35b53552f5b4c4b5
72910f3da705e34a4533066d676a981787111a36194ffe573a1c35aee49520c0
GET /wp-content/uploads/2020/12/image19-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 46820
last-modified: Wed, 16 Dec 2020 03:40:54 GMT
cache-control: public, max-age=10368000
expires: Fri, 07 Apr 2023 10:23:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8x1xcxTKVC%2BFGHcEtIvQYSA5YaOSDzL9tO%2FfM2HjdWi5v4wUwUd8%2BxNQPBR9qhmXxlF3AS57RCk9SN70wVeN0p8w%2FCBsf9LkVaqGd%2BSDxnR%2F72z12ibqHb6%2B1gPFlZGC%2F4%2B2OTkDqs%2BZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b4a4bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/74d5b0d5-b67d-4b50-ae71-dd41741cc93b-1.jpg
188.114.97.1200 OK 48 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/74d5b0d5-b67d-4b50-ae71-dd41741cc93b-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 759x568, components 3\012- data
Hash dc8ba20e4542ff6a9198190ba52ad6d4
960872ffb8419ac442d6e160ebce102e3c930b9d
45dfd9f6edeea24e75c6499b4016235673458d5b9df25d1e5664e6e9429e7bf8
GET /wp-content/uploads/2020/12/74d5b0d5-b67d-4b50-ae71-dd41741cc93b-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 47964
last-modified: Wed, 16 Dec 2020 03:39:57 GMT
cache-control: public, max-age=10368000
expires: Fri, 07 Apr 2023 10:23:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gBZm6O7Uk5Ohi5yfjoQIp3vNCEQbYWk7cP3JB9CFcVkRQkW6I3DQXte3gAhuIVLqyqwG%2FJIfoa8TL9rRlflo0l4XoQ52NYG2SYt618tfu3mTutidcTzB7w9SGs33PzYLCNRSWudn%2BH5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b4a35b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/530-empty-trash-can-1.jpg
188.114.97.1200 OK 19 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/530-empty-trash-can-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 530x530, components 3\012- data
Hash 251682d2a8e5841337e9f39b86e0462f
3282e319ad06643700c39459d0c053bd8a26d340
789c2280d38344e1a8a0255b15dbbc6a01bb9b644a467bb1e292765138412b5c
GET /wp-content/uploads/2020/12/530-empty-trash-can-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 19336
last-modified: Sat, 26 Dec 2020 03:27:34 GMT
cache-control: public, max-age=10368000
expires: Fri, 07 Apr 2023 10:23:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 348
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXQCT3tiM%2FYfjogUSHSUFHlkfAHHBaDV%2FjJHhl9Wowtd%2FXCU7hDDLu4kppAv0uSgerqK9ZJGE88lGNL1OmhkxoJCMbohTHcBjDgzrYivBveNux9%2F2%2BBF5JRHyVyRZI%2Fsd3RMITFaqbis"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b4a33b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.uninstallgeeks.com/wp-content/uploads/2020/12/System_Properties-1.jpg
188.114.97.1200 OK 31 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/System_Properties-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 420x472, components 3\012- data
Hash 32bf95201665e5ed413d72937b368da8
54933ede4e3f97e012f36e41d087c3d1f6146db8
458a1d5e1ef7819e6153105206d0ed1734c83a76192f99fc334ccb620665d29a
GET /wp-content/uploads/2020/12/System_Properties-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 30604
last-modified: Wed, 16 Dec 2020 03:36:14 GMT
cache-control: public, max-age=10368000
expires: Wed, 05 Apr 2023 19:38:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139793
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8H2vm%2FGEFamYtVCgP4arLWI1UtBT6glzW5Fh3hPwbJW73rYELK1GbCSwYgH%2FaEa%2BYhRK%2Fox888jNBuMS74HQsIjhsAWDu%2BeEx6jAsr0PgNP7zLju884TBk5t5qsqC5oX%2Fnrn%2F1sDmJoV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10b6a7fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Thu, 08 Dec 2022 10:13:43 GMT
expires: Thu, 22 Dec 2022 10:13:43 GMT
cache-control: public, max-age=1209600
age: 908
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 876f9ee23010891e643b5c6427389320
f957414dfb5b02442b5a58addfc676eb849ee616
275d816a98bcf29267222afb542f12d02c5158879dd899f4ee79e1ef9dd3de13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149522
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Etag: "63916175-117"
Expires: Sat, 10 Dec 2022 04:00:53 GMT
Last-Modified: Thu, 08 Dec 2022 04:00:53 GMT
Server: nginx
Content-Length: 279
www.uninstallgeeks.com/wp-content/uploads/2020/12/Uninstall_a_Program-2.jpg
188.114.97.1200 OK 29 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/Uninstall_a_Program-2.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 470x547, components 3\012- data
Hash 35131d94bb5664f165782dcce61b96c6
856e6e6634a3e9ae7f668430da38b14ef46f5ee2
010c6d5cdb6393c0bab60ca2daf13cc6bff50cd5a7f56ccc872964ba289990bd
GET /wp-content/uploads/2020/12/Uninstall_a_Program-2.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 29320
last-modified: Wed, 16 Dec 2020 03:32:39 GMT
cache-control: public, max-age=10368000
expires: Wed, 05 Apr 2023 19:36:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qzuU9BG3YKGTJH%2FQqKabrfl%2F289NVxu%2FUrUTeWGXX0FanmU3IKvYS2XiPUzgT7DQX0WKnVa%2FPqsHP%2FWOKJBwGyD176hQZyxybtjgLrMUdIB6JyZQIKSIQSQXSW8ITTfd6Q%2FclHFQEKi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10c3b7db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 876f9ee23010891e643b5c6427389320
f957414dfb5b02442b5a58addfc676eb849ee616
275d816a98bcf29267222afb542f12d02c5158879dd899f4ee79e1ef9dd3de13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149522
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Etag: "63916175-117"
Expires: Sat, 10 Dec 2022 04:00:53 GMT
Last-Modified: Thu, 08 Dec 2022 04:00:53 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 876f9ee23010891e643b5c6427389320
f957414dfb5b02442b5a58addfc676eb849ee616
275d816a98bcf29267222afb542f12d02c5158879dd899f4ee79e1ef9dd3de13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Etag: "638ebe74-116"
Server: ECS (amb/6B8C)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.uninstallgeeks.com/wp-content/uploads/2020/12/Installed-Software-768x432-1.jpg
188.114.97.1200 OK 43 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/Installed-Software-768x432-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x432, components 3\012- data
Hash 897069f301f8870b087da7bddef89609
3f469d16191a8e7a16fedf8d25acd34c48f74716
11aff8f3832f8e0949adc5383140765a6b9e89c7155164213933e79daeb25fbc
GET /wp-content/uploads/2020/12/Installed-Software-768x432-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 43283
last-modified: Wed, 16 Dec 2020 03:33:15 GMT
cache-control: public, max-age=10368000
expires: Wed, 05 Apr 2023 19:36:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT14tf0x2wvuV3UUw8mN1uxknrrNJx%2Fe6D%2B3LoTA1g8NYkx01dCCyuJYLN2VqV6BqeaoL9DL53CiONcx978ory%2BL3DuPYiH4oUCMHwsgIL%2FO20bZHPCMhLIJjR10AxhjDe09GCkTKwDF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10c5ba3b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 876f9ee23010891e643b5c6427389320
f957414dfb5b02442b5a58addfc676eb849ee616
275d816a98bcf29267222afb542f12d02c5158879dd899f4ee79e1ef9dd3de13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=149522
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Etag: "63916175-117"
Expires: Sat, 10 Dec 2022 04:00:53 GMT
Last-Modified: Thu, 08 Dec 2022 04:00:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 876f9ee23010891e643b5c6427389320
f957414dfb5b02442b5a58addfc676eb849ee616
275d816a98bcf29267222afb542f12d02c5158879dd899f4ee79e1ef9dd3de13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149522
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Etag: "63916175-117"
Expires: Sat, 10 Dec 2022 04:00:53 GMT
Last-Modified: Thu, 08 Dec 2022 04:00:53 GMT
Server: nginx
Content-Length: 279
www.uninstallgeeks.com/wp-content/uploads/2020/12/Uninstall-1.jpg
188.114.97.1200 OK 39 kB URL HTTP/2 www.uninstallgeeks.com/wp-content/uploads/2020/12/Uninstall-1.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 650x438, components 3\012- data
Hash 8375ba090f2bcfdbdc81777751d679d8
7f5067a905ab55602f4f4a4272b454ca912454d3
ee44d40bf3ceccf1b3576d765fc1044845f651a0377f746b3ebcc887fd17117f
GET /wp-content/uploads/2020/12/Uninstall-1.jpg HTTP/1.1
Host: www.uninstallgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:51 GMT
content-type: image/jpeg
content-length: 39071
last-modified: Wed, 16 Dec 2020 03:34:36 GMT
cache-control: public, max-age=10368000
expires: Wed, 05 Apr 2023 19:37:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139879
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U92f0AfVOnzogrwi6N%2BunBCUfyJr%2FdoPuUufNhQMi6sF23K7yFB%2BFIi%2FwHmlbtvNm8x5B9%2Fhp%2Bvt7OtreBoB%2Fthxp%2FmKP45mDSX1mJ2ijXhzUzBLbTJjeEdBdORR0C0yQwtBfckYUpw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764d10c6bb0b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7924, version 1.0\012- data
Hash e535f7856b24153e0f3146e8f90a45c5
e5da5f96d38b08cc6ed2973735b5a9b9af066458
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
GET /s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 07:43:38 GMT
expires: Sun, 03 Dec 2023 07:43:38 GMT
cache-control: public, max-age=31536000
age: 441913
last-modified: Tue, 19 Feb 2019 22:26:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/5111151202117540198?po=2890539189329564074&hl=en&skin=contempo&blogspotRpcToken=4306551
216.58.207.233200 OK 19 kB URL HTTP/2 www.blogger.com/comment/frame/5111151202117540198?po=2890539189329564074&hl=en&skin=contempo&blogspotRpcToken=4306551
IP 216.58.207.233:0
Hash dfd7ecfba49eed5797414fe7cd9f1868
2aeb8bdda8ced88e5810e90fc61e52e32b0a4fa4
9c788d995756346463a02d382754cd618bac7055b4cff3245a268a7daa72dca3
GET /comment/frame/5111151202117540198?po=2890539189329564074&hl=en&skin=contempo&blogspotRpcToken=4306551 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 10:28:51 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-A27ShSobSC94IQ31zFmW6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=juFLJj_sfCyo8epIpF0xmCaG0OFsOSLMrH9J8PdfEO9X8kaeDUkB3DWmyvrrwMCp2tz8Ys7r6oDyTjkeH7g4b2it72fazcvQyfmB31AVPvPrVEjkSU_5lAVgGNAIGW8zLBBaRpUR_OlKCLrJHUnTAGTqbmJPjP9tARIbdPN4r8c; expires=Fri, 09-Jun-2023 10:28:51 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 637a0b806f650c7d0447985ef08a5168
3c99e11d0064c0cfa2f67a2b47dc94a389d51462
9a181aa9f5bb2a1a6f931ee938e163297725701f6361a625589df1e15c981e45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A181AA9F5BB2A1A6F931EE938E163297725701F6361A625589DF1E15C981E45"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5392
Expires: Thu, 08 Dec 2022 11:58:43 GMT
Date: Thu, 08 Dec 2022 10:28:51 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/a/AVvXsEgAE-HQ2XeesvG0TUaxxtXc5jAM7qlHGjHmEapcoi4Dvo09vEzSjLjjuRcSk8MqwWu105hOkNUQ3ETOO0nofaQmwAX1pJltzJbPqkviKii7YKDkeHQ239Aalu6oQ10l6tWaBs8fv4HxLJX6nGi1JgY-jaKxIuvR9ziNS99TjomKGfU_t1SdIXDbenVg=w320-h116
142.250.74.97200 OK 16 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgAE-HQ2XeesvG0TUaxxtXc5jAM7qlHGjHmEapcoi4Dvo09vEzSjLjjuRcSk8MqwWu105hOkNUQ3ETOO0nofaQmwAX1pJltzJbPqkviKii7YKDkeHQ239Aalu6oQ10l6tWaBs8fv4HxLJX6nGi1JgY-jaKxIuvR9ziNS99TjomKGfU_t1SdIXDbenVg=w320-h116
IP 142.250.74.97:0
File type PNG image data, 320 x 116, 8-bit/color RGB, non-interlaced\012- data
Hash 0c3f59d13d4bd6b66a16c7ae0baddf86
726382a949b9e98b3f50623001e96148f9838f47
8fab1650fec1aa097f4b599e449d1a6550332085a37424ef6058814d4f3c3320
GET /img/a/AVvXsEgAE-HQ2XeesvG0TUaxxtXc5jAM7qlHGjHmEapcoi4Dvo09vEzSjLjjuRcSk8MqwWu105hOkNUQ3ETOO0nofaQmwAX1pJltzJbPqkviKii7YKDkeHQ239Aalu6oQ10l6tWaBs8fv4HxLJX6nGi1JgY-jaKxIuvR9ziNS99TjomKGfU_t1SdIXDbenVg=w320-h116 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4"
expires: Fri, 09 Dec 2022 10:28:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shop.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 10:28:51 GMT
server: fife
content-length: 16361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 673f360f7491254a1aa686fc3f910da6
ca054d6ddc6465585f41f25e3fb539cd6fc09e0c
0cab23efc2b96b9e53a03dfef009d09567d059de1241e7c82605bd1675fa5952
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0CAB23EFC2B96B9E53A03DFEF009D09567D059DE1241E7C82605BD1675FA5952"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 08 Dec 2022 16:28:51 GMT
Date: Thu, 08 Dec 2022 10:28:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ibikini.cyou/social
167.235.250.180307 Temporary Redirect 0 B IP 167.235.250.180:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /social HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.5 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_1=social; expires=Sat, 07-Jan-2023 10:28:51 GMT; Max-Age=2592000; path=/
prli_visitor=6391bc63670ee; expires=Fri, 08-Dec-2023 10:28:51 GMT; Max-Age=31536000; path=/
location: https://annesuspense.com/cc/58/5f/cc585f6c9356b37d414b25b86a1b7ad2.js
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 10:28:51 GMT
server: Apache
X-Firefox-Spdy: h2
ibikini.cyou/native
167.235.250.180307 Temporary Redirect 0 B IP 167.235.250.180:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /native HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.5 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_2=native; expires=Sat, 07-Jan-2023 10:28:51 GMT; Max-Age=2592000; path=/
prli_visitor=6391bc636eb59; expires=Fri, 08-Dec-2023 10:28:51 GMT; Max-Age=31536000; path=/
location: https://annesuspense.com/46b21327aabb2b9c66a4011e6188e2ec/invoke.js
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 10:28:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2-TvT0iiPylvEoEZpyCUl5ePMlaS7NscDL8pdxOwnVpN5nkrLHURSFTIk1WjPwhNQqz7T1FG4m3ov9IjJ2PozM25K0O6mimy70U3PEhOCLOUgit9521TKnrmOCgveBmlO_5AE-_Z1ydkn9m63v2Ot6cdsCOVE=w72-h72-p-k-no-nu
216.58.207.225200 OK 3.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2-TvT0iiPylvEoEZpyCUl5ePMlaS7NscDL8pdxOwnVpN5nkrLHURSFTIk1WjPwhNQqz7T1FG4m3ov9IjJ2PozM25K0O6mimy70U3PEhOCLOUgit9521TKnrmOCgveBmlO_5AE-_Z1ydkn9m63v2Ot6cdsCOVE=w72-h72-p-k-no-nu
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 07b8b95ec849c6acd66b13180ca3938d
8abea1a7235b24f81d741de5b1689fdc806d8baa
c8e8a96cbbe54db5e086ed1d0d08eff03518992a6782d39d8742b20e23104589
GET /blogger_img_proxy/ANbyha2-TvT0iiPylvEoEZpyCUl5ePMlaS7NscDL8pdxOwnVpN5nkrLHURSFTIk1WjPwhNQqz7T1FG4m3ov9IjJ2PozM25K0O6mimy70U3PEhOCLOUgit9521TKnrmOCgveBmlO_5AE-_Z1ydkn9m63v2Ot6cdsCOVE=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 09 Dec 2022 10:28:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 10:28:51 GMT
server: fife
content-length: 3178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
216.58.211.4200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 216.58.211.4:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 08 Dec 2022 10:28:51 GMT
date: Thu, 08 Dec 2022 10:28:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 74929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=5111151202117540198&zx=a794c300-ef46-43a9-954e-fbfa7d0c98ea
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5111151202117540198&zx=a794c300-ef46-43a9-954e-fbfa7d0c98ea
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5111151202117540198&zx=a794c300-ef46-43a9-954e-fbfa7d0c98ea HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 10:28:51 GMT
last-modified: Thu, 08 Dec 2022 10:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=5111151202117540198&blogName=Lafond+Hernight&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://lafondhernight.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://lafondhernight.blogspot.com/&targetPostID=2890539189329564074&blogPostOrPageUrl=https://lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html&vt=8134049093919011696&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
216.58.207.233200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=5111151202117540198&blogName=Lafond+Hernight&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://lafondhernight.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://lafondhernight.blogspot.com/&targetPostID=2890539189329564074&blogPostOrPageUrl=https://lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html&vt=8134049093919011696&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 216.58.207.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Hash 1c148d8bc0e71ccaa7d6244128d72e65
fa3dc99e8442a31e47ebb7ac571da98e07e8913f
2ec41e8ca805d824fff702cb7212b228e4513fe9c200f7107d45a3e32e57c869
GET /navbar.g?targetBlogID=5111151202117540198&blogName=Lafond+Hernight&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://lafondhernight.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://lafondhernight.blogspot.com/&targetPostID=2890539189329564074&blogPostOrPageUrl=https://lafondhernight.blogspot.com/2022/03/how-to-install-directv-player-on-mac.html&vt=8134049093919011696&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 10:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2642
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12196
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 10:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12196
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 10:28:51 GMT
Connection: keep-alive
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.211.14200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.211.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 08 Dec 2022 10:28:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+316; expires=Sat, 07-Dec-2024 10:28:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 10:28:51 GMT
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12196
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 10:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12196
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 10:28:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 39332
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 17:39:05 GMT
age: 60586
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.211.14200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.211.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 08 Dec 2022 10:28:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=eCxXrkGA8DJ_SNFMjYNSbcxc3eWKPxqzrMT6GeJLtUqCKZCVWo0IwxfOAPbMIl5ktkk3ThJzO2VA7GvmQUDSyMDTtayhClBLEDVL7nEOROggx8WEdkNiB_GKjyaseK46PiBhXWxYqBKfVrbfe-_2-k6hf2g7Iya-ar5_SIOGwMU; expires=Fri, 09-Jun-2023 10:28:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+241; expires=Sat, 07-Dec-2024 10:28:51 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 10:28:51 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 41930
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
142.250.74.35200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
IP 142.250.74.35:0
File type ASCII text, with very long lines (52913), with no line terminators
Hash f4bb161deae4e93f1a82e52f82ea2af9
74cd72b02999ea35cde6dd6c1d58ca9aec94da07
3330fe65fd8dbe742211f1609fbfe70b3b94434ad5639223942d921f085ea589
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 19:53:03 GMT
expires: Tue, 05 Dec 2023 19:53:03 GMT
cache-control: public, max-age=31536000
age: 225348
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 74929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEQAH2doAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Bo1JGLLmbH9LRrcXA4i8qVD1ilMqHxNWq1u52RhGMAdAhywK42lMPA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 01:57:38 GMT
age: 30673
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6ET1Tfo1QXRpjkWyOE7jfYnWToK8h7ojB31efNc09awacwlCIYEPjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:05:36 GMT
age: 19395
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:05:37 GMT
age: 1394
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:40:09 GMT
expires: Sat, 10 Dec 2022 14:40:09 GMT
cache-control: public, max-age=604800
age: 416922
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 564048
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 582488
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash af3f15d33782882c6a123ed4cad6de32
8882d9e3b5f7201b2486987883ef47168dc9d9d1
9243cce56062ddb6e07b7aba16dbab83ba5a96a0a013251107554a62fe5aff0a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9243CCE56062DDB6E07B7ABA16DBAB83BA5A96A0A013251107554A62FE5AFF0A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 08 Dec 2022 16:28:52 GMT
Date: Thu, 08 Dec 2022 10:28:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fd9ce59bda49696d02b93a8cc8623785
ac4d5ea098677d636873b6f165578d90ed0b4dfa
a616273169a320c5b2e07eace70728fa468564a7452dd448826cfa5861fb4523
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A616273169A320C5B2E07EACE70728FA468564A7452DD448826CFA5861FB4523"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 08 Dec 2022 16:28:52 GMT
Date: Thu, 08 Dec 2022 10:28:52 GMT
Connection: keep-alive
annesuspense.com/46b21327aabb2b9c66a4011e6188e2ec/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 annesuspense.com/46b21327aabb2b9c66a4011e6188e2ec/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Hash e704e342e5199f711e4e2b347b8425bc
76cdc45614bb9167b7cf6d71cce2f04144719658
d656d15ceb83dc7e5dea3645c9ef8cb18733325af400ab8a30f451c52b3017b4
GET /46b21327aabb2b9c66a4011e6188e2ec/invoke.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lafondhernight.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 08 Dec 2022 10:28:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5bbc4fade809edfc8134f43201d3b5fe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
annesuspense.com/cc/58/5f/cc585f6c9356b37d414b25b86a1b7ad2.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 annesuspense.com/cc/58/5f/cc585f6c9356b37d414b25b86a1b7ad2.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37137), with no line terminators
Hash b57d068e34d462df0981f34857df2241
584a229fbb78c242ef15a0298c0b6852e2e1db9f
a4aeeeac05711d9a985048c923aff68af0e100197070f889031a2704fe5ceec3
GET /cc/58/5f/cc585f6c9356b37d414b25b86a1b7ad2.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lafondhernight.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 08 Dec 2022 10:28:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d249f73cd66df45c02e3d6691a48bc5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 2b30426b2ebadaeefe42e0df47296748
921c1e9f523c4ce527d56b6115c9ed68d5916757
abce6391e73f193d1338618d44d1e83403aeca6b58a280f08a6a6fa5baf6223a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103065
Date: Thu, 08 Dec 2022 10:28:52 GMT
Etag: "63909596-1d7"
Expires: Fri, 09 Dec 2022 15:06:37 GMT
Last-Modified: Wed, 07 Dec 2022 13:31:02 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yfPu4nUQQC3DSIdVIDQBulxlYvaKIr1zUEqj3ty2njJI7XPxgY3O2Q==
Age: 5735
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a46aa002701ae54f4de0d876a5069e2
3cf1e45da11d6583fda708c041d8c309ebe9ff37
70a2ca6ae9b2777aad1261c935a075c256a7d920c98affa64c8affef5d5ff85b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17202
Expires: Thu, 08 Dec 2022 15:15:34 GMT
Date: Thu, 08 Dec 2022 10:28:52 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 135d8029f1f5a240c3cacc2f51088035
6d61f32fd3794b6507af392a5e097b49f7c1eb1b
f34d3a3a53feba12bfe44e6f1f216364100d2114b0aff005396592a5b3a9c289
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://lafondhernight.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=b7f1c3a0-1421-47d2-99a4-4b89077ac36a:3:1; expires=Sun, 05 Dec 2032 10:28:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 134a0e009d79f536ecae51800c422c0a
5a448f90749fe12466697dbd6d9e36e24758d4b8
9f0bdeb1307371106669fe979f56c8f646ad4ce33b9f3961b6e9d50d328da71d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://lafondhernight.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; expires=Sun, 05 Dec 2032 10:28:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 039e22ab1b5f65b1dc3bf1b063ec6ad3
9835db5decdc399bc037542a39a112d877e5a616
1eff32b7014f1db8a105997d6e93cb05608f5f14b4a090017c2aa51c9c22d05c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EFF32B7014F1DB8A105997D6E93CB05608F5F14B4A090017C2AA51C9C22D05C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19025
Expires: Thu, 08 Dec 2022 15:45:57 GMT
Date: Thu, 08 Dec 2022 10:28:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 56dd321da59775b7baa367a91a4cf492
528d7838749b2e3e84dc0d6405abfb5e8f9d2b67
89845ca1e0a0cf645ee55c1caf4f9cc93f4c18fbe4562b4771e748e93e4a9e5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89845CA1E0A0CF645EE55C1CAF4F9CC93F4C18FBE4562B4771E748E93E4A9E5E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8615
Expires: Thu, 08 Dec 2022 12:52:27 GMT
Date: Thu, 08 Dec 2022 10:28:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a46aa002701ae54f4de0d876a5069e2
3cf1e45da11d6583fda708c041d8c309ebe9ff37
70a2ca6ae9b2777aad1261c935a075c256a7d920c98affa64c8affef5d5ff85b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17202
Expires: Thu, 08 Dec 2022 15:15:34 GMT
Date: Thu, 08 Dec 2022 10:28:52 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:25:21 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 428968422
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
sandwichesinstinctive.com/ntv.json?key=46b21327aabb2b9c66a4011e6188e2ec&vstc=2
173.233.137.44200 OK 8.3 kB URL HTTP/1.1 sandwichesinstinctive.com/ntv.json?key=46b21327aabb2b9c66a4011e6188e2ec&vstc=2
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (8331), with no line terminators
Hash 613a4fa77635a86d97202d9838d13c58
7f54428d9fba0ae2a1f4a97adfa6d7b18c330fd1
99566cc762971fe930ea1dbcd7df75d80c45e658129306052f4abdee000adfe6
GET /ntv.json?key=46b21327aabb2b9c66a4011e6188e2ec&vstc=2 HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:52 GMT
Content-Type: application/json
Content-Length: 8331
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://lafondhernight.blogspot.com
Access-Control-Allow-Origin: https://lafondhernight.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16718737; expires=Fri, 09 Dec 2022 10:28:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 09 Dec 2022 10:28:52 GMT; secure; SameSite=None
uncs=1; expires=Fri, 09 Dec 2022 10:28:52 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 09 Dec 2022 10:28:52 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 09 Dec 2022 10:28:52 GMT; secure; SameSite=None
nlec46b21327aabb2b9c66a4011e6188e2ec=[2106764,2229213]; expires=Thu, 08 Dec 2022 10:28:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78f3ae9d5e51d5114ce33900f269e17b
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRx%2Bk0YQPYjipehhEBQF2czsv%2BzaQ7HWSjAmsa3k4uX9m81z38wb35vZ2eQULUgPHrae1NPk26ShNRR7FFRk46UEhO5FcmjunoWiJ2W3C6s%2FmPl93%2Ft%2Bh%2B%2F7vffFXn5GAuT0dOMDs6O0pkuNSuC%2FvqkSYQrnr133w6ASXPA3VdKsX%2FD7k5%2FtvRUGjUrwhv%2Be5F2zVA3CIAiD0L%2BirIxMf2mqQqVH7bDSDir1aiVs1NG3%2F%2Bcu9%2BCoB9E7Iy9AifFTWw%2FuQ%2FERkvj7y9J1M5O%2B%2BW6ca5oZi544%2FCjpJqZIEM9hZD1EyeFsGsaNCfl6ASY5nCWA6e1PEoCpMfF%2BD8GSw5lNsN7BE6dMQyZg4lkUvRGkHkHREbi5ASUeEoALrK0jiW%2BvGVvQ7Scqnahjsvj4T6hiTBYfvYgkvndJq75%2Fzeg8UyZx6EclVH8E1RkhzY%2BR7XhQxTF49jmU%2BI0sPV5FEu%2BvO22gRDlNr9QIKhpBywGo85BPPuUhjzzkqYdYnPq00Y6CYDliUa3WqnPOazXOG62maIhavRUFyPnE3gBZOgDXA3C7i9TuoqsGsPkvcFslnPDgsjHxPtxFT5QoJEHhCApKUCiCIiMoeuWB0K7qyttCu5yFs16d9Vo5NFlnjx6YrCMTspeekeene%2FnnpVvoylO%2F3mTVsFZdppSxKmvzZpPWgzCUzbDVklXJ4VQJ5RamUXfUmJz%2F%2BAekakwW1%2F8Go8dw%2BhhcnQPNQ9BiuFwNQLeG9VaAneTOlvm0qyrcxBCmRJotItv29vQZOT814b%2F6JSQ%2FuXj35aOnw9f%2BALclUlviE%2FUrQUffHF41Bdm%2FagpH7q%2BnmYrVDp1c3LWMZvLc3ffldmGsWLnsBnfe5hNhAo%2BuS5et0kSopOPId5eUENJeMZZL8tOK25RsI3dbl3Kb5OnqxjtXVuLUSueUSUag6uH6X%2BCTdJ%2F9PH2Sz43vQdkRbF4izk%2FIrKDMMXi6C5fO3TtDYPV8hqUeirwc2iqbH2pFoOWcU1bC%2FYezOd5zN9GxC6DZDSRxiZ4t0dMlqB7A5c8Ms9SeXHzwzaS%2BBdMLQ6btwj7TVn81Xe2YvHLuEZw69WUjCiIZVCWL2ixapoFoR%2FU2o%2B1QLrMGDZG5Mb%2F1o%2FgXAAD%2F%2FwEAAP%2F%2FPKbtPW8EAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRx%2Bk0YQPYjipehhEBQF2czsv%2BzaQ7HWSjAmsa3k4uX9m81z38wb35vZ2eQULUgPHrae1NPk26ShNRR7FFRk46UEhO5FcmjunoWiJ2W3C6s%2FmPl93%2Ft%2Bh%2B%2F7vffFXn5GAuT0dOMDs6O0pkuNSuC%2FvqkSYQrnr133w6ASXPA3VdKsX%2FD7k5%2FtvRUGjUrwhv%2Be5F2zVA3CIAiD0L%2BirIxMf2mqQqVH7bDSDir1aiVs1NG3%2F%2Bcu9%2BCoB9E7Iy9AifFTWw%2FuQ%2FERkvj7y9J1M5O%2B%2BW6ca5oZi544%2FCjpJqZIEM9hZD1EyeFsGsaNCfl6ASY5nCWA6e1PEoCpMfF%2BD8GSw5lNsN7BE6dMQyZg4lkUvRGkHkHREbi5ASUeEoALrK0jiW%2BvGVvQ7Scqnahjsvj4T6hiTBYfvYgkvndJq75%2Fzeg8UyZx6EclVH8E1RkhzY%2BR7XhQxTF49jmU%2BI0sPV5FEu%2BvO22gRDlNr9QIKhpBywGo85BPPuUhjzzkqYdYnPq00Y6CYDliUa3WqnPOazXOG62maIhavRUFyPnE3gBZOgDXA3C7i9TuoqsGsPkvcFslnPDgsjHxPtxFT5QoJEHhCApKUCiCIiMoeuWB0K7qyttCu5yFs16d9Vo5NFlnjx6YrCMTspeekeene%2FnnpVvoylO%2F3mTVsFZdppSxKmvzZpPWgzCUzbDVklXJ4VQJ5RamUXfUmJz%2F%2BAekakwW1%2F8Go8dw%2BhhcnQPNQ9BiuFwNQLeG9VaAneTOlvm0qyrcxBCmRJotItv29vQZOT814b%2F6JSQ%2FuXj35aOnw9f%2BALclUlviE%2FUrQUffHF41Bdm%2FagpH7q%2BnmYrVDp1c3LWMZvLc3ffldmGsWLnsBnfe5hNhAo%2BuS5et0kSopOPId5eUENJeMZZL8tOK25RsI3dbl3Kb5OnqxjtXVuLUSueUSUag6uH6X%2BCTdJ%2F9PH2Sz43vQdkRbF4izk%2FIrKDMMXi6C5fO3TtDYPV8hqUeirwc2iqbH2pFoOWcU1bC%2FYezOd5zN9GxC6DZDSRxiZ4t0dMlqB7A5c8Ms9SeXHzwzaS%2BBdMLQ6btwj7TVn81Xe2YvHLuEZw69WUjCiIZVCWL2ixapoFoR%2FU2o%2B1QLrMGDZG5Mb%2F1o%2FgXAAD%2F%2FwEAAP%2F%2FPKbtPW8EAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRx%2Bk0YQPYjipehhEBQF2czsv%2BzaQ7HWSjAmsa3k4uX9m81z38wb35vZ2eQULUgPHrae1NPk26ShNRR7FFRk46UEhO5FcmjunoWiJ2W3C6s%2FmPl93%2Ft%2Bh%2B%2F7vffFXn5GAuT0dOMDs6O0pkuNSuC%2FvqkSYQrnr133w6ASXPA3VdKsX%2FD7k5%2FtvRUGjUrwhv%2Be5F2zVA3CIAiD0L%2BirIxMf2mqQqVH7bDSDir1aiVs1NG3%2F%2Bcu9%2BCoB9E7Iy9AifFTWw%2FuQ%2FERkvj7y9J1M5O%2B%2BW6ca5oZi544%2FCjpJqZIEM9hZD1EyeFsGsaNCfl6ASY5nCWA6e1PEoCpMfF%2BD8GSw5lNsN7BE6dMQyZg4lkUvRGkHkHREbi5ASUeEoALrK0jiW%2BvGVvQ7Scqnahjsvj4T6hiTBYfvYgkvndJq75%2Fzeg8UyZx6EclVH8E1RkhzY%2BR7XhQxTF49jmU%2BI0sPV5FEu%2BvO22gRDlNr9QIKhpBywGo85BPPuUhjzzkqYdYnPq00Y6CYDliUa3WqnPOazXOG62maIhavRUFyPnE3gBZOgDXA3C7i9TuoqsGsPkvcFslnPDgsjHxPtxFT5QoJEHhCApKUCiCIiMoeuWB0K7qyttCu5yFs16d9Vo5NFlnjx6YrCMTspeekeene%2FnnpVvoylO%2F3mTVsFZdppSxKmvzZpPWgzCUzbDVklXJ4VQJ5RamUXfUmJz%2F%2BAekakwW1%2F8Go8dw%2BhhcnQPNQ9BiuFwNQLeG9VaAneTOlvm0qyrcxBCmRJotItv29vQZOT814b%2F6JSQ%2FuXj35aOnw9f%2BALclUlviE%2FUrQUffHF41Bdm%2FagpH7q%2BnmYrVDp1c3LWMZvLc3ffldmGsWLnsBnfe5hNhAo%2BuS5et0kSopOPId5eUENJeMZZL8tOK25RsI3dbl3Kb5OnqxjtXVuLUSueUSUag6uH6X%2BCTdJ%2F9PH2Sz43vQdkRbF4izk%2FIrKDMMXi6C5fO3TtDYPV8hqUeirwc2iqbH2pFoOWcU1bC%2FYezOd5zN9GxC6DZDSRxiZ4t0dMlqB7A5c8Ms9SeXHzwzaS%2BBdMLQ6btwj7TVn81Xe2YvHLuEZw69WUjCiIZVCWL2ixapoFoR%2FU2o%2B1QLrMGDZG5Mb%2F1o%2FgXAAD%2F%2FwEAAP%2F%2FPKbtPW8EAAA%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16718737; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec46b21327aabb2b9c66a4011e6188e2ec=[2106764,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 707148f3e30a0502359694513b72a5f3
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0c8f51dc9f0403e9a4e798b49f977948
34ce92d502b92fd964f80d4c331cca9e42546954
ec4b08d6a0c6fd5733c3ceaf542b37eba10869511c0a782ece7c75bd74ee1084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC4B08D6A0C6FD5733C3CEAF542B37EBA10869511C0A782ECE7C75BD74EE1084"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Thu, 08 Dec 2022 12:42:06 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0c8f51dc9f0403e9a4e798b49f977948
34ce92d502b92fd964f80d4c331cca9e42546954
ec4b08d6a0c6fd5733c3ceaf542b37eba10869511c0a782ece7c75bd74ee1084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC4B08D6A0C6FD5733C3CEAF542B37EBA10869511C0A782ECE7C75BD74EE1084"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Thu, 08 Dec 2022 12:42:06 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:53 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Sat, 10 Dec 2022 10:28:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
45.133.44.9200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:53 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Sat, 10 Dec 2022 10:28:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1f414d7342490b054948d16925b4be49
a9cc8f0762b56f4f86e71ee96d16821b56553776
54ebcff6729f9ae11025678eaf409ca466deb8fd838071bd3a243e698c345b6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54EBCFF6729F9AE11025678EAF409CA466DEB8FD838071BD3A243E698C345B6B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Thu, 08 Dec 2022 14:39:39 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzkYQPYjiZdFDIygKMunu%2BXcPi3GNBGMSd1dy8VJdVTMpp7qrreqenuQUXZA9eJj1pJ46b5INu4bFPQoqMvGyBITti%2BSwuXsWFj0pMzsw%2BkH391697%2FDeV%2FXFfnZOPGT0bPMDvSuVokv1iue%2BviVjrnPrrl93fa%2FiXXK3ZNyoXXIHk5%2Fpv%2BV79Yr3hvueYD29FHi%2B5%2Fme765IIzp6sDRVIZPjtl9pe5VaUPHrNQzM%2F7nNHFjqgPfPyQuQvHxq%2B8F9SDZGHH1%2FRdheqpM3340yRVNt0OdHH8W9WOcxojnsGAed%2BGg2DW1LQr5egI6PZgmg%2BweTBAhlSZzffYTx0cwmwv7hE6ehgogR8meR98cQagxJx2D6BiR%2FSADGsb6BOLq9rk1Od56odKKWZPHxn5B5SRYfvYg4ures5MC9plWWSh1bDDoF5GAM2R0jyU6Q7jqQ%2BQlY%2Bjkk%2F40sPV5DHB1sWKUheTFNL%2BUYsjOGEkNQ6yCbfNJB1nGQJQ4ifubServjec1O2KlWWzXGWLXKWL3V4HVerbU6HjI2sTdEmgzB1BDM7CExe%2BjJIUz2C%2Bx2Acsd2LQkzod76PMCuSDILUFOCXJJkKcEeb845MoGtrjNlc1Cf9aDWa8WI5129%2BmhTrsiJvvJOXl%2Bupd%2FXrqFnjhza40w8KtBk9IwDMI2azRozfN90fBbLREIBisLSLswjborS3Lx4x%2BQyJIsbvyNkJ7AqhMweQE080HzUTPwQLdHtZaH3fjOtv60JytMR%2BC6QJIuIt1x9tU5uTg14b76JQQ7vXz35eOn%2Fdf%2BADMFElPgE%2FkrQVfdHF3VOTm4qnNL7m8kqYzkLp1c3LWUpuLC3ffFTq4NX71ih3feZhNhAo%2BvC5uu0ZjLuGvJd8uSc2FWtGGC%2FLRqt0S4mdnt5czEWbK2%2Bc7KapQYYa3U8RhUPtz4C2yS7rOfp0%2FyufIepBnDZAWi7JTMClKfgCV7sMncvdUERs1nwsRBnhUjE4TzQyUJlJhzGhaw%2F%2BHhHO%2Fbm%2BiaBdD0BuKoQN8U6KsCVA1hs2dGaWJOLz%2F4ZlLfIlQLo1CZhYNQGfXVdLUleeXCI1h55tb9mmiFrSbjPBSM%2B82g2qp6XsB5rdkWfhupLdmtH%2Fm%2FAAAA%2F%2F8BAAD%2F%2FyiuY9tvBAAA
173.233.137.44200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzkYQPYjiZdFDIygKMunu%2BXcPi3GNBGMSd1dy8VJdVTMpp7qrreqenuQUXZA9eJj1pJ46b5INu4bFPQoqMvGyBITti%2BSwuXsWFj0pMzsw%2BkH391697%2FDeV%2FXFfnZOPGT0bPMDvSuVokv1iue%2BviVjrnPrrl93fa%2FiXXK3ZNyoXXIHk5%2Fpv%2BV79Yr3hvueYD29FHi%2B5%2Fme765IIzp6sDRVIZPjtl9pe5VaUPHrNQzM%2F7nNHFjqgPfPyQuQvHxq%2B8F9SDZGHH1%2FRdheqpM3340yRVNt0OdHH8W9WOcxojnsGAed%2BGg2DW1LQr5egI6PZgmg%2BweTBAhlSZzffYTx0cwmwv7hE6ehgogR8meR98cQagxJx2D6BiR%2FSADGsb6BOLq9rk1Od56odKKWZPHxn5B5SRYfvYg4ures5MC9plWWSh1bDDoF5GAM2R0jyU6Q7jqQ%2BQlY%2Bjkk%2F40sPV5DHB1sWKUheTFNL%2BUYsjOGEkNQ6yCbfNJB1nGQJQ4ifubServjec1O2KlWWzXGWLXKWL3V4HVerbU6HjI2sTdEmgzB1BDM7CExe%2BjJIUz2C%2Bx2Acsd2LQkzod76PMCuSDILUFOCXJJkKcEeb845MoGtrjNlc1Cf9aDWa8WI5129%2BmhTrsiJvvJOXl%2Bupd%2FXrqFnjhza40w8KtBk9IwDMI2azRozfN90fBbLREIBisLSLswjborS3Lx4x%2BQyJIsbvyNkJ7AqhMweQE080HzUTPwQLdHtZaH3fjOtv60JytMR%2BC6QJIuIt1x9tU5uTg14b76JQQ7vXz35eOn%2Fdf%2BADMFElPgE%2FkrQVfdHF3VOTm4qnNL7m8kqYzkLp1c3LWUpuLC3ffFTq4NX71ih3feZhNhAo%2BvC5uu0ZjLuGvJd8uSc2FWtGGC%2FLRqt0S4mdnt5czEWbK2%2Bc7KapQYYa3U8RhUPtz4C2yS7rOfp0%2FyufIepBnDZAWi7JTMClKfgCV7sMncvdUERs1nwsRBnhUjE4TzQyUJlJhzGhaw%2F%2BHhHO%2Fbm%2BiaBdD0BuKoQN8U6KsCVA1hs2dGaWJOLz%2F4ZlLfIlQLo1CZhYNQGfXVdLUleeXCI1h55tb9mmiFrSbjPBSM%2B82g2qp6XsB5rdkWfhupLdmtH%2Fm%2FAAAA%2F%2F8BAAD%2F%2FyiuY9tvBAAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzkYQPYjiZdFDIygKMunu%2BXcPi3GNBGMSd1dy8VJdVTMpp7qrreqenuQUXZA9eJj1pJ46b5INu4bFPQoqMvGyBITti%2BSwuXsWFj0pMzsw%2BkH391697%2FDeV%2FXFfnZOPGT0bPMDvSuVokv1iue%2BviVjrnPrrl93fa%2FiXXK3ZNyoXXIHk5%2Fpv%2BV79Yr3hvueYD29FHi%2B5%2Fme765IIzp6sDRVIZPjtl9pe5VaUPHrNQzM%2F7nNHFjqgPfPyQuQvHxq%2B8F9SDZGHH1%2FRdheqpM3340yRVNt0OdHH8W9WOcxojnsGAed%2BGg2DW1LQr5egI6PZgmg%2BweTBAhlSZzffYTx0cwmwv7hE6ehgogR8meR98cQagxJx2D6BiR%2FSADGsb6BOLq9rk1Od56odKKWZPHxn5B5SRYfvYg4ures5MC9plWWSh1bDDoF5GAM2R0jyU6Q7jqQ%2BQlY%2Bjkk%2F40sPV5DHB1sWKUheTFNL%2BUYsjOGEkNQ6yCbfNJB1nGQJQ4ifubServjec1O2KlWWzXGWLXKWL3V4HVerbU6HjI2sTdEmgzB1BDM7CExe%2BjJIUz2C%2Bx2Acsd2LQkzod76PMCuSDILUFOCXJJkKcEeb845MoGtrjNlc1Cf9aDWa8WI5129%2BmhTrsiJvvJOXl%2Bupd%2FXrqFnjhza40w8KtBk9IwDMI2azRozfN90fBbLREIBisLSLswjborS3Lx4x%2BQyJIsbvyNkJ7AqhMweQE080HzUTPwQLdHtZaH3fjOtv60JytMR%2BC6QJIuIt1x9tU5uTg14b76JQQ7vXz35eOn%2Fdf%2BADMFElPgE%2FkrQVfdHF3VOTm4qnNL7m8kqYzkLp1c3LWUpuLC3ffFTq4NX71ih3feZhNhAo%2BvC5uu0ZjLuGvJd8uSc2FWtGGC%2FLRqt0S4mdnt5czEWbK2%2Bc7KapQYYa3U8RhUPtz4C2yS7rOfp0%2FyufIepBnDZAWi7JTMClKfgCV7sMncvdUERs1nwsRBnhUjE4TzQyUJlJhzGhaw%2F%2BHhHO%2Fbm%2BiaBdD0BuKoQN8U6KsCVA1hs2dGaWJOLz%2F4ZlLfIlQLo1CZhYNQGfXVdLUleeXCI1h55tb9mmiFrSbjPBSM%2B82g2qp6XsB5rdkWfhupLdmtH%2Fm%2FAAAA%2F%2F8BAAD%2F%2FyiuY9tvBAAA HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16718737; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec46b21327aabb2b9c66a4011e6188e2ec=[2106764,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c41a29851875feb3015bf71375304de
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudvfgn%2FQQNIJoIihUSCCR03r1%2FviNFRAhBESE2SZAbmvm35%2BFmd5aZ3duzK0MESkFxoQKq9Ts7VoKFSIkECJ1pIgukXINcxD01UgQV6M4nHXzS7vfevK9475v5dCc%2FIQFyerz2jtlSWtPlZjXwX15XiTCF86%2Fe8MOgGpzz11XSapzzB9Of7b8WBs1q8Ir%2FluQ9s1wLwiAIg9C%2FpKyMzGB5pkKlB52w2gmqjVo1bDYwsP%2FlLvfgqAfRPyHPQInJ%2FzYe3IfiYyTxtxel62UmffXNONc0MxZ9sf9e0ktMkSBewMh6iJL9%2BTSMmxDyRQUm2Z8ngOnvThOAqQnxfgvBkv25TbD%2B3qlTpiETMPEkiv4YUo%2Bh6Bjc3IQSDwnABa6uIonvXDW2oJunKp2qE7L0%2BA%2BoYkKWHj2LJP7mglYD%2F7rReaZM4jCISqjBGKo7RpofItvyoIpD8OxjKPErWX58BUm8u%2Bq0gRLlLL1SY6hoDC2HoM5DPv2UhzzykKceYnHs02YnCoKViEX1ervBOa%2FXOW%2B2W6Ip6o12FCDnU3tDZOkQXA%2FB7TZSu42eGsLmP8FtlHDCg8smxHt3G31RopAEhSMoKEGhCIqMoOiXe0K7mivvCO1yFs57bd7r5chk3R26Z7KuTMhOekKenu3l7%2BduoyeP%2FUaL1cJ6bYVSxmqsw1st2gjCULbCdlvWJIdTJZSrzKJuqQk5%2B%2F53SNWELK3%2BBUYP4fQhuDoDmoegxWilFoBujBrtAFvJ3Q3zYU9VuYkhTIk0W0K26e3oE3J2ZuKFM48g%2BdH5e88f%2FD986XdwWyK1JT5QPxN09a3RNVOQ3WumcOT%2BapqpWG3R6cVdz2gmz9x7W24WxorLF93w7ut8KkzhwQ3psis0ESrpOvL1BSWEtJeM5ZL8cNmtS7aWu40LuU3y9MraG5cux6mVzimTjEHVw9U%2FwafpPvpx9iSf%2BuUTKDuGzUvE%2BRGZF5Q5BE%2B34dKFe2cIrF7MsLSCIi9HtsYWh1oRaLnglJVw%2F%2BJsgXfcLXRtBTS7iSQu0bcl%2BroE1UO4%2FIlRltqj8w%2B%2BnNZXYLoyYtpWdpm2%2BvMJ8V%2F87HS%2FTh37shkFkQxqkkUdFq3QQHSiRofRTihXWJOGyNyE3%2F5e%2FAMAAP%2F%2FAQAA%2F%2F9X3W9XbwQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudvfgn%2FQQNIJoIihUSCCR03r1%2FviNFRAhBESE2SZAbmvm35%2BFmd5aZ3duzK0MESkFxoQKq9Ts7VoKFSIkECJ1pIgukXINcxD01UgQV6M4nHXzS7vfevK9475v5dCc%2FIQFyerz2jtlSWtPlZjXwX15XiTCF86%2Fe8MOgGpzz11XSapzzB9Of7b8WBs1q8Ir%2FluQ9s1wLwiAIg9C%2FpKyMzGB5pkKlB52w2gmqjVo1bDYwsP%2FlLvfgqAfRPyHPQInJ%2FzYe3IfiYyTxtxel62UmffXNONc0MxZ9sf9e0ktMkSBewMh6iJL9%2BTSMmxDyRQUm2Z8ngOnvThOAqQnxfgvBkv25TbD%2B3qlTpiETMPEkiv4YUo%2Bh6Bjc3IQSDwnABa6uIonvXDW2oJunKp2qE7L0%2BA%2BoYkKWHj2LJP7mglYD%2F7rReaZM4jCISqjBGKo7RpofItvyoIpD8OxjKPErWX58BUm8u%2Bq0gRLlLL1SY6hoDC2HoM5DPv2UhzzykKceYnHs02YnCoKViEX1ervBOa%2FXOW%2B2W6Ip6o12FCDnU3tDZOkQXA%2FB7TZSu42eGsLmP8FtlHDCg8smxHt3G31RopAEhSMoKEGhCIqMoOiXe0K7mivvCO1yFs57bd7r5chk3R26Z7KuTMhOekKenu3l7%2BduoyeP%2FUaL1cJ6bYVSxmqsw1st2gjCULbCdlvWJIdTJZSrzKJuqQk5%2B%2F53SNWELK3%2BBUYP4fQhuDoDmoegxWilFoBujBrtAFvJ3Q3zYU9VuYkhTIk0W0K26e3oE3J2ZuKFM48g%2BdH5e88f%2FD986XdwWyK1JT5QPxN09a3RNVOQ3WumcOT%2BapqpWG3R6cVdz2gmz9x7W24WxorLF93w7ut8KkzhwQ3psis0ESrpOvL1BSWEtJeM5ZL8cNmtS7aWu40LuU3y9MraG5cux6mVzimTjEHVw9U%2FwafpPvpx9iSf%2BuUTKDuGzUvE%2BRGZF5Q5BE%2B34dKFe2cIrF7MsLSCIi9HtsYWh1oRaLnglJVw%2F%2BJsgXfcLXRtBTS7iSQu0bcl%2BroE1UO4%2FIlRltqj8w%2B%2BnNZXYLoyYtpWdpm2%2BvMJ8V%2F87HS%2FTh37shkFkQxqkkUdFq3QQHSiRofRTihXWJOGyNyE3%2F5e%2FAMAAP%2F%2FAQAA%2F%2F9X3W9XbwQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudvfgn%2FQQNIJoIihUSCCR03r1%2FviNFRAhBESE2SZAbmvm35%2BFmd5aZ3duzK0MESkFxoQKq9Ts7VoKFSIkECJ1pIgukXINcxD01UgQV6M4nHXzS7vfevK9475v5dCc%2FIQFyerz2jtlSWtPlZjXwX15XiTCF86%2Fe8MOgGpzz11XSapzzB9Of7b8WBs1q8Ir%2FluQ9s1wLwiAIg9C%2FpKyMzGB5pkKlB52w2gmqjVo1bDYwsP%2FlLvfgqAfRPyHPQInJ%2FzYe3IfiYyTxtxel62UmffXNONc0MxZ9sf9e0ktMkSBewMh6iJL9%2BTSMmxDyRQUm2Z8ngOnvThOAqQnxfgvBkv25TbD%2B3qlTpiETMPEkiv4YUo%2Bh6Bjc3IQSDwnABa6uIonvXDW2oJunKp2qE7L0%2BA%2BoYkKWHj2LJP7mglYD%2F7rReaZM4jCISqjBGKo7RpofItvyoIpD8OxjKPErWX58BUm8u%2Bq0gRLlLL1SY6hoDC2HoM5DPv2UhzzykKceYnHs02YnCoKViEX1ervBOa%2FXOW%2B2W6Ip6o12FCDnU3tDZOkQXA%2FB7TZSu42eGsLmP8FtlHDCg8smxHt3G31RopAEhSMoKEGhCIqMoOiXe0K7mivvCO1yFs57bd7r5chk3R26Z7KuTMhOekKenu3l7%2BduoyeP%2FUaL1cJ6bYVSxmqsw1st2gjCULbCdlvWJIdTJZSrzKJuqQk5%2B%2F53SNWELK3%2BBUYP4fQhuDoDmoegxWilFoBujBrtAFvJ3Q3zYU9VuYkhTIk0W0K26e3oE3J2ZuKFM48g%2BdH5e88f%2FD986XdwWyK1JT5QPxN09a3RNVOQ3WumcOT%2BapqpWG3R6cVdz2gmz9x7W24WxorLF93w7ut8KkzhwQ3psis0ESrpOvL1BSWEtJeM5ZL8cNmtS7aWu40LuU3y9MraG5cux6mVzimTjEHVw9U%2FwafpPvpx9iSf%2BuUTKDuGzUvE%2BRGZF5Q5BE%2B34dKFe2cIrF7MsLSCIi9HtsYWh1oRaLnglJVw%2F%2BJsgXfcLXRtBTS7iSQu0bcl%2BroE1UO4%2FIlRltqj8w%2B%2BnNZXYLoyYtpWdpm2%2BvMJ8V%2F87HS%2FTh37shkFkQxqkkUdFq3QQHSiRofRTihXWJOGyNyE3%2F5e%2FAMAAP%2F%2FAQAA%2F%2F9X3W9XbwQAAA%3D%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16718737; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec46b21327aabb2b9c66a4011e6188e2ec=[2106764,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c37e319e523787f2e6681537053fca8e
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRutnuQHP%2FSi4mXRQyMoCjLp7vnvHhbjGgnGJO6u5OKluqpmUk51V1vVPT3JKbooe%2FAw60k9dd4kG3YN4h4FFZl4WYLCzkVy2Nw9C4uelJkMjH7Q%2Fb1X7zu891V9up%2BdEw8ZPdt8R%2B9KpehSrey5L2%2FJmOvcuus3XN8re5fdLRnXq5fd%2FuRneq%2F5Xq3sveK%2BJVhXLwWe73m%2B57sr0oi27i9NVcjkuOWXW165GpT9WhV9819uMweWOuC9c%2FIMJB%2F%2Fb%2FvBfUg2Qhx9e1XYbqqTV9%2BMMkVTbdDjR%2B%2FF3VjnMaI5bBsH7fhoNg1tx4R8UYKOj2YJoHsHkwQI5Zg4v%2FkI46OZTYS9wwunoYKIEfInkfdGEGoESUdg%2BiYkf0gAxrG%2BgTi6s65NTncuVDpRx2Tx8R%2BQ%2BZgsPnoWcfTNspJ997pWWSp1bNFvF5D9EWRnhCQ7QbrrQOYnYOnHkPxXsvR4DXF0sGGVhuTFNL2UI8j2CEoMQK2DbPJJB1nbQZY4iPiZS2uttuc12mG7UmlWGWOVCmO1Zp3XeKXabHvI2MTeAGkyAFMDMLOHxOyhKwcw2U%2Bw2wUsd2DTMXHe3UOPF8gFQW4JckqQS4I8Jch7xSFXNrDFHa5sFvqzHsx6pRjqtLNPD3XaETHZT87J09O9%2FP3cbXTFmVuth4FfCRqUhmEQtli9Tque74u632yKQDBYWUDa0jTqrhyTS%2B9%2Fh0SOyeLGXwjpCaw6AZMLoJkPmg8bgQe6Paw2PezGd7f1h11ZZjoC1wWSdBHpjrOvzsmlqYkXFh5BsNMr954%2F%2Fr%2F%2F0u9gpkBiCnwgfyboqFvDazonB9d0bsn9jSSVkdylk4u7ntJULNx7W%2Bzk2vDVq3Zw93U2ESbw%2BIaw6RqNuYw7lny9LDkXZkUbJsgPq3ZLhJuZ3V7OTJwla5tvrKxGiRHWSh2PQOXDjT%2FBJuk%2B%2BnH6JJ%2F65RNIM4LJCkTZKZkVpD4BS%2FZgk7l7qwmMms%2BESQl5VgxNEM4PlSRQYs5pWMD%2Bi4dzvG9voWNKoOlNxFGBninQUwWoGsBmTwzTxJxeefDlpL5CqErDUJnSQaiM%2BnxM3Bc%2Fu9ivlWduza%2BKZthsMM5DwbjfCCrNiucFnFcbLeG3kNoxu%2F09%2FwcAAP%2F%2FAQAA%2F%2F9D1eGxbwQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRutnuQHP%2FSi4mXRQyMoCjLp7vnvHhbjGgnGJO6u5OKluqpmUk51V1vVPT3JKbooe%2FAw60k9dd4kG3YN4h4FFZl4WYLCzkVy2Nw9C4uelJkMjH7Q%2Fb1X7zu891V9up%2BdEw8ZPdt8R%2B9KpehSrey5L2%2FJmOvcuus3XN8re5fdLRnXq5fd%2FuRneq%2F5Xq3sveK%2BJVhXLwWe73m%2B57sr0oi27i9NVcjkuOWXW165GpT9WhV9819uMweWOuC9c%2FIMJB%2F%2Fb%2FvBfUg2Qhx9e1XYbqqTV9%2BMMkVTbdDjR%2B%2FF3VjnMaI5bBsH7fhoNg1tx4R8UYKOj2YJoHsHkwQI5Zg4v%2FkI46OZTYS9wwunoYKIEfInkfdGEGoESUdg%2BiYkf0gAxrG%2BgTi6s65NTncuVDpRx2Tx8R%2BQ%2BZgsPnoWcfTNspJ997pWWSp1bNFvF5D9EWRnhCQ7QbrrQOYnYOnHkPxXsvR4DXF0sGGVhuTFNL2UI8j2CEoMQK2DbPJJB1nbQZY4iPiZS2uttuc12mG7UmlWGWOVCmO1Zp3XeKXabHvI2MTeAGkyAFMDMLOHxOyhKwcw2U%2Bw2wUsd2DTMXHe3UOPF8gFQW4JckqQS4I8Jch7xSFXNrDFHa5sFvqzHsx6pRjqtLNPD3XaETHZT87J09O9%2FP3cbXTFmVuth4FfCRqUhmEQtli9Tque74u632yKQDBYWUDa0jTqrhyTS%2B9%2Fh0SOyeLGXwjpCaw6AZMLoJkPmg8bgQe6Paw2PezGd7f1h11ZZjoC1wWSdBHpjrOvzsmlqYkXFh5BsNMr954%2F%2Fr%2F%2F0u9gpkBiCnwgfyboqFvDazonB9d0bsn9jSSVkdylk4u7ntJULNx7W%2Bzk2vDVq3Zw93U2ESbw%2BIaw6RqNuYw7lny9LDkXZkUbJsgPq3ZLhJuZ3V7OTJwla5tvrKxGiRHWSh2PQOXDjT%2FBJuk%2B%2BnH6JJ%2F65RNIM4LJCkTZKZkVpD4BS%2FZgk7l7qwmMms%2BESQl5VgxNEM4PlSRQYs5pWMD%2Bi4dzvG9voWNKoOlNxFGBninQUwWoGsBmTwzTxJxeefDlpL5CqErDUJnSQaiM%2BnxM3Bc%2Fu9ivlWduza%2BKZthsMM5DwbjfCCrNiucFnFcbLeG3kNoxu%2F09%2FwcAAP%2F%2FAQAA%2F%2F9D1eGxbwQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRutnuQHP%2FSi4mXRQyMoCjLp7vnvHhbjGgnGJO6u5OKluqpmUk51V1vVPT3JKbooe%2FAw60k9dd4kG3YN4h4FFZl4WYLCzkVy2Nw9C4uelJkMjH7Q%2Fb1X7zu891V9up%2BdEw8ZPdt8R%2B9KpehSrey5L2%2FJmOvcuus3XN8re5fdLRnXq5fd%2FuRneq%2F5Xq3sveK%2BJVhXLwWe73m%2B57sr0oi27i9NVcjkuOWXW165GpT9WhV9819uMweWOuC9c%2FIMJB%2F%2Fb%2FvBfUg2Qhx9e1XYbqqTV9%2BMMkVTbdDjR%2B%2FF3VjnMaI5bBsH7fhoNg1tx4R8UYKOj2YJoHsHkwQI5Zg4v%2FkI46OZTYS9wwunoYKIEfInkfdGEGoESUdg%2BiYkf0gAxrG%2BgTi6s65NTncuVDpRx2Tx8R%2BQ%2BZgsPnoWcfTNspJ997pWWSp1bNFvF5D9EWRnhCQ7QbrrQOYnYOnHkPxXsvR4DXF0sGGVhuTFNL2UI8j2CEoMQK2DbPJJB1nbQZY4iPiZS2uttuc12mG7UmlWGWOVCmO1Zp3XeKXabHvI2MTeAGkyAFMDMLOHxOyhKwcw2U%2Bw2wUsd2DTMXHe3UOPF8gFQW4JckqQS4I8Jch7xSFXNrDFHa5sFvqzHsx6pRjqtLNPD3XaETHZT87J09O9%2FP3cbXTFmVuth4FfCRqUhmEQtli9Tque74u632yKQDBYWUDa0jTqrhyTS%2B9%2Fh0SOyeLGXwjpCaw6AZMLoJkPmg8bgQe6Paw2PezGd7f1h11ZZjoC1wWSdBHpjrOvzsmlqYkXFh5BsNMr954%2F%2Fr%2F%2F0u9gpkBiCnwgfyboqFvDazonB9d0bsn9jSSVkdylk4u7ntJULNx7W%2Bzk2vDVq3Zw93U2ESbw%2BIaw6RqNuYw7lny9LDkXZkUbJsgPq3ZLhJuZ3V7OTJwla5tvrKxGiRHWSh2PQOXDjT%2FBJuk%2B%2BnH6JJ%2F65RNIM4LJCkTZKZkVpD4BS%2FZgk7l7qwmMms%2BESQl5VgxNEM4PlSRQYs5pWMD%2Bi4dzvG9voWNKoOlNxFGBninQUwWoGsBmTwzTxJxeefDlpL5CqErDUJnSQaiM%2BnxM3Bc%2Fu9ivlWduza%2BKZthsMM5DwbjfCCrNiucFnFcbLeG3kNoxu%2F09%2FwcAAP%2F%2FAQAA%2F%2F9D1eGxbwQAAA%3D%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16718737; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec46b21327aabb2b9c66a4011e6188e2ec=[2106764,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ced92796d1a4c263ee78e7fc2d1c67a5
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4597531&@f16&@g1&@h1&@i1&@j1670495332238&@k0&@l1&@mHow%20To%20Install%20Directv%20Player%20On%20Mac%20-%20Lafond%20Hernight&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:85979592&@b3:1670495332&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flafondhernight.blogspot.com%2F2022%2F03%2Fhow-to-install-directv-player-on-mac.html&@w
149.56.240.131200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4597531&@f16&@g1&@h1&@i1&@j1670495332238&@k0&@l1&@mHow%20To%20Install%20Directv%20Player%20On%20Mac%20-%20Lafond%20Hernight&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:85979592&@b3:1670495332&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flafondhernight.blogspot.com%2F2022%2F03%2Fhow-to-install-directv-player-on-mac.html&@w
IP 149.56.240.131:0
File type ASCII text, with no line terminators
Hash 461720dae2dc900bc96cb7212a2fef20
f9ff9882cf5865320e89418b03178a3a73019639
39d883662079d9eab323bec52a1825286ee43c5bbeb4679c056fb53b68bbcaef
GET /stats/0.php?4597531&@f16&@g1&@h1&@i1&@j1670495332238&@k0&@l1&@mHow%20To%20Install%20Directv%20Player%20On%20Mac%20-%20Lafond%20Hernight&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:85979592&@b3:1670495332&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flafondhernight.blogspot.com%2F2022%2F03%2Fhow-to-install-directv-player-on-mac.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
sandwichesinstinctive.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
173.233.137.44200 OK 29 kB URL HTTP/1.1 sandwichesinstinctive.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash d37caf150d611dd85357a46e77a7d8aa
1bfb33bb4e7ace5a0be504f8d22608aac18f5c29
85d3d39b906c82e95a590f21636f917c742ceffb6e3891e92af382bf095d6a8b
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16718737; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec46b21327aabb2b9c66a4011e6188e2ec=[2106764,2229213]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a5b6ec7739e59443c0b39b269e0fe01
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
swelltomatoesguess.com/sbar.json?key=cc585f6c9356b37d414b25b86a1b7ad2&uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de%3A1%3A1
173.233.137.44200 OK 7.8 kB URL HTTP/1.1 swelltomatoesguess.com/sbar.json?key=cc585f6c9356b37d414b25b86a1b7ad2&uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de%3A1%3A1
IP 173.233.137.44:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13063), with no line terminators
Hash 1ff8b801fc0da1efee833cbed9bb41e0
2c15a63e02ca4f45c594906772c51e2b18d741bc
62f591c704bc5fa3c715b0c027fd5ba025a46cc22082d4cdf2721c7ca4eff533
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=cc585f6c9356b37d414b25b86a1b7ad2&uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de%3A1%3A1 HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://lafondhernight.blogspot.com
Access-Control-Allow-Origin: https://lafondhernight.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16602886; expires=Fri, 09 Dec 2022 10:28:53 GMT; secure; SameSite=None
uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; expires=Thu, 15 Dec 2022 10:28:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 09 Dec 2022 10:28:53 GMT; secure; SameSite=None
uncs=1; expires=Fri, 09 Dec 2022 10:28:53 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 09 Dec 2022 10:28:53 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 09 Dec 2022 10:28:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46be7fb2fea041d729d5cf710c134717
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 96ffc94704e14c0a43103e77a67ea03c
16ac34abeb5c091f06142488f557b2aea78f146f
8ebd242e747c1d7010394568b6bc785cab76888767ebf9dea4e86e1951999efc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EBD242E747C1D7010394568B6BC785CAB76888767EBF9DEA4E86E1951999EFC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2375
Expires: Thu, 08 Dec 2022 11:08:28 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
swelltomatoesguess.com/ren.gif?sid=H4sIAAAAAAAC%2F3RV24skZxWvTlYRfFKCEEHoMBIU7Zm6dHV3JSxL36amL1V9qZquqVJYvvrq0l933aYuXT3lSzSgwYc4eRB8s%2FfMbtbVkBjwRfDGrA%2FKQiDjg0zABcE%2FQBKI%2BiBIz26yRvDA6XPOd873nd%2FvfP1R372VPaRoyNDlWAoL4nloj9%2Bly1%2FRSGCFeVKW1TJD79IvljUS1Kovltfbn3j1AkPzu%2FRXy6KNl%2BEeSzM0zdBMeZ%2FEthOu966yQKI3BGZXoHer7C7DV2EdfzJOshIkqATW6iH1eSDWxafmf3wbCD6HwP95x06WaRh9vetnHkrDGFbW3cNgGYR5AP4T14lL4AR3H1dDmFxQ1I%2BegjC4%2B5gBhKvbWwZgkguq9GcGzODuY5hgru48Qmp6YAdgWp%2BFfHUOtncOBJ0DDl8GYr1LAWAL5BEE%2FutyGOfo5FEWbbMX1LUPPwCSX1DX%2FvIMBP6bLY%2Bsy0roZSkJgwTWzgbI%2BhyIew5Rdh%2FSogQkvw84%2FQ4Q6x1q78MhBP7tUeKFQKzLL9dqVVR1LLrC1VhcqWKOrzQsi6ugOsc4loOrNcu%2BGhEh50Ccc%2FDsU0BJCbKtkhJkTgmyqAS%2BdVlGvODQdN0xHY5rVDHGHIcx36hZvMVVGw4NGd5yOIU0OgXsnQKOX4IofgmW5BTi7HeQzDeQWCVIUgpW1gZym4I8oSBHFOSEgjylIF9t7lhewiab1y0vyUzmsWUfW25zFqbuLXQnTF07oG5FD6nPXQ3u39qnYWlflreQeKeGBY6vmVzdqjJVk%2BXNRg0xZh1ZLCRkAyR56opmQS6oZ7%2F5S4jIBXVt9C8w0X1IvPuAydOAsi8Bys%2FqLA1oflZt0FAE9%2Bbh8ZLs4tAHK9xAlF6D9KR0y3tIPXsFgnvmn2DjBzc%2B%2BMc7l1%2F43tcAxxuI4g0syO8pcL1XzqZhTt2ehnlCvT2KUuKTAm1vVklRalM%2FHdgneRhbvU5yeq%2BJt4mt%2B4ZqJ%2BkQBRYJ3IT6WYtYlh3vhzG2qV%2F3Es02x1kyb2VxkEXDcXu%2F50exnSQkDM4BkXe%2F8QfA5IL6zG8WV%2F%2FZL%2BoykPg%2BxNl7T%2F9wnqZR8sLeHkrSICQrOw5QsCW3hyKyt2L2ksz0SXrTCWP%2FBk7X17t9sqBdjPqaMMei50iitNaL2UIqmiejjuFJ2pRIi%2F25XEzWhjol8qK%2FGIk91lAnblMJe5Kqs1KnVx119JOm2hrgda%2BvB%2F2Vrk2JrvFL0e1n5klP1v11ZLdbAfYFBrdbc3wStsZFf6JqQg1p60RXGsxw0XQH%2B1Zk%2BtOVxUmu6k1cSW1mUidxZ6yXyYtJvXfgsnIncXGg1yS1ud0T9bqWp7Ppalj0ckltbnXd6xoR9me%2BybmrR3Ut1O90WV2b5LpvkKHWo6UFTuWO7BlthozE6XKo6rRcTDhDdRmp0HPZH9BNf05bB61iRBoryxcinZ0VQy31sD%2FLdPYw01khHRbNE1nUq4ZoLIbaYS6JUiqLPUZXmLmu6cVQk7bzWUt%2Bl9dVvJYWQs1keQ9pE8HmopXpzyLjgPZ1fz8z%2FdnJ1Trbn5s%2B72HfWzqKQbAvcJidnYyP0o99RzFWuGDqJicL%2FWBWGEd9R9dkGh0ZkXWwFGzuf9c8oR9c9XOsAy83VKZu%2B0JmzATaPmp5jmIsdI3Jdc0LTN9bjo%2FST8SOYjDbvrpmeWYw%2Bej8ucHOMuuA9k1xPzO42dxgDwWbXc9N32K2tdtzTZbPjC0OTcg%2B6q2zwpbvwhK9lUn4jzGYnExve2%2BtoxgsOpIjSxROjlhvOVam9UNm1lYOpwJyD9dSx2Vkrt2IG%2Ba0EqGG37KqvLMQgyZqNqd%2B2MRxXtGrrWRyYGP9eMSPB%2BNxJWx1XJI0p70Di%2FUyQxQ4vHZbDbe7L7WruVQE1aZVJ3N31GweH4VMLg6arsuP1OUjNbrtQRVrLK5zYVHRm273%2BvP4uknXsYkbVVTj6QbP888X13maqddZAfzswY1fFH8V33zmW0DCc8DRyz%2FZ2em1R%2FLOznul4f99tASHwdUzbQf0otLtH%2BOi1izqFn3sx8XBQDFVRm5YMlaiI6E9Oe70DxqG1pjNxDarcKzroFnQGs9643lX6RfNSB%2FMpnZYy0eTxmKcn%2FQrMR%2BtAqEqNjQ1m%2FGi2qrF7ZRuiM5%2BrTHihWEe2aIw79XU6VBdiqRHsnl3ph2bxwduIo%2F3tWyQTnueotS96dGYp%2BuNekc5dGIf3xT7B%2Bo0DrB5cyC7CpIm2MbHcW2dddp1Rln7MT24achJPYxMoWix66GC3EGlFcueSjuJ4Eq5j2wsy8G0Wdd5fdIcYDlhxZsNrRIRJl70q%2BOKUj88FKoTpVCTJ7O%2Bt7Oj9tRhd2fn8jkNFcg3UfnvP3712%2BX9%2B3fKbmjZ5UXm2SnxzMx67q2dnU5XaU97Y7W3vYvftsIgS%2By4HLplN0YpSZKIBEF5vrLjsoVcSKIH1GOBJKQg9p7EZlSCPNucxaz54MYP3v%2Fbq98%2FfggeuaBe2LwFnv3gxvvOlQAyN5DY%2F7XxiX8reQXcuAQofRkCfwOreAMrbwPIO4Uke%2FosjeIHN%2F7EXQmYXunM9OLSbdOLvdcefaoSclm2eYd2bJq1TUcwnTqiLcGpCiYSGLtu8oiBNLnAr%2F3K%2Fg8AAAD%2F%2FwEAAP%2F%2FnpA0CNsJAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 swelltomatoesguess.com/ren.gif?sid=H4sIAAAAAAAC%2F3RV24skZxWvTlYRfFKCEEHoMBIU7Zm6dHV3JSxL36amL1V9qZquqVJYvvrq0l933aYuXT3lSzSgwYc4eRB8s%2FfMbtbVkBjwRfDGrA%2FKQiDjg0zABcE%2FQBKI%2BiBIz26yRvDA6XPOd873nd%2FvfP1R372VPaRoyNDlWAoL4nloj9%2Bly1%2FRSGCFeVKW1TJD79IvljUS1Kovltfbn3j1AkPzu%2FRXy6KNl%2BEeSzM0zdBMeZ%2FEthOu966yQKI3BGZXoHer7C7DV2EdfzJOshIkqATW6iH1eSDWxafmf3wbCD6HwP95x06WaRh9vetnHkrDGFbW3cNgGYR5AP4T14lL4AR3H1dDmFxQ1I%2BegjC4%2B5gBhKvbWwZgkguq9GcGzODuY5hgru48Qmp6YAdgWp%2BFfHUOtncOBJ0DDl8GYr1LAWAL5BEE%2FutyGOfo5FEWbbMX1LUPPwCSX1DX%2FvIMBP6bLY%2Bsy0roZSkJgwTWzgbI%2BhyIew5Rdh%2FSogQkvw84%2FQ4Q6x1q78MhBP7tUeKFQKzLL9dqVVR1LLrC1VhcqWKOrzQsi6ugOsc4loOrNcu%2BGhEh50Ccc%2FDsU0BJCbKtkhJkTgmyqAS%2BdVlGvODQdN0xHY5rVDHGHIcx36hZvMVVGw4NGd5yOIU0OgXsnQKOX4IofgmW5BTi7HeQzDeQWCVIUgpW1gZym4I8oSBHFOSEgjylIF9t7lhewiab1y0vyUzmsWUfW25zFqbuLXQnTF07oG5FD6nPXQ3u39qnYWlflreQeKeGBY6vmVzdqjJVk%2BXNRg0xZh1ZLCRkAyR56opmQS6oZ7%2F5S4jIBXVt9C8w0X1IvPuAydOAsi8Bys%2FqLA1oflZt0FAE9%2Bbh8ZLs4tAHK9xAlF6D9KR0y3tIPXsFgnvmn2DjBzc%2B%2BMc7l1%2F43tcAxxuI4g0syO8pcL1XzqZhTt2ehnlCvT2KUuKTAm1vVklRalM%2FHdgneRhbvU5yeq%2BJt4mt%2B4ZqJ%2BkQBRYJ3IT6WYtYlh3vhzG2qV%2F3Es02x1kyb2VxkEXDcXu%2F50exnSQkDM4BkXe%2F8QfA5IL6zG8WV%2F%2FZL%2BoykPg%2BxNl7T%2F9wnqZR8sLeHkrSICQrOw5QsCW3hyKyt2L2ksz0SXrTCWP%2FBk7X17t9sqBdjPqaMMei50iitNaL2UIqmiejjuFJ2pRIi%2F25XEzWhjol8qK%2FGIk91lAnblMJe5Kqs1KnVx119JOm2hrgda%2BvB%2F2Vrk2JrvFL0e1n5klP1v11ZLdbAfYFBrdbc3wStsZFf6JqQg1p60RXGsxw0XQH%2B1Zk%2BtOVxUmu6k1cSW1mUidxZ6yXyYtJvXfgsnIncXGg1yS1ud0T9bqWp7Ppalj0ckltbnXd6xoR9me%2BybmrR3Ut1O90WV2b5LpvkKHWo6UFTuWO7BlthozE6XKo6rRcTDhDdRmp0HPZH9BNf05bB61iRBoryxcinZ0VQy31sD%2FLdPYw01khHRbNE1nUq4ZoLIbaYS6JUiqLPUZXmLmu6cVQk7bzWUt%2Bl9dVvJYWQs1keQ9pE8HmopXpzyLjgPZ1fz8z%2FdnJ1Trbn5s%2B72HfWzqKQbAvcJidnYyP0o99RzFWuGDqJicL%2FWBWGEd9R9dkGh0ZkXWwFGzuf9c8oR9c9XOsAy83VKZu%2B0JmzATaPmp5jmIsdI3Jdc0LTN9bjo%2FST8SOYjDbvrpmeWYw%2Bej8ucHOMuuA9k1xPzO42dxgDwWbXc9N32K2tdtzTZbPjC0OTcg%2B6q2zwpbvwhK9lUn4jzGYnExve2%2BtoxgsOpIjSxROjlhvOVam9UNm1lYOpwJyD9dSx2Vkrt2IG%2Ba0EqGG37KqvLMQgyZqNqd%2B2MRxXtGrrWRyYGP9eMSPB%2BNxJWx1XJI0p70Di%2FUyQxQ4vHZbDbe7L7WruVQE1aZVJ3N31GweH4VMLg6arsuP1OUjNbrtQRVrLK5zYVHRm273%2BvP4uknXsYkbVVTj6QbP888X13maqddZAfzswY1fFH8V33zmW0DCc8DRyz%2FZ2em1R%2FLOznul4f99tASHwdUzbQf0otLtH%2BOi1izqFn3sx8XBQDFVRm5YMlaiI6E9Oe70DxqG1pjNxDarcKzroFnQGs9643lX6RfNSB%2FMpnZYy0eTxmKcn%2FQrMR%2BtAqEqNjQ1m%2FGi2qrF7ZRuiM5%2BrTHihWEe2aIw79XU6VBdiqRHsnl3ph2bxwduIo%2F3tWyQTnueotS96dGYp%2BuNekc5dGIf3xT7B%2Bo0DrB5cyC7CpIm2MbHcW2dddp1Rln7MT24achJPYxMoWix66GC3EGlFcueSjuJ4Eq5j2wsy8G0Wdd5fdIcYDlhxZsNrRIRJl70q%2BOKUj88FKoTpVCTJ7O%2Bt7Oj9tRhd2fn8jkNFcg3UfnvP3712%2BX9%2B3fKbmjZ5UXm2SnxzMx67q2dnU5XaU97Y7W3vYvftsIgS%2By4HLplN0YpSZKIBEF5vrLjsoVcSKIH1GOBJKQg9p7EZlSCPNucxaz54MYP3v%2Fbq98%2FfggeuaBe2LwFnv3gxvvOlQAyN5DY%2F7XxiX8reQXcuAQofRkCfwOreAMrbwPIO4Uke%2FosjeIHN%2F7EXQmYXunM9OLSbdOLvdcefaoSclm2eYd2bJq1TUcwnTqiLcGpCiYSGLtu8oiBNLnAr%2F3K%2Fg8AAAD%2F%2FwEAAP%2F%2FnpA0CNsJAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F3RV24skZxWvTlYRfFKCEEHoMBIU7Zm6dHV3JSxL36amL1V9qZquqVJYvvrq0l933aYuXT3lSzSgwYc4eRB8s%2FfMbtbVkBjwRfDGrA%2FKQiDjg0zABcE%2FQBKI%2BiBIz26yRvDA6XPOd873nd%2FvfP1R372VPaRoyNDlWAoL4nloj9%2Bly1%2FRSGCFeVKW1TJD79IvljUS1Kovltfbn3j1AkPzu%2FRXy6KNl%2BEeSzM0zdBMeZ%2FEthOu966yQKI3BGZXoHer7C7DV2EdfzJOshIkqATW6iH1eSDWxafmf3wbCD6HwP95x06WaRh9vetnHkrDGFbW3cNgGYR5AP4T14lL4AR3H1dDmFxQ1I%2BegjC4%2B5gBhKvbWwZgkguq9GcGzODuY5hgru48Qmp6YAdgWp%2BFfHUOtncOBJ0DDl8GYr1LAWAL5BEE%2FutyGOfo5FEWbbMX1LUPPwCSX1DX%2FvIMBP6bLY%2Bsy0roZSkJgwTWzgbI%2BhyIew5Rdh%2FSogQkvw84%2FQ4Q6x1q78MhBP7tUeKFQKzLL9dqVVR1LLrC1VhcqWKOrzQsi6ugOsc4loOrNcu%2BGhEh50Ccc%2FDsU0BJCbKtkhJkTgmyqAS%2BdVlGvODQdN0xHY5rVDHGHIcx36hZvMVVGw4NGd5yOIU0OgXsnQKOX4IofgmW5BTi7HeQzDeQWCVIUgpW1gZym4I8oSBHFOSEgjylIF9t7lhewiab1y0vyUzmsWUfW25zFqbuLXQnTF07oG5FD6nPXQ3u39qnYWlflreQeKeGBY6vmVzdqjJVk%2BXNRg0xZh1ZLCRkAyR56opmQS6oZ7%2F5S4jIBXVt9C8w0X1IvPuAydOAsi8Bys%2FqLA1oflZt0FAE9%2Bbh8ZLs4tAHK9xAlF6D9KR0y3tIPXsFgnvmn2DjBzc%2B%2BMc7l1%2F43tcAxxuI4g0syO8pcL1XzqZhTt2ehnlCvT2KUuKTAm1vVklRalM%2FHdgneRhbvU5yeq%2BJt4mt%2B4ZqJ%2BkQBRYJ3IT6WYtYlh3vhzG2qV%2F3Es02x1kyb2VxkEXDcXu%2F50exnSQkDM4BkXe%2F8QfA5IL6zG8WV%2F%2FZL%2BoykPg%2BxNl7T%2F9wnqZR8sLeHkrSICQrOw5QsCW3hyKyt2L2ksz0SXrTCWP%2FBk7X17t9sqBdjPqaMMei50iitNaL2UIqmiejjuFJ2pRIi%2F25XEzWhjol8qK%2FGIk91lAnblMJe5Kqs1KnVx119JOm2hrgda%2BvB%2F2Vrk2JrvFL0e1n5klP1v11ZLdbAfYFBrdbc3wStsZFf6JqQg1p60RXGsxw0XQH%2B1Zk%2BtOVxUmu6k1cSW1mUidxZ6yXyYtJvXfgsnIncXGg1yS1ud0T9bqWp7Ppalj0ckltbnXd6xoR9me%2BybmrR3Ut1O90WV2b5LpvkKHWo6UFTuWO7BlthozE6XKo6rRcTDhDdRmp0HPZH9BNf05bB61iRBoryxcinZ0VQy31sD%2FLdPYw01khHRbNE1nUq4ZoLIbaYS6JUiqLPUZXmLmu6cVQk7bzWUt%2Bl9dVvJYWQs1keQ9pE8HmopXpzyLjgPZ1fz8z%2FdnJ1Trbn5s%2B72HfWzqKQbAvcJidnYyP0o99RzFWuGDqJicL%2FWBWGEd9R9dkGh0ZkXWwFGzuf9c8oR9c9XOsAy83VKZu%2B0JmzATaPmp5jmIsdI3Jdc0LTN9bjo%2FST8SOYjDbvrpmeWYw%2Bej8ucHOMuuA9k1xPzO42dxgDwWbXc9N32K2tdtzTZbPjC0OTcg%2B6q2zwpbvwhK9lUn4jzGYnExve2%2BtoxgsOpIjSxROjlhvOVam9UNm1lYOpwJyD9dSx2Vkrt2IG%2Ba0EqGG37KqvLMQgyZqNqd%2B2MRxXtGrrWRyYGP9eMSPB%2BNxJWx1XJI0p70Di%2FUyQxQ4vHZbDbe7L7WruVQE1aZVJ3N31GweH4VMLg6arsuP1OUjNbrtQRVrLK5zYVHRm273%2BvP4uknXsYkbVVTj6QbP888X13maqddZAfzswY1fFH8V33zmW0DCc8DRyz%2FZ2em1R%2FLOznul4f99tASHwdUzbQf0otLtH%2BOi1izqFn3sx8XBQDFVRm5YMlaiI6E9Oe70DxqG1pjNxDarcKzroFnQGs9643lX6RfNSB%2FMpnZYy0eTxmKcn%2FQrMR%2BtAqEqNjQ1m%2FGi2qrF7ZRuiM5%2BrTHihWEe2aIw79XU6VBdiqRHsnl3ph2bxwduIo%2F3tWyQTnueotS96dGYp%2BuNekc5dGIf3xT7B%2Bo0DrB5cyC7CpIm2MbHcW2dddp1Rln7MT24achJPYxMoWix66GC3EGlFcueSjuJ4Eq5j2wsy8G0Wdd5fdIcYDlhxZsNrRIRJl70q%2BOKUj88FKoTpVCTJ7O%2Bt7Oj9tRhd2fn8jkNFcg3UfnvP3712%2BX9%2B3fKbmjZ5UXm2SnxzMx67q2dnU5XaU97Y7W3vYvftsIgS%2By4HLplN0YpSZKIBEF5vrLjsoVcSKIH1GOBJKQg9p7EZlSCPNucxaz54MYP3v%2Fbq98%2FfggeuaBe2LwFnv3gxvvOlQAyN5DY%2F7XxiX8reQXcuAQofRkCfwOreAMrbwPIO4Uke%2FosjeIHN%2F7EXQmYXunM9OLSbdOLvdcefaoSclm2eYd2bJq1TUcwnTqiLcGpCiYSGLtu8oiBNLnAr%2F3K%2Fg8AAAD%2F%2FwEAAP%2F%2FnpA0CNsJAAA%3D HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16602886; uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fad90e9d393ded42428936d030bec131
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.barscreative1.com/sb/notifications/rtb/mac/2/index.html
45.133.44.4200 OK 949 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/rtb/mac/2/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 59b998a522f40af81a9385c243a91943
f27011a7e6baa2c5012eb635790166049980f5b8
90f92666c86708bf8c8590c0838840e510cda2a8ddfd40bc854e8366abb7ef87
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/rtb/mac/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:53 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-4e7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 08 Dec 2022 11:28:53 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 86fc724a00926b02780c2d6459b90fb7
dbf925559b90d11e9bdfbbc171f3ac1fe3210322
a096e53a81068e99d5caa600d62ae48d28b3f841598dfd85bfb61d5e050f890e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A096E53A81068E99D5CAA600D62AE48D28B3F841598DFD85BFB61D5E050F890E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12166
Expires: Thu, 08 Dec 2022 13:51:39 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 86fc724a00926b02780c2d6459b90fb7
dbf925559b90d11e9bdfbbc171f3ac1fe3210322
a096e53a81068e99d5caa600d62ae48d28b3f841598dfd85bfb61d5e050f890e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A096E53A81068E99D5CAA600D62AE48D28B3F841598DFD85BFB61D5E050F890E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12166
Expires: Thu, 08 Dec 2022 13:51:39 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Findex.html&l=1255&fd=99
173.233.137.44200 OK 0 B URL HTTP/1.1 swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Findex.html&l=1255&fd=99
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Findex.html&l=1255&fd=99 HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16602886; uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/img/close.png
172.64.109.13200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/img/close.png
IP 172.64.109.13:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/rtb/mac/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:53 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 17 May 2021 12:14:41 GMT
etag: "60a25e31-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 277535
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8HoZh3BCg9%2BwLvPXXV4JJYvu5imyFV2rs807fxTy2j%2B7o2m75n8uYOM%2F%2FMm0gE46aBDs%2FgI17%2FY8k8jxi807%2Fy%2FUmp%2BV79PHNg9Ibhs5rvFyAuDBrHiLmG5PmLQ9JIBRSTpJVwqmyjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7764d11ce85924d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verdictdisingenuousfruitless.com/pixel/purst?dl=0&th=0&sc=0&rs=4068&rd=4068&fd=397&bv=22.10.v.10&tmpl=136
173.233.139.164200 OK 0 B URL HTTP/1.1 verdictdisingenuousfruitless.com/pixel/purst?dl=0&th=0&sc=0&rs=4068&rd=4068&fd=397&bv=22.10.v.10&tmpl=136
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4068&rd=4068&fd=397&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: verdictdisingenuousfruitless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 27fb95e2d902a2b815fbbf9fe76d8b08
e6f689c2e98aa45b5a2122bc45fd230f74ef9808
bffa4c37d8905ac0759b85609e79be18306d069e6a42293e2df2f5d3f0be4543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFFA4C37D8905AC0759B85609E79BE18306D069E6A42293E2DF2F5D3F0BE4543"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4498
Expires: Thu, 08 Dec 2022 11:43:51 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 86fc724a00926b02780c2d6459b90fb7
dbf925559b90d11e9bdfbbc171f3ac1fe3210322
a096e53a81068e99d5caa600d62ae48d28b3f841598dfd85bfb61d5e050f890e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A096E53A81068E99D5CAA600D62AE48D28B3F841598DFD85BFB61D5E050F890E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12166
Expires: Thu, 08 Dec 2022 13:51:39 GMT
Date: Thu, 08 Dec 2022 10:28:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
astnoivernan.com/icon?ctx=Cn0j-EJqcz6Az7d0qmrzHKSbT1N8dNcSpX9CQqDJH8ZW8VVGC2S32gfaVnBPVIPhESJzApYKVReo6wOQ8jPwyJ-r5pvn94G8WTuV5GTB6rCt08GfF68O59LwpeG9hI6TRLTkGiIiuhEVWqbqHgsNPFWuKtRIlSS7lRXP50787DSUfrmc_GJHTRrncb_KNgSaMQcecqr6xuDC71Sxmr0K_ZNs7opb9zB2xLSagK-BrNlT0fs9gMwmaecNNnRA7Y5YQAKcNs2G_8W-pi1rjJ4P-S7UU94QSzTs&z=5017729
139.45.195.6301 Moved Permanently 0 B URL HTTP/1.1 astnoivernan.com/icon?ctx=Cn0j-EJqcz6Az7d0qmrzHKSbT1N8dNcSpX9CQqDJH8ZW8VVGC2S32gfaVnBPVIPhESJzApYKVReo6wOQ8jPwyJ-r5pvn94G8WTuV5GTB6rCt08GfF68O59LwpeG9hI6TRLTkGiIiuhEVWqbqHgsNPFWuKtRIlSS7lRXP50787DSUfrmc_GJHTRrncb_KNgSaMQcecqr6xuDC71Sxmr0K_ZNs7opb9zB2xLSagK-BrNlT0fs9gMwmaecNNnRA7Y5YQAKcNs2G_8W-pi1rjJ4P-S7UU94QSzTs&z=5017729
IP 139.45.195.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /icon?ctx=Cn0j-EJqcz6Az7d0qmrzHKSbT1N8dNcSpX9CQqDJH8ZW8VVGC2S32gfaVnBPVIPhESJzApYKVReo6wOQ8jPwyJ-r5pvn94G8WTuV5GTB6rCt08GfF68O59LwpeG9hI6TRLTkGiIiuhEVWqbqHgsNPFWuKtRIlSS7lRXP50787DSUfrmc_GJHTRrncb_KNgSaMQcecqr6xuDC71Sxmr0K_ZNs7opb9zB2xLSagK-BrNlT0fs9gMwmaecNNnRA7Y5YQAKcNs2G_8W-pi1rjJ4P-S7UU94QSzTs&z=5017729 HTTP/1.1
Host: astnoivernan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Length: 0
Connection: keep-alive
Location: https://outsimiseara.com/www/images/3e39fcc3112495d5d04d990718c93fd5.jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e743b5d4ea4016fa6b02d662bda13dc4
a2babd40343c5386c24554d3ff18ec5f5b58d42c
7d7b881d3ec9a57ebf538ede31d6adaa17d7ef7632d9b02226c79b3cceb40a87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7D7B881D3EC9A57EBF538EDE31D6ADAA17D7EF7632D9B02226C79B3CCEB40A87"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6486
Expires: Thu, 08 Dec 2022 12:17:00 GMT
Date: Thu, 08 Dec 2022 10:28:54 GMT
Connection: keep-alive
outsimiseara.com/www/images/3e39fcc3112495d5d04d990718c93fd5.jpeg
104.22.28.221200 OK 16 kB URL HTTP/2 outsimiseara.com/www/images/3e39fcc3112495d5d04d990718c93fd5.jpeg
IP 104.22.28.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 3e39fcc3112495d5d04d990718c93fd5
347de6d2b0a84ef7776f3b380db6409c9f903fef
083a4d69df8aad5c49ddec4496b5fc692387b9b31b72b30224672612ed25cde3
GET /www/images/3e39fcc3112495d5d04d990718c93fd5.jpeg HTTP/1.1
Host: outsimiseara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:54 GMT
content-type: image/jpeg
content-length: 16090
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62977fba-3eda"
expires: Fri, 09 Dec 2022 10:08:27 GMT
last-modified: Wed, 01 Jun 2022 15:03:22 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1227
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7764d11ec9981c0a-OSL
X-Firefox-Spdy: h2
swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fmagic.css&l=45250&fd=353
173.233.137.44200 OK 0 B URL HTTP/1.1 swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fmagic.css&l=45250&fd=353
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fmagic.css&l=45250&fd=353 HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16602886; uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/magic.css
172.64.109.13200 OK 3.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/magic.css
IP 172.64.109.13:0
Hash c68c21b59e15c43bbc084a9663ca4d37
72955b3a4990541b5d303431ae546cfb8d59a268
ca6432e08e4b8ebb3e60dce612b6ed08319e2450d4c605170c022247f69debc0
GET /sb/notifications/rtb/mac/2/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:54 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:30:23 GMT
etag: W/"60a261df-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRBsREJPIg2fpQCawoih29XqZSRTPBEuTCqfZj58A9JoKiOgQ8VC8lTo5RMin5ixJ4JN8KbvXC6Hbye2bAmtA%2BmlxYRK2e8TfrfcymD%2FFv7elglPbwJIlK1chIw9TpA4BFw8uWv8lUTI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7764d11cb83a24d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/js/script.js
172.64.109.13200 OK 680 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/js/script.js
IP 172.64.109.13:0
Hash ef0792cabf94e9c1c4beed4d1d937ddb
eebf9d1660602e611f470bca44913bfa73f41d97
31821b741e5bf30d88eaa9c4b21c2ec41a6b731c078d769287ddc902ad03ffc4
GET /sb/notifications/rtb/mac/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:54 GMT
content-type: application/javascript
last-modified: Mon, 17 May 2021 12:14:43 GMT
etag: W/"60a25e33-175"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uIqAJyrOltP6ad6fsWULi9KtqjtLrP8OTs9NfIg07KayW%2FcuYUVwHMIpk%2FmPEJxmZNDHEpWvLB7lKSoT%2B80NR8W3BlLIZ14E3qOfEHCkghL%2F642vLDCoNKxqtS%2BxCBNRj9lx8PJP%2FsJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7764d11cc83e24d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
swelltomatoesguess.com/impr.gif?sid=H4sIAAAAAAAC%2F3RV3YskVxWvTlYRfFKCEEHoMBIU7Zn66OquSliW%2Fpqe%2Fqjqj6rpmiqFperequrbXV9TH1095Us0oMGHOHkQfLP3zG7W1ZAY8EXwi1kflIVAxgeZgAuCf4AkEPVBkJ7dZI3ggdPnnHvOvef3O7cv9d1b2UOKhsy8HEthQTzP3ON36fJXNBLgME%2FKslpm6F36xbJGglr1xfJ6%2BxOvXmBofpf%2Barlro2W4x9IMTTM0U94nse2E672rLJDoDZHZFendKrvL8FVYx5%2BMk6wEiVkCvHpIfR4IvvjU%2FI9vA0HnEPg%2Fb9vJMg2jr3f8zDPTMIYVvnsYLIMwD8B%2F4jpxCZzg7uNqCJMLivrRUxAGdx8zgHB1e8sALHJBlf7MgBXcfQwTrNWdR0gtD%2BwALPxZyFfnYHvnQMxzQOHLQPC7FADCII8g8F%2BXwzg3Tx5lzW32grr24QdA8gvq2l%2BegcB%2Fs%2BmRdVkJvSwlYZDA2tkAWZ8Dcc8hyu5DWpSA5PcBpd8Bgt%2Bh9j4cQuDfHiVeCARffrlWq5pVB9MVrsaiShVxfEXAmKuYdY5xsIOqNWxfjYiQcyDOOXj2KZhJCbKtkhJkTgmyqAQ%2BviybvOjQdN2xHI4TqgghjkOIF2qYx1xVcGjI0JbDKaTRKSDvFFD8EkTxS7AkpxBnv4NkvoEElyBJKVjhDeQ2BXlCQW5SkBMK8pSCfLW5g72ETTavYy%2FJLOaxZR9bbnMWpu4t806YunZA3YoeUp%2B7Gty%2FtU%2FD0r4sbyHxTg2JHF%2BzuDquMlWL5S2hZjJW3cQsJGQDJHnqimZBLqhnv%2FlLiMgFdW30L7DM%2B5B49wGRp8HMvgRmflZnaTDnZ1WBhiK4Nw%2BPl2QXhT7gcANReg3Sk9It7yH17BUI7pl%2Fgo0e3PjgH%2B9cfuF7XwMUbyCKN7Agv6fA9V45m4Y5dXsa5gn19ihKiU8Kc3uzSmqmNvXTgX2ShzHutZPTew20TWzdN1Q7SYdmgEngJtTPmgRjO94PY2RTv%2B4lmm2Ns2TezOIgi4bj1n7Pj2I7SUgYnINJ3v3GHwCRC%2Bozv1lc%2FWe%2FqMtA4vsQZ%2B89%2FcN5mkbJC3t7ZpIGIVnZcWAGW3J7ZkT2Vsxeklk%2BSW86YezfQOn6eqdPFrSLzL4mzlHXc6SutNaL2UIqGiejtuFJ2pRIi%2F25XEzWhjol8qK%2FGHV7rKFO3IYS9iRVZ6V2rzpq6ycNtTlA615fD%2ForXZsSXeOXXbefWSc9WffXkd1qBsgXGdRqztFJ2BwX%2FYmqiTVTWye6IjDDRcMd7OPI8qcrzEmu6k1cSW1kUjtxZ6yXyYtJvXfgsnI7cVGg1yS1sd0T9TrY09l0NSx6uaQ2trrudYwI%2BTPf4tzVo7qm2W93WF2b5LpvkKHWo6UFSuW27Bkthoy60%2BVQ1Wm5mHCG6jJSoeeyP6Ab%2FpzGB81iRIQV9sVIZ2fFUEs95M8ynT3MdFZMh0XjRO7qVaNrLIbaYS51pVTu9hhdYea6phdDTdrOZy35HV5X0VpaiDWL5T1Tm4g2F60sfxYZB7Sv%2B%2FuZ5c9OrtbZ%2FtzyeQ%2F53tJRDIJ8kUPs7GR8lH7sO4qxQgVTtzhZ7AezwjjqO7om0%2BaREeGDpWhz%2F7vmif3gqp%2BDD7zcUJm67YuZMRNp%2B6jpOYqx0DUm1zUvsHxvOT5KPxE7isFs%2B%2Boa9qxg8tH5c4OdZfiA9q3ufmZws7nBHoo2u55bPma2tdtzLZbPjC0OTcw%2B6q2z4pbvAne9lUX4jzFYnExve2%2BtoxiseSRHuCueHLHecqxM64fMrKUcTkXTPVxLbZeRuZYQC9a0EpmC38RV3ll0g4bZaEz9sIHivKJXm8nkwEb68YgfD8bjSthsuyRpTHsHmPUyoytyaO02BbezL7WquVQE1Qauk7k7ajSOj0Im7w4arsuP1OUjNTqtQRVpLKpzYVHRG27n%2BvPoukXXkYWEqlnjaYHn%2BeeL6zzN1OusCH724MYvir9233zmW0DCc0DRy2%2Ft7LQ7SmvaG6u9kbyz89tmGGSJHZdDt%2BzGZkqSJCJBUJ6v7LiMTfcnOzu91rbwvdLw%2Fz5ygsLg6lm3AnpR6fSPUVFrFHVMH%2FtxcTBQLJWRBSwjJToSW5Pjdv9AMDRhNuu2WIVjXcecBc3xrDeed5R%2B0Yj0wWxqh7V8NBEW4%2FykX4n5aBWI1a6gqdmM76rNWtxKaaHr7NeEES8O88juivNeTZ0O1WWX9Eg278y0Y%2Bv4wE3k8b6WDdJpz1OUujc9GvN0Xai3lUMn9tHNbv9AncYBsm4OZFcxpQmy0XFcW2ftVp1R1n5MD24aclIPI0ssmux6qJjuoNKMZU%2BlnUR0pdw3bSTLwbRR13l90hggOWG7NwWtEhEmXvSr44pSPzwUqxOlUJMnd3NvZ0ftqcPOzs7lc5pZmL5llv%2F%2B41e%2FXd6%2Ff6fshtguLzLPTolnZfg5SKIH1GOBJKQg9p7EVlSCPNucxaz14MYP3v%2Fbq98%2FfggeuaBe2LwFnv3gxvvOlYBpbSCx%2F2vjE%2F9W8gq4cQnM9GUI%2FA2s4g2svA2Y3ikk2dNnaRQ%2FuPEn7krA8kpnlheXblte7L326FOVkMsyz1RtwRLqCGPLRpips5zA0TSLcbUu2owIaXKBXvuV%2FR8AAAD%2F%2FwEAAP%2F%2FRlTBzNsJAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 swelltomatoesguess.com/impr.gif?sid=H4sIAAAAAAAC%2F3RV3YskVxWvTlYRfFKCEEHoMBIU7Zn66OquSliW%2Fpqe%2Fqjqj6rpmiqFperequrbXV9TH1095Us0oMGHOHkQfLP3zG7W1ZAY8EXwi1kflIVAxgeZgAuCf4AkEPVBkJ7dZI3ggdPnnHvOvef3O7cv9d1b2UOKhsy8HEthQTzP3ON36fJXNBLgME%2FKslpm6F36xbJGglr1xfJ6%2BxOvXmBofpf%2Barlro2W4x9IMTTM0U94nse2E672rLJDoDZHZFendKrvL8FVYx5%2BMk6wEiVkCvHpIfR4IvvjU%2FI9vA0HnEPg%2Fb9vJMg2jr3f8zDPTMIYVvnsYLIMwD8B%2F4jpxCZzg7uNqCJMLivrRUxAGdx8zgHB1e8sALHJBlf7MgBXcfQwTrNWdR0gtD%2BwALPxZyFfnYHvnQMxzQOHLQPC7FADCII8g8F%2BXwzg3Tx5lzW32grr24QdA8gvq2l%2BegcB%2Fs%2BmRdVkJvSwlYZDA2tkAWZ8Dcc8hyu5DWpSA5PcBpd8Bgt%2Bh9j4cQuDfHiVeCARffrlWq5pVB9MVrsaiShVxfEXAmKuYdY5xsIOqNWxfjYiQcyDOOXj2KZhJCbKtkhJkTgmyqAQ%2BviybvOjQdN2xHI4TqgghjkOIF2qYx1xVcGjI0JbDKaTRKSDvFFD8EkTxS7AkpxBnv4NkvoEElyBJKVjhDeQ2BXlCQW5SkBMK8pSCfLW5g72ETTavYy%2FJLOaxZR9bbnMWpu4t806YunZA3YoeUp%2B7Gty%2FtU%2FD0r4sbyHxTg2JHF%2BzuDquMlWL5S2hZjJW3cQsJGQDJHnqimZBLqhnv%2FlLiMgFdW30L7DM%2B5B49wGRp8HMvgRmflZnaTDnZ1WBhiK4Nw%2BPl2QXhT7gcANReg3Sk9It7yH17BUI7pl%2Fgo0e3PjgH%2B9cfuF7XwMUbyCKN7Agv6fA9V45m4Y5dXsa5gn19ihKiU8Kc3uzSmqmNvXTgX2ShzHutZPTew20TWzdN1Q7SYdmgEngJtTPmgRjO94PY2RTv%2B4lmm2Ns2TezOIgi4bj1n7Pj2I7SUgYnINJ3v3GHwCRC%2Bozv1lc%2FWe%2FqMtA4vsQZ%2B89%2FcN5mkbJC3t7ZpIGIVnZcWAGW3J7ZkT2Vsxeklk%2BSW86YezfQOn6eqdPFrSLzL4mzlHXc6SutNaL2UIqGiejtuFJ2pRIi%2F25XEzWhjol8qK%2FGHV7rKFO3IYS9iRVZ6V2rzpq6ycNtTlA615fD%2ForXZsSXeOXXbefWSc9WffXkd1qBsgXGdRqztFJ2BwX%2FYmqiTVTWye6IjDDRcMd7OPI8qcrzEmu6k1cSW1kUjtxZ6yXyYtJvXfgsnI7cVGg1yS1sd0T9TrY09l0NSx6uaQ2trrudYwI%2BTPf4tzVo7qm2W93WF2b5LpvkKHWo6UFSuW27Bkthoy60%2BVQ1Wm5mHCG6jJSoeeyP6Ab%2FpzGB81iRIQV9sVIZ2fFUEs95M8ynT3MdFZMh0XjRO7qVaNrLIbaYS51pVTu9hhdYea6phdDTdrOZy35HV5X0VpaiDWL5T1Tm4g2F60sfxYZB7Sv%2B%2FuZ5c9OrtbZ%2FtzyeQ%2F53tJRDIJ8kUPs7GR8lH7sO4qxQgVTtzhZ7AezwjjqO7om0%2BaREeGDpWhz%2F7vmif3gqp%2BDD7zcUJm67YuZMRNp%2B6jpOYqx0DUm1zUvsHxvOT5KPxE7isFs%2B%2Boa9qxg8tH5c4OdZfiA9q3ufmZws7nBHoo2u55bPma2tdtzLZbPjC0OTcw%2B6q2z4pbvAne9lUX4jzFYnExve2%2BtoxiseSRHuCueHLHecqxM64fMrKUcTkXTPVxLbZeRuZYQC9a0EpmC38RV3ll0g4bZaEz9sIHivKJXm8nkwEb68YgfD8bjSthsuyRpTHsHmPUyoytyaO02BbezL7WquVQE1Qauk7k7ajSOj0Im7w4arsuP1OUjNTqtQRVpLKpzYVHRG27n%2BvPoukXXkYWEqlnjaYHn%2BeeL6zzN1OusCH724MYvir9233zmW0DCc0DRy2%2Ft7LQ7SmvaG6u9kbyz89tmGGSJHZdDt%2BzGZkqSJCJBUJ6v7LiMTfcnOzu91rbwvdLw%2Fz5ygsLg6lm3AnpR6fSPUVFrFHVMH%2FtxcTBQLJWRBSwjJToSW5Pjdv9AMDRhNuu2WIVjXcecBc3xrDeed5R%2B0Yj0wWxqh7V8NBEW4%2FykX4n5aBWI1a6gqdmM76rNWtxKaaHr7NeEES8O88juivNeTZ0O1WWX9Eg278y0Y%2Bv4wE3k8b6WDdJpz1OUujc9GvN0Xai3lUMn9tHNbv9AncYBsm4OZFcxpQmy0XFcW2ftVp1R1n5MD24aclIPI0ssmux6qJjuoNKMZU%2BlnUR0pdw3bSTLwbRR13l90hggOWG7NwWtEhEmXvSr44pSPzwUqxOlUJMnd3NvZ0ftqcPOzs7lc5pZmL5llv%2F%2B41e%2FXd6%2Ff6fshtguLzLPTolnZfg5SKIH1GOBJKQg9p7EVlSCPNucxaz14MYP3v%2Fbq98%2FfggeuaBe2LwFnv3gxvvOlYBpbSCx%2F2vjE%2F9W8gq4cQnM9GUI%2FA2s4g2svA2Y3ikk2dNnaRQ%2FuPEn7krA8kpnlheXblte7L326FOVkMsyz1RtwRLqCGPLRpips5zA0TSLcbUu2owIaXKBXvuV%2FR8AAAD%2F%2FwEAAP%2F%2FRlTBzNsJAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F3RV3YskVxWvTlYRfFKCEEHoMBIU7Zn66OquSliW%2Fpqe%2Fqjqj6rpmiqFperequrbXV9TH1095Us0oMGHOHkQfLP3zG7W1ZAY8EXwi1kflIVAxgeZgAuCf4AkEPVBkJ7dZI3ggdPnnHvOvef3O7cv9d1b2UOKhsy8HEthQTzP3ON36fJXNBLgME%2FKslpm6F36xbJGglr1xfJ6%2BxOvXmBofpf%2Barlro2W4x9IMTTM0U94nse2E672rLJDoDZHZFendKrvL8FVYx5%2BMk6wEiVkCvHpIfR4IvvjU%2FI9vA0HnEPg%2Fb9vJMg2jr3f8zDPTMIYVvnsYLIMwD8B%2F4jpxCZzg7uNqCJMLivrRUxAGdx8zgHB1e8sALHJBlf7MgBXcfQwTrNWdR0gtD%2BwALPxZyFfnYHvnQMxzQOHLQPC7FADCII8g8F%2BXwzg3Tx5lzW32grr24QdA8gvq2l%2BegcB%2Fs%2BmRdVkJvSwlYZDA2tkAWZ8Dcc8hyu5DWpSA5PcBpd8Bgt%2Bh9j4cQuDfHiVeCARffrlWq5pVB9MVrsaiShVxfEXAmKuYdY5xsIOqNWxfjYiQcyDOOXj2KZhJCbKtkhJkTgmyqAQ%2BviybvOjQdN2xHI4TqgghjkOIF2qYx1xVcGjI0JbDKaTRKSDvFFD8EkTxS7AkpxBnv4NkvoEElyBJKVjhDeQ2BXlCQW5SkBMK8pSCfLW5g72ETTavYy%2FJLOaxZR9bbnMWpu4t806YunZA3YoeUp%2B7Gty%2FtU%2FD0r4sbyHxTg2JHF%2BzuDquMlWL5S2hZjJW3cQsJGQDJHnqimZBLqhnv%2FlLiMgFdW30L7DM%2B5B49wGRp8HMvgRmflZnaTDnZ1WBhiK4Nw%2BPl2QXhT7gcANReg3Sk9It7yH17BUI7pl%2Fgo0e3PjgH%2B9cfuF7XwMUbyCKN7Agv6fA9V45m4Y5dXsa5gn19ihKiU8Kc3uzSmqmNvXTgX2ShzHutZPTew20TWzdN1Q7SYdmgEngJtTPmgRjO94PY2RTv%2B4lmm2Ns2TezOIgi4bj1n7Pj2I7SUgYnINJ3v3GHwCRC%2Bozv1lc%2FWe%2FqMtA4vsQZ%2B89%2FcN5mkbJC3t7ZpIGIVnZcWAGW3J7ZkT2Vsxeklk%2BSW86YezfQOn6eqdPFrSLzL4mzlHXc6SutNaL2UIqGiejtuFJ2pRIi%2F25XEzWhjol8qK%2FGHV7rKFO3IYS9iRVZ6V2rzpq6ycNtTlA615fD%2ForXZsSXeOXXbefWSc9WffXkd1qBsgXGdRqztFJ2BwX%2FYmqiTVTWye6IjDDRcMd7OPI8qcrzEmu6k1cSW1kUjtxZ6yXyYtJvXfgsnI7cVGg1yS1sd0T9TrY09l0NSx6uaQ2trrudYwI%2BTPf4tzVo7qm2W93WF2b5LpvkKHWo6UFSuW27Bkthoy60%2BVQ1Wm5mHCG6jJSoeeyP6Ab%2FpzGB81iRIQV9sVIZ2fFUEs95M8ynT3MdFZMh0XjRO7qVaNrLIbaYS51pVTu9hhdYea6phdDTdrOZy35HV5X0VpaiDWL5T1Tm4g2F60sfxYZB7Sv%2B%2FuZ5c9OrtbZ%2FtzyeQ%2F53tJRDIJ8kUPs7GR8lH7sO4qxQgVTtzhZ7AezwjjqO7om0%2BaREeGDpWhz%2F7vmif3gqp%2BDD7zcUJm67YuZMRNp%2B6jpOYqx0DUm1zUvsHxvOT5KPxE7isFs%2B%2Boa9qxg8tH5c4OdZfiA9q3ufmZws7nBHoo2u55bPma2tdtzLZbPjC0OTcw%2B6q2z4pbvAne9lUX4jzFYnExve2%2BtoxiseSRHuCueHLHecqxM64fMrKUcTkXTPVxLbZeRuZYQC9a0EpmC38RV3ll0g4bZaEz9sIHivKJXm8nkwEb68YgfD8bjSthsuyRpTHsHmPUyoytyaO02BbezL7WquVQE1Qauk7k7ajSOj0Im7w4arsuP1OUjNTqtQRVpLKpzYVHRG27n%2BvPoukXXkYWEqlnjaYHn%2BeeL6zzN1OusCH724MYvir9233zmW0DCc0DRy2%2Ft7LQ7SmvaG6u9kbyz89tmGGSJHZdDt%2BzGZkqSJCJBUJ6v7LiMTfcnOzu91rbwvdLw%2Fz5ygsLg6lm3AnpR6fSPUVFrFHVMH%2FtxcTBQLJWRBSwjJToSW5Pjdv9AMDRhNuu2WIVjXcecBc3xrDeed5R%2B0Yj0wWxqh7V8NBEW4%2FykX4n5aBWI1a6gqdmM76rNWtxKaaHr7NeEES8O88juivNeTZ0O1WWX9Eg278y0Y%2Bv4wE3k8b6WDdJpz1OUujc9GvN0Xai3lUMn9tHNbv9AncYBsm4OZFcxpQmy0XFcW2ftVp1R1n5MD24aclIPI0ssmux6qJjuoNKMZU%2BlnUR0pdw3bSTLwbRR13l90hggOWG7NwWtEhEmXvSr44pSPzwUqxOlUJMnd3NvZ0ftqcPOzs7lc5pZmL5llv%2F%2B41e%2FXd6%2Ff6fshtguLzLPTolnZfg5SKIH1GOBJKQg9p7EVlSCPNucxaz14MYP3v%2Fbq98%2FfggeuaBe2LwFnv3gxvvOlYBpbSCx%2F2vjE%2F9W8gq4cQnM9GUI%2FA2s4g2svA2Y3ikk2dNnaRQ%2FuPEn7krA8kpnlheXblte7L326FOVkMsyz1RtwRLqCGPLRpips5zA0TSLcbUu2owIaXKBXvuV%2FR8AAAD%2F%2FwEAAP%2F%2FRlTBzNsJAAA%3D HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16602886; uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 56e3b3546fcf81fdb956701132f6e1df
Strict-Transport-Security: max-age=0; includeSubdomains
swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fjs%2Fscript.js&l=373&fd=362
173.233.137.44200 OK 0 B URL HTTP/1.1 swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fjs%2Fscript.js&l=373&fd=362
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fjs%2Fscript.js&l=373&fd=362 HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16602886; uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fstyle.css&l=4309&fd=376
173.233.137.44200 OK 0 B URL HTTP/1.1 swelltomatoesguess.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fstyle.css&l=4309&fd=376
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fstyle.css&l=4309&fd=376 HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16602886; uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
swelltomatoesguess.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL HTTP/1.1 swelltomatoesguess.com/pixel/sbs?c=1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: swelltomatoesguess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Cookie: u_pl=16602886; uid_id2=664a4fd0-362c-4c35-8dd3-a731fdfc46de:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c5b1863f3398a225956dd4ec72072f02
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cc585f6c9356b37d414b25b86a1b7ad2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cc585f6c9356b37d414b25b86a1b7ad2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=664a4fd0-362c-4c35-8dd3-a731fdfc46de&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cc585f6c9356b37d414b25b86a1b7ad2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 10:28:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6e5214a494d17b1c531b4d6bb4760fbd
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/style.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/style.css
IP 172.64.109.13:0
GET /sb/notifications/rtb/mac/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lafondhernight.blogspot.com
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:54 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:30:23 GMT
etag: W/"60a261df-10d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmkyV69%2FXZ2%2FA3FwNU%2BRS1lJMVYz6l50NDfOVGFg2u8IEl%2BW8EM4RiqzHpRuYjxqHc7nWj%2FD8TeoKJT7GonJ872eZ7NqYmk4PFvjnPM5plJ5sjqMrsxXvOUQxOxJtYRIId0b7epwTCHf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7764d11cc83c24d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.162.31200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.162.31:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lafondhernight.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 10:28:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a3fbc6db00a179c5a79127a7d499713d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 08 Dec 2022 10:28:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lpyY7mhiyOhNqbyHsIOY%2BpU4ONCPsdqoJ2ebFlKPZ4phWsp3fPIPoRiC8qQGmme0cOoZQ9iPH4ZGmHF4ZZHsmUwTOgQPtELtLvrQ9wLMegDlUU8Akk3%2F1jwROAOrbow8UxUrqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7764d1145bf9886e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 10:28:53 GMT
date: Thu, 08 Dec 2022 10:28:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2