firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 12:04:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UOjdkGEYenbfM_g3fb_XjKt3Rp7u2_L6lyqklDWsLM8Dzda7OQFJ7w==
Age: 2644
rendathi.blogspot.com/2020/03/rife-frequencies-for-anxiety-balance.html
301 Moved Permanently 214 B URL HTTP/1.1 rendathi.blogspot.com/2020/03/rife-frequencies-for-anxiety-balance.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 55b39294f3ee5037a04910d1cda6d6e8
aa5f53276fe3cdfe7461bc287fad847d1dc70da8
14de08aa12c8016a19318b5409021725b30f6068be152b31d05e9752a9734dc3
GET /2020/03/rife-frequencies-for-anxiety-balance.html HTTP/1.1
Host: rendathi.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://rendathi.blogspot.com/2020/03/rife-frequencies-for-anxiety-balance.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 06 Sep 2022 12:48:22 GMT
Expires: Tue, 06 Sep 2022 12:48:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 214
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8413
Expires: Tue, 06 Sep 2022 15:08:35 GMT
Date: Tue, 06 Sep 2022 12:48:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PnVKL3ysQZRMk7c062_0a_U-n3IQPxrlrsFe9qE38jltS6twDLdtOg==
age: 41585
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26a226e2c830f14d63ff67ae31bf3941
5a2a66ceb34b268b05a179efb83e7fca1f66cd87
310e74bc561522c095175d38029c7103cbeb14ab82641293f0844f42061627aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:48:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 12:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DxfdOuvfQoCljDbj0YgAwxjgRG6oTcq9dptLzSuKH5vSsbZi6Fw1pQ==
Age: 604
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26a226e2c830f14d63ff67ae31bf3941
5a2a66ceb34b268b05a179efb83e7fca1f66cd87
310e74bc561522c095175d38029c7103cbeb14ab82641293f0844f42061627aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rendathi.blogspot.com/2020/03/rife-frequencies-for-anxiety-balance.html
200 OK 28 kB URL HTTP/2 rendathi.blogspot.com/2020/03/rife-frequencies-for-anxiety-balance.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967), with CR, LF line terminators
Hash b7727e3f2c8d50c279de105535876e4d
22a7acba3748c436bf97b130a5d24e6658fd17ea
3207bf316235ac66f94e96c729c32e8a04a76ecce2366932661b7f1ee16098e0
GET /2020/03/rife-frequencies-for-anxiety-balance.html HTTP/1.1
Host: rendathi.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 06 Sep 2022 12:48:22 GMT
date: Tue, 06 Sep 2022 12:48:22 GMT
cache-control: private, max-age=0
last-modified: Wed, 09 Mar 2022 10:35:10 GMT
etag: W/"4b4d4e4d596b9ea42cc75b2907ce8d7ba9b0f0b7f544aaf16fac726fe1728675"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28257
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 982044cca5f664004f3f5acc3f7e4df9
980ca862cb773284f743959ed25b192d79aa7451
729a17e21e378f4e2ef50157a360eb70b82cc9270c46c9868b3469ed2fae2420
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5996
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Last-Modified: Tue, 06 Sep 2022 11:08:27 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3e2b5d37d32b608d58c035384ea63143
247a80f403b70128a3fe4821d76292492e5544af
61a1fdefc7b2ed28dabb47d968c2d90ce35ffbb2d6daf5bd6bf6566651cd34d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 14:54:37 GMT
expires: Sat, 02 Sep 2023 14:54:37 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 09:50:05 GMT
content-type: text/javascript
age: 338026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash fd1853969e386a137244e5e20b3c51f7
7c9eff3d06da34ad01edc7d32c01b6fb840acbaa
382d12c1af7c8d663e1dd7780b7cacbe6a4f0bf1d230cf622c63269ca139d07d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash fd1853969e386a137244e5e20b3c51f7
7c9eff3d06da34ad01edc7d32c01b6fb840acbaa
382d12c1af7c8d663e1dd7780b7cacbe6a4f0bf1d230cf622c63269ca139d07d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash fd1853969e386a137244e5e20b3c51f7
7c9eff3d06da34ad01edc7d32c01b6fb840acbaa
382d12c1af7c8d663e1dd7780b7cacbe6a4f0bf1d230cf622c63269ca139d07d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/7nwfBRYxXJk/maxresdefault.jpg
200 OK 173 kB URL HTTP/2 i.ytimg.com/vi/7nwfBRYxXJk/maxresdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 173 kB (173270 bytes)
Hash 37cfc94349a5dcd84cf1bc531fe7c206
91299e56594b3fd8c9830181bfc49cccee75912c
8e9db0bb336c0f59e7d6309e2f0d87751b8bdd2a172ba185fe9fb1659090f775
GET /vi/7nwfBRYxXJk/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 173270
date: Tue, 06 Sep 2022 12:48:23 GMT
expires: Tue, 06 Sep 2022 14:48:23 GMT
cache-control: public, max-age=7200
etag: "1583001634"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 64 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash e8fe81cc38ad17f1f82537a2e5e452be
a28047d419ddd3c9698972661de61229f204e83b
c83567d7d09d360154961009a711724de63b42491bb6b2623ffd0150264dd432
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 7915257
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74675190ac160b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 19:50:06 GMT
expires: Mon, 04 Sep 2023 19:50:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 147497
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ccc4fa4f7710c25311b3e8221a62560
d2159746ef08cd3ee3c35d4b4613a592f80ccfed
148688576cbf8b818e40e016478a6ee4d929358742304efbd8c6df09df9b5d7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0CSU1nXb0e2W_s-eew1vKuyrvKfY_TrWu-lM54hk3HKl_drts3pikqeM_EN6E31Y6Q5jg3C1eGXqyKojP4ZnHhrah8oB3MHv5NBMVvs1Wmbk-V9Q=w680
404 Not Found 1.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0CSU1nXb0e2W_s-eew1vKuyrvKfY_TrWu-lM54hk3HKl_drts3pikqeM_EN6E31Y6Q5jg3C1eGXqyKojP4ZnHhrah8oB3MHv5NBMVvs1Wmbk-V9Q=w680
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 902441a36f5539f221fa67192bd31dc6
b9a8e013807425466c410e0f5131dea355764dc2
b0b3f5debe54f5bc46019bd0af832290d9492cd405e9c84a136bfcb6d2e7ceac
GET /blogger_img_proxy/ANbyha0CSU1nXb0e2W_s-eew1vKuyrvKfY_TrWu-lM54hk3HKl_drts3pikqeM_EN6E31Y6Q5jg3C1eGXqyKojP4ZnHhrah8oB3MHv5NBMVvs1Wmbk-V9Q=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/jpeg
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 12:48:23 GMT
server: fife
content-length: 1137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1kS2im399DFaDwuF1GdRigcPKkrOBo4TYj8m5fJLJJJLurEKz8rSKufdmZ_uGGJGgf79HEcMGBpfYP1Gscwt_Sm-Dhb0q-rbnqf9rz0A39QMiQ2A=w680
200 OK 20 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1kS2im399DFaDwuF1GdRigcPKkrOBo4TYj8m5fJLJJJLurEKz8rSKufdmZ_uGGJGgf79HEcMGBpfYP1Gscwt_Sm-Dhb0q-rbnqf9rz0A39QMiQ2A=w680
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 3bd5a23b5b512c025b8838232f5d8d57
54ff23116298b79567cab4b042bb793fbe5e6c66
a2a74a45aabbabbd51dfa1acecb26b294d8d5b387f67691f8b8667ee695d52d3
GET /blogger_img_proxy/ANbyha1kS2im399DFaDwuF1GdRigcPKkrOBo4TYj8m5fJLJJJLurEKz8rSKufdmZ_uGGJGgf79HEcMGBpfYP1Gscwt_Sm-Dhb0q-rbnqf9rz0A39QMiQ2A=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Sep 2022 12:48:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 12:48:23 GMT
server: fife
content-length: 19818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
responsivethemesstatic.github.io/static/mob.js
200 OK 596 B URL HTTP/2 responsivethemesstatic.github.io/static/mob.js
IP
Hash 69cf368a0bb3d826fea80f0c6adcc71a
460b2440d92c313d20294744d7957bff166edeaf
4077436c8bc08eeaa305e0009aa33f0c16f4eb96eab586f470d0d8d23901b3e5
GET /static/mob.js HTTP/1.1
Host: responsivethemesstatic.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Thu, 02 Jun 2022 15:48:36 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"6298dbd4-937"
expires: Tue, 06 Sep 2022 11:54:04 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C514:37C2:CD7C2D:181095A:63173284
accept-ranges: bytes
date: Tue, 06 Sep 2022 12:48:23 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662468503.342031,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 26cd1244a24843baab027e0a7c2b4c372018b236
content-length: 596
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:03:13 GMT
expires: Tue, 05 Sep 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 56710
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3e2b5d37d32b608d58c035384ea63143
247a80f403b70128a3fe4821d76292492e5544af
61a1fdefc7b2ed28dabb47d968c2d90ce35ffbb2d6daf5bd6bf6566651cd34d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 982044cca5f664004f3f5acc3f7e4df9
980ca862cb773284f743959ed25b192d79aa7451
729a17e21e378f4e2ef50157a360eb70b82cc9270c46c9868b3469ed2fae2420
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Lqg_5xn5wl-xMtJe37Qu140NY5N68rBt04X00TIgtHodcL2ISEMuWytTpX182gtVxKK8zjzmDCIGMeayBrsYE-rdDaqCMJP5zrTrLaEt1jXpCLw=w680
200 OK 25 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Lqg_5xn5wl-xMtJe37Qu140NY5N68rBt04X00TIgtHodcL2ISEMuWytTpX182gtVxKK8zjzmDCIGMeayBrsYE-rdDaqCMJP5zrTrLaEt1jXpCLw=w680
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash e2f34e4e88ffc20b62004b6edc26d0ac
557c6665649710e501363a5289f6e1e6542bc524
acebc94d6c1b84cc9ab5755b5c644cc2ec3b216ae1a3d53280e7949438d863f7
GET /blogger_img_proxy/ANbyha0Lqg_5xn5wl-xMtJe37Qu140NY5N68rBt04X00TIgtHodcL2ISEMuWytTpX182gtVxKK8zjzmDCIGMeayBrsYE-rdDaqCMJP5zrTrLaEt1jXpCLw=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Sep 2022 12:48:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 12:48:23 GMT
server: fife
content-length: 24847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:03:14 GMT
expires: Tue, 05 Sep 2023 21:03:14 GMT
cache-control: public, max-age=31536000
age: 56709
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2vn3rjHDwWCn-ss-af8kaKO7UWJFZ5YEi5ttiNhIiNx-HtR_3kR7tKem6WayyAWroNCIt7_SlAk37ehGDoiDwU8IvqWbiQAFT2BvTSHXubBWvo7g=w680
404 Not Found 1.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2vn3rjHDwWCn-ss-af8kaKO7UWJFZ5YEi5ttiNhIiNx-HtR_3kR7tKem6WayyAWroNCIt7_SlAk37ehGDoiDwU8IvqWbiQAFT2BvTSHXubBWvo7g=w680
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 902441a36f5539f221fa67192bd31dc6
b9a8e013807425466c410e0f5131dea355764dc2
b0b3f5debe54f5bc46019bd0af832290d9492cd405e9c84a136bfcb6d2e7ceac
GET /blogger_img_proxy/ANbyha2vn3rjHDwWCn-ss-af8kaKO7UWJFZ5YEi5ttiNhIiNx-HtR_3kR7tKem6WayyAWroNCIt7_SlAk37ehGDoiDwU8IvqWbiQAFT2BvTSHXubBWvo7g=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/jpeg
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 12:48:23 GMT
server: fife
content-length: 1137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11652, version 1.0\012- data
Hash d1b0aea75c4773f68be694232b84ec08
e7ff8ee25eb37275a0c1d9add046297674ce9f84
420f8e3b772990108a7a5e260b53420123a1bd22a82848984595452c9355ab1f
GET /s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:06:04 GMT
expires: Tue, 05 Sep 2023 21:06:04 GMT
cache-control: public, max-age=31536000
age: 56539
last-modified: Mon, 09 May 2022 18:27:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0XZL9RcPbOSToOZeCTkjJ3QaNfaQWqtqFbosXsu4cW67CLVgBgRubxyqwNueoM_rzneClhtjry-EYhfKo59wW3UOvZYRFdXPht8Xj4zdYPQ4oL=w680
200 OK 51 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0XZL9RcPbOSToOZeCTkjJ3QaNfaQWqtqFbosXsu4cW67CLVgBgRubxyqwNueoM_rzneClhtjry-EYhfKo59wW3UOvZYRFdXPht8Xj4zdYPQ4oL=w680
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash eaac31278279e0fa16241539c4c5a3d7
cb8a7b703e337631e3f0c2b7f12d18210b5a2744
d23ff3c8d4bd6de9adc0ab2e9411b35847916dec69d4a119d05cb0fe80fa8cc9
GET /blogger_img_proxy/ANbyha0XZL9RcPbOSToOZeCTkjJ3QaNfaQWqtqFbosXsu4cW67CLVgBgRubxyqwNueoM_rzneClhtjry-EYhfKo59wW3UOvZYRFdXPht8Xj4zdYPQ4oL=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Sep 2022 12:48:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 12:48:23 GMT
server: fife
content-length: 50954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0XvYjlhaxkPmCc-YWHqezs2JfVYZpvmQHSSfC4q_bnt3rTRWW1V1DHwfFTmmIuW4ID8MW6Tzx7fazRmQOsm7fOV2wuCPM3ROeThFZDTK4waU0-=w680
200 OK 22 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0XvYjlhaxkPmCc-YWHqezs2JfVYZpvmQHSSfC4q_bnt3rTRWW1V1DHwfFTmmIuW4ID8MW6Tzx7fazRmQOsm7fOV2wuCPM3ROeThFZDTK4waU0-=w680
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 366fe37eaff4360f9fadd74887b03280
88424f706159cc374af40082f343113bfd42ea55
7c4281a04ec953bb30ac375ef310a925d9ec27374a67d0f17c7f80f1a3475ac8
GET /blogger_img_proxy/ANbyha0XvYjlhaxkPmCc-YWHqezs2JfVYZpvmQHSSfC4q_bnt3rTRWW1V1DHwfFTmmIuW4ID8MW6Tzx7fazRmQOsm7fOV2wuCPM3ROeThFZDTK4waU0-=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Sep 2022 12:48:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 12:48:23 GMT
server: fife
content-length: 21623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash fd1853969e386a137244e5e20b3c51f7
7c9eff3d06da34ad01edc7d32c01b6fb840acbaa
382d12c1af7c8d663e1dd7780b7cacbe6a4f0bf1d230cf622c63269ca139d07d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0de32go8KlZuZNFf2oQQdQdQ2iTbn5vs6DKjVVSDrg5wbkQSF_gG7ARi9OFPncXvHy3wDjiWeoU25YUbs2shevUYTWiml4xW4K6q0hA0hEBD92wg=w680
200 OK 36 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0de32go8KlZuZNFf2oQQdQdQ2iTbn5vs6DKjVVSDrg5wbkQSF_gG7ARi9OFPncXvHy3wDjiWeoU25YUbs2shevUYTWiml4xW4K6q0hA0hEBD92wg=w680
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 1704f14284c670eb82b2a6da797866ec
66f31b2df53cc51afc87f02eccef6c5db247748e
a33b7b4289f2f484dd2814f1ff358e0647655aea9c1b0b205c7e036f3c29ecf9
GET /blogger_img_proxy/ANbyha0de32go8KlZuZNFf2oQQdQdQ2iTbn5vs6DKjVVSDrg5wbkQSF_gG7ARi9OFPncXvHy3wDjiWeoU25YUbs2shevUYTWiml4xW4K6q0hA0hEBD92wg=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Sep 2022 12:48:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 12:48:23 GMT
server: fife
content-length: 35581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oYxctEgoS19/FITmlvoPfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fb1Zxa7LlyaxlRJwNh4HFO16ztI=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ccc4fa4f7710c25311b3e8221a62560
d2159746ef08cd3ee3c35d4b4613a592f80ccfed
148688576cbf8b818e40e016478a6ee4d929358742304efbd8c6df09df9b5d7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c16db54a/www-player.css
200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/c16db54a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7nwfBRYxXJk
Cookie: YSC=2OIB1Kj1SNk; VISITOR_INFO1_LIVE=Fp7hBSGOdAY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:42:16 GMT
expires: Sat, 02 Sep 2023 20:42:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/css
age: 317167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (592)
Hash 26b6e79984361d593bcf000927f559db
36dc3faef99c68636ed7d8a2d46783ccfc3be7ff
2795564d0f494ec4aed32d6708062dd699c22324d3df26588d5e2e2c2a956b36
GET /s/player/c16db54a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7nwfBRYxXJk
Cookie: YSC=2OIB1Kj1SNk; VISITOR_INFO1_LIVE=Fp7hBSGOdAY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:42:16 GMT
expires: Sat, 02 Sep 2023 20:42:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 317167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 260185
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=3745257530063993900&zx=e3be93c2-1983-4743-8ac9-45e07c90ae39
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=3745257530063993900&zx=e3be93c2-1983-4743-8ac9-45e07c90ae39
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=3745257530063993900&zx=e3be93c2-1983-4743-8ac9-45e07c90ae39 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 12:48:23 GMT
last-modified: Tue, 06 Sep 2022 12:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d3082e317f9caa7307fb2fac7f93582
f32c2dbfd00113ebf587dbd079ed9b21678fe691
be91be5336dbe6b288aca9d60a38fd389f10ee496a0c8d1f3d66fc6dad873c43
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE91BE5336DBE6B288ACA9D60A38FD389F10EE496A0C8D1F3D66FC6DAD873C43"
Last-Modified: Mon, 05 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10388
Expires: Tue, 06 Sep 2022 15:41:32 GMT
Date: Tue, 06 Sep 2022 12:48:24 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3df811ac19fde08f49ef246c29cef161
e1c8d54b357adaf32e80427028cc884fa35959e0
e2749178e0bf0c4045a96388a58029ddd92d13a866021737864cd68e11317292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 666 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 0984d8a94b6794a967f603f80d187661
b283e98217ca3fd6be6b84f02dd7a5605e5f31f3
1fb88b9852c7a7aa0fd24f2be9441adf1b9c04343af703fb556eeef7ad3edf88
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 12:48:24 GMT
date: Tue, 06 Sep 2022 12:48:24 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 666
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 06 Sep 2022 12:48:24 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+089; expires=Thu, 05-Sep-2024 12:48:24 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Sep 2022 12:48:24 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl15563170.trustedcpmrevenue.com/35/da/1e/35da1e3af13599295821b2545bdc31fc.js
200 OK 13 kB URL HTTP/1.1 pl15563170.trustedcpmrevenue.com/35/da/1e/35da1e3af13599295821b2545bdc31fc.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37112), with no line terminators
Hash ad4f0b17b2c39e605cc21a237896bf62
2e6d3773fe3c4edf307e714738943f5ea993e9e3
849995e728c6b30d637b78f754f04ee816ac1e6e7c4c344132dc6aa4fee07942
GET /35/da/1e/35da1e3af13599295821b2545bdc31fc.js HTTP/1.1
Host: pl15563170.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 06 Sep 2022 12:48:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97798eb94d9e7ded5f1beee6caa81fa4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 12:44:23 GMT
expires: Tue, 06 Sep 2022 12:59:23 GMT
cache-control: public, max-age=900
age: 241
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 06 Sep 2022 12:48:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 12:48:24 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7c15aaf9c736453f18ac0b48241edfec
64882e0185434278fff4122edca9db6e9d6f0a6d
44d6ce5abab83eee7f1738cfe79781d4dedac1315c636ea4ada3d6874b257cd6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 12:48:24 GMT
Last-Modified: Tue, 06 Sep 2022 11:39:51 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b__FzM9ep0j1UJWzyfoYEFBDwCtC_mHR6P54_dF6tAbR-ldgJPbe2g==
Age: 4113
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 63238582e2309e8f11271dbad591fc96
d18eb3e9215b8139f6f2b27479565406ece951c4
a9db93521a1d23c9dab62c5ae0bbe77b3e975daf8b9d7111605b2fdf6ac71350
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 12:48:24 GMT
server: ESF
cache-control: private
content-length: 30650
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash e213ced90bd10fda8a999cb61d0f4b0e
7c325613d2faad44fc6833dcf0bb7dfba631abb3
9db4f4ea9d00df8951307cbc80f4d72801423a2f71ed3179acdd2ca3259661f4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://rendathi.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; expires=Fri, 03 Sep 2032 12:48:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 092ab48a58576cf5228f75ca8e05deaf
2e79d46dc0bc28519be8133b7c56eef7486fe40d
0d6abd69dcba207deff031972ab6d68e283a4e6f702689bbe7a529f0bb9d1552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_qkIRRrNwwKVu39Ho9Js0xUhLZGGVAjPQR8x3k=s68-c-k-c0x00ffffff-no-rj
200 OK 2.8 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_qkIRRrNwwKVu39Ho9Js0xUhLZGGVAjPQR8x3k=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 00ee08d80d28e857061363221693437e
3060d5a3a9b1947d7f0132f2420c24e6d473d5b7
d2de8882934dda4f6cc3d2bf953fd212f7a3b7bb24d98e280e7b9318b5dec694
GET /ytc/AMLnZu_qkIRRrNwwKVu39Ho9Js0xUhLZGGVAjPQR8x3k=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2830
x-xss-protection: 0
date: Tue, 06 Sep 2022 12:48:24 GMT
expires: Fri, 29 Jul 2022 14:53:29 GMT
cache-control: public, max-age=86400, no-transform
etag: "v20"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4042
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Last-Modified: Tue, 06 Sep 2022 11:41:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1961)
Hash dd9bfcfad1522af993d6bdd052c2940c
922b3887058a6a049b7a9580e2c6fe0deddbf083
52057e13179344ad69c9b27b2c4c9cdc3cf9123b56640cc0fc003227a27db91f
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4ded0c45ac058bed63fe9b0ba21a2b26
etag: "f235ca93a6b5b19e6a004fab9e00f271"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Sep 2022 13:00:46 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 3Zv8+tFSKvmT1r3QUsKUDA==
x-fb-debug: zZCbpMTv9mQd2idALpZ4wlahl5xscO2BIIU/SbrcaHIA68VXoULyF/kuvcdAiF2iS9B9KmqWHY4+cf0D6IiCrg==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Tue, 06 Sep 2022 12:48:24 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd189bdf5fc0703efed76f9898c4d651
28274e250ddf9f5a3df1601c0d29d1d325f18179
f7ac147429d0add821c08b789926e138e3669e2025b24d4a9613104cccb7c056
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7AC147429D0ADD821C08B789926E138E3669E2025B24D4A9613104CCCB7C056"
Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8398
Expires: Tue, 06 Sep 2022 15:08:22 GMT
Date: Tue, 06 Sep 2022 12:48:24 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4042
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Last-Modified: Tue, 06 Sep 2022 11:41:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 092ab48a58576cf5228f75ca8e05deaf
2e79d46dc0bc28519be8133b7c56eef7486fe40d
0d6abd69dcba207deff031972ab6d68e283a4e6f702689bbe7a529f0bb9d1552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:48:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:45:15 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 89524712
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:48:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:48:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:48:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8625
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:48:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 29842
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 67328
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fe4a321dcd6a94a637a528d74f9321a
3f3aad2cc71226b39549db1a9baa6837d4f1d897
a19b6749429e8ecaeac8fc0849abc4d891bfc628489762b1619a3ee3064536e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12573
x-amzn-requestid: 93ac3b01-e2e3-462b-93d4-8f1bf949a015
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5E5JIAMFTJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-7fa8ddcb4b17c5ff1c214b94;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qU3s1u1OYmhFyNM8dgd4R3mLfgN3VXlj7z0WGWFhmW-U00wuUld96w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:23 GMT
age: 54181
etag: "3f3aad2cc71226b39549db1a9baa6837d4f1d897"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 53304
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 15198
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 54231
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4206161&@f16&@g1&@h1&@i1&@j1662468499201&@k0&@l1&@mRife%20Frequencies%20for%20Anxiety%20-%20Balance%20Heart%20Chakra%20-%20Energy%20Healing%20for%20Anxiety&@n0tags=Rendathi&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-195799615&@b3:1662468499&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&@w
200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4206161&@f16&@g1&@h1&@i1&@j1662468499201&@k0&@l1&@mRife%20Frequencies%20for%20Anxiety%20-%20Balance%20Heart%20Chakra%20-%20Energy%20Healing%20for%20Anxiety&@n0tags=Rendathi&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-195799615&@b3:1662468499&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&@w
IP
File type ASCII text, with no line terminators
Hash f8472ba38a79f11cd3ba8a5f65a9f61a
66e0cf72f52acabcc5d28311909564311ae5095d
60320bedfed199816915a37649e33b901ed3e796350d9fd97e6e30209bf5b751
GET /stats/0.php?4206161&@f16&@g1&@h1&@i1&@j1662468499201&@k0&@l1&@mRife%20Frequencies%20for%20Anxiety%20-%20Balance%20Heart%20Chakra%20-%20Energy%20Healing%20for%20Anxiety&@n0tags=Rendathi&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-195799615&@b3:1662468499&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 12:48:25 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2f8a9682c314d665f748ac588bd7d407
328e6b486992e7813d31e5f06d980427f554603d
1bc53d70380898f4b7d9b8cdc5386ce558c0f3622840d461b979a7c98ee9f71d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BC53D70380898F4B7D9B8CDC5386CE558C0F3622840D461B979A7C98EE9F71D"
Last-Modified: Sun, 04 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16997
Expires: Tue, 06 Sep 2022 17:31:42 GMT
Date: Tue, 06 Sep 2022 12:48:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f659b0b1cbfcaf5c8e35bbcde1721f2a
fc9d579de0c947fcd73323b1b41ea32f00ef4521
5ec1f3769fd50c8cddf6c13787cde90886ed01fa0be30f515bdb69053211ac73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EC1F3769FD50C8CDDF6C13787CDE90886ED01FA0BE30F515BDB69053211AC73"
Last-Modified: Sun, 04 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4304
Expires: Tue, 06 Sep 2022 14:00:09 GMT
Date: Tue, 06 Sep 2022 12:48:25 GMT
Connection: keep-alive
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 12:48:25 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 122 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 8e0d8caba43c1aaef8b06926f14a555c
cb184ffda3dc5883c54093af8c6108b1062afe8d
3585c7999e8f732b471ad63cbecb5d8b221cc62145b9a726c30a30e3a45797dc
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 890
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 12:48:25 GMT
server: ESF
cache-control: private
content-length: 122
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.effectivedisplaycontent.com/04ab7bf8059140f2e892fdc85a5bb04d/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplaycontent.com/04ab7bf8059140f2e892fdc85a5bb04d/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
Analyzer Verdict Alert quad9 Sinkholed
GET /04ab7bf8059140f2e892fdc85a5bb04d/invoke.js HTTP/1.1
Host: www.effectivedisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 06 Sep 2022 12:48:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e553e04b7402eda506c1a1b55b8b8bb0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash e213ced90bd10fda8a999cb61d0f4b0e
7c325613d2faad44fc6833dcf0bb7dfba631abb3
9db4f4ea9d00df8951307cbc80f4d72801423a2f71ed3179acdd2ca3259661f4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://rendathi.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash e213ced90bd10fda8a999cb61d0f4b0e
7c325613d2faad44fc6833dcf0bb7dfba631abb3
9db4f4ea9d00df8951307cbc80f4d72801423a2f71ed3179acdd2ca3259661f4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://rendathi.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
forgerylimit.com/sbar.json?key=35da1e3af13599295821b2545bdc31fc
200 OK 4.4 kB URL HTTP/1.1 forgerylimit.com/sbar.json?key=35da1e3af13599295821b2545bdc31fc
IP
File type JSON data\012- , ASCII text, with very long lines (6300), with no line terminators
Hash 8a659d19a687a5a1ab9ee2b81fdcc42e
b3bad7a63410f19ee961b94ab8aafdbe0e6c1a16
373aa017be25d452c0acdd9a3106ae92677a15479aa855a406a40119383eed58
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=35da1e3af13599295821b2545bdc31fc HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Sep 2022 12:48:25 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://rendathi.blogspot.com
Access-Control-Allow-Origin: https://rendathi.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15462671; expires=Wed, 07 Sep 2022 12:48:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Sep 2022 12:48:25 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Sep 2022 12:48:25 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 07 Sep 2022 12:48:25 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 07 Sep 2022 12:48:25 GMT; secure; SameSite=None
slec35da1e3af13599295821b2545bdc31fc=[3527115]; expires=Tue, 06 Sep 2022 12:48:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5f266b80ec5c99d768947b0851217997
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b57cc1e5ea0d543d9ef1ea66d70f9fab
54782bbe2a3331a396583dca789e5b7a219056e5
93e530b02b938c5cfa2ef04cd2421c8e15bc5172d144025a61fb000a95d93380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93E530B02B938C5CFA2EF04CD2421C8E15BC5172D144025A61FB000A95D93380"
Last-Modified: Tue, 06 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10258
Expires: Tue, 06 Sep 2022 15:39:24 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
forgerylimit.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSS2hkxRfG686%2F%2BYO48BUQwUcvR5DOvbffziJMjBmDcTLOjOhO6lZVd8rUvXWpuo9Or4IDMst2KW5uvk4mPobBWbh0HDoBwQYh7SqCwcGN4GZkYNxKd4LBA8U5Vd%2B3%2BJ1T55Pt9Ji4SOnR0ju6L5Wi8%2FWKWz7%2FgeddKK%2FKKO2Ve63Gh43ahbLJXm83Ku6r5UuCbeh53%2FVc13O98rI0oqN781MRMr7d9iptt1LzK169hp75792mDix1wLNj8iwkn5QOnDlINkIUfrMk7Eai49feDFNFE22Q8b33oo1I5xHCs7JjHHSivVM3tD1cvgcd7c5wobN%2FjYGcEOeHewiivVNIBNnOjDNQEBEC%2FiTybAShRpB0BKZvQPJDAjCOy2uIwluXtcnp5olKp%2BqElB4%2FgswnpPTrHKLwzqKSvfI1rdJE6sii1ykgeyPI7ghxuo%2Bkfw4y3wdLPobkP5H5x6uIwp01qzQkL2a9SzmC7IygxADUOkinRzpIOw7S2EHIj8rM87ymyxl1W23GqrwpggZ3PdrseNRzGy2kbIo3QBIPwNQAzGwhNlvYkAOY9D7segHLHdhkQpx3t5DxArkgyC1BTglySZAnBHlW7HJlfVvc4sqmgXea%2FdNcLYY66W7TXZ10RUS242PyzGwuf%2F71FDbEUbla59QTVdrxqvV222%2FXW74X%2BPVaPeCs6nUYrCwg7blZq305If%2B%2F%2FxtiOSHnwlcQ0H1YtQ8mnwZNXwLNh03fBV0f1lou%2BtG3oaBRYnRUCZTu2lgnFaZDcF0gTkpINp1tdUxemAHVD8cQbLzwR%2Fng893fr4OZArEp8JE8IOiqm8OrOic7V3Vuyd21OJGh7NPpJ15LaCJKX70tNnNt%2BMqSHXx5kU2FaXn7urDJKo24jLqWfL0oORdmWRsmyHcr9n0RXEnt%2BmJqojRevfLG8koYG2Gt1NEIdLqPz70FJifkiUUx288Xz2eQZgSTFgjTMTkNSL0PFm%2FBxuOFXx5cujPXfwCrSzDqzBPEDvK0GBo%2FOHtUckL8Rz9CifHC3YeDv6tf7IAGBaw4G0Qgxt8%2FPPFv25vompdBkxuIwgKZKZCpAlQNYNP%2FDZPYjBd%2Brs4CgXKGgTLOTqCM%2BvRkwFYelZvVqksb7brXbFLRDGp%2Bq9PwOKV%2BreE3GrSKxE7Y8xc%2F%2BwcAAP%2F%2FAQAA%2F%2F9dJuBZbgQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 forgerylimit.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSS2hkxRfG686%2F%2BYO48BUQwUcvR5DOvbffziJMjBmDcTLOjOhO6lZVd8rUvXWpuo9Or4IDMst2KW5uvk4mPobBWbh0HDoBwQYh7SqCwcGN4GZkYNxKd4LBA8U5Vd%2B3%2BJ1T55Pt9Ji4SOnR0ju6L5Wi8%2FWKWz7%2FgeddKK%2FKKO2Ve63Gh43ahbLJXm83Ku6r5UuCbeh53%2FVc13O98rI0oqN781MRMr7d9iptt1LzK169hp75792mDix1wLNj8iwkn5QOnDlINkIUfrMk7Eai49feDFNFE22Q8b33oo1I5xHCs7JjHHSivVM3tD1cvgcd7c5wobN%2FjYGcEOeHewiivVNIBNnOjDNQEBEC%2FiTybAShRpB0BKZvQPJDAjCOy2uIwluXtcnp5olKp%2BqElB4%2FgswnpPTrHKLwzqKSvfI1rdJE6sii1ykgeyPI7ghxuo%2Bkfw4y3wdLPobkP5H5x6uIwp01qzQkL2a9SzmC7IygxADUOkinRzpIOw7S2EHIj8rM87ymyxl1W23GqrwpggZ3PdrseNRzGy2kbIo3QBIPwNQAzGwhNlvYkAOY9D7segHLHdhkQpx3t5DxArkgyC1BTglySZAnBHlW7HJlfVvc4sqmgXea%2FdNcLYY66W7TXZ10RUS242PyzGwuf%2F71FDbEUbla59QTVdrxqvV222%2FXW74X%2BPVaPeCs6nUYrCwg7blZq305If%2B%2F%2FxtiOSHnwlcQ0H1YtQ8mnwZNXwLNh03fBV0f1lou%2BtG3oaBRYnRUCZTu2lgnFaZDcF0gTkpINp1tdUxemAHVD8cQbLzwR%2Fng893fr4OZArEp8JE8IOiqm8OrOic7V3Vuyd21OJGh7NPpJ15LaCJKX70tNnNt%2BMqSHXx5kU2FaXn7urDJKo24jLqWfL0oORdmWRsmyHcr9n0RXEnt%2BmJqojRevfLG8koYG2Gt1NEIdLqPz70FJifkiUUx288Xz2eQZgSTFgjTMTkNSL0PFm%2FBxuOFXx5cujPXfwCrSzDqzBPEDvK0GBo%2FOHtUckL8Rz9CifHC3YeDv6tf7IAGBaw4G0Qgxt8%2FPPFv25vompdBkxuIwgKZKZCpAlQNYNP%2FDZPYjBd%2Brs4CgXKGgTLOTqCM%2BvRkwFYelZvVqksb7brXbFLRDGp%2Bq9PwOKV%2BreE3GrSKxE7Y8xc%2F%2BwcAAP%2F%2FAQAA%2F%2F9dJuBZbgQAAA%3D%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSS2hkxRfG686%2F%2BYO48BUQwUcvR5DOvbffziJMjBmDcTLOjOhO6lZVd8rUvXWpuo9Or4IDMst2KW5uvk4mPobBWbh0HDoBwQYh7SqCwcGN4GZkYNxKd4LBA8U5Vd%2B3%2BJ1T55Pt9Ji4SOnR0ju6L5Wi8%2FWKWz7%2FgeddKK%2FKKO2Ve63Gh43ahbLJXm83Ku6r5UuCbeh53%2FVc13O98rI0oqN781MRMr7d9iptt1LzK169hp75792mDix1wLNj8iwkn5QOnDlINkIUfrMk7Eai49feDFNFE22Q8b33oo1I5xHCs7JjHHSivVM3tD1cvgcd7c5wobN%2FjYGcEOeHewiivVNIBNnOjDNQEBEC%2FiTybAShRpB0BKZvQPJDAjCOy2uIwluXtcnp5olKp%2BqElB4%2FgswnpPTrHKLwzqKSvfI1rdJE6sii1ykgeyPI7ghxuo%2Bkfw4y3wdLPobkP5H5x6uIwp01qzQkL2a9SzmC7IygxADUOkinRzpIOw7S2EHIj8rM87ymyxl1W23GqrwpggZ3PdrseNRzGy2kbIo3QBIPwNQAzGwhNlvYkAOY9D7segHLHdhkQpx3t5DxArkgyC1BTglySZAnBHlW7HJlfVvc4sqmgXea%2FdNcLYY66W7TXZ10RUS242PyzGwuf%2F71FDbEUbla59QTVdrxqvV222%2FXW74X%2BPVaPeCs6nUYrCwg7blZq305If%2B%2F%2FxtiOSHnwlcQ0H1YtQ8mnwZNXwLNh03fBV0f1lou%2BtG3oaBRYnRUCZTu2lgnFaZDcF0gTkpINp1tdUxemAHVD8cQbLzwR%2Fng893fr4OZArEp8JE8IOiqm8OrOic7V3Vuyd21OJGh7NPpJ15LaCJKX70tNnNt%2BMqSHXx5kU2FaXn7urDJKo24jLqWfL0oORdmWRsmyHcr9n0RXEnt%2BmJqojRevfLG8koYG2Gt1NEIdLqPz70FJifkiUUx288Xz2eQZgSTFgjTMTkNSL0PFm%2FBxuOFXx5cujPXfwCrSzDqzBPEDvK0GBo%2FOHtUckL8Rz9CifHC3YeDv6tf7IAGBaw4G0Qgxt8%2FPPFv25vompdBkxuIwgKZKZCpAlQNYNP%2FDZPYjBd%2Brs4CgXKGgTLOTqCM%2BvRkwFYelZvVqksb7brXbFLRDGp%2Bq9PwOKV%2BreE3GrSKxE7Y8xc%2F%2BwcAAP%2F%2FAQAA%2F%2F9dJuBZbgQAAA%3D%3D HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: u_pl=15462671; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec35da1e3af13599295821b2545bdc31fc=[3527115]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Sep 2022 12:48:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 56e3759bdc18aae49d8b19654b65b5cb
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 33fb6f8c1fb48f27b58d21e1d8d7bd27
23225ab4d426fbd7a0a44a33f747c1b7c0cf991d
8e801f87ac67f3c273535216d93c7ce19cb43c9be44e7e41741988ff92cfc75b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E801F87AC67F3C273535216D93C7CE19CB43C9BE44E7E41741988FF92CFC75B"
Last-Modified: Mon, 05 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14037
Expires: Tue, 06 Sep 2022 16:42:23 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 601d02860a32cd0667c2b4b6d5746e29
cd419b7dbf9f54edca0ceca468d14627d70f0764
18b245d8cf9427a2fab1793342ec08d8b1967083aad465785540d7f6bbc1af01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18B245D8CF9427A2FAB1793342EC08D8B1967083AAD465785540D7F6BBC1AF01"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16606
Expires: Tue, 06 Sep 2022 17:25:12 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
www.profitabledisplaycontent.com/watch.1034192646129.js?key=04ab7bf8059140f2e892fdc85a5bb04d&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.1034192646129.js?key=04ab7bf8059140f2e892fdc85a5bb04d&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1034192646129.js?key=04ab7bf8059140f2e892fdc85a5bb04d&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 12:48:26 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://rendathi.blogspot.com
Access-Control-Allow-Origin: https://rendathi.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1034192646129.js?key=04ab7bf8059140f2e892fdc85a5bb04d&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=0ebbc3a43327d64ceb98045833e09a9d8a92a17fefb2b8ac794e3e94849db78df5d670ad12c618552cb038b4997c4ca4dc76541f9557620757292e85069d0dd260a8b81e4ba890353bbdd35fb65490567fb71ce2&pst=1662468566&rmtc=t
Set-Cookie: u_pl=15182884; expires=Wed, 07 Sep 2022 12:48:26 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg4NCwiayI6IjA0YWI3YmY4MDU5MTQwZjJlODkyZmRjODVhNWJiMDRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJrN3drcmtzcTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcmVuZGF0aGkuYmxvZ3Nwb3QuY29tLzIwMjAvMDMvcmlmZS1mcmVxdWVuY2llcy1mb3ItYW54aWV0eS1iYWxhbmNlLmh0bWwifX0.FUsJH31MijeD4Zy2E8GqS2F-9MAuTm5DKCl_cpmwC9I; expires=Tue, 06 Sep 2022 12:49:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5416024ae6ff2618cad6b5bb06d45424
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash bb22075867a180a59587c55e0facccb8
9af4960264c36cebebd5601a9a5a4fcc1b630c64
5d4e2ee6f555b320ef3e62390c1f3d8934f690e4f4d859cd19c015967f69a018
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5D4E2EE6F555B320EF3E62390C1F3D8934F690E4F4D859CD19C015967F69A018"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10391
Expires: Tue, 06 Sep 2022 15:41:37 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash bb22075867a180a59587c55e0facccb8
9af4960264c36cebebd5601a9a5a4fcc1b630c64
5d4e2ee6f555b320ef3e62390c1f3d8934f690e4f4d859cd19c015967f69a018
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5D4E2EE6F555B320EF3E62390C1F3D8934F690E4F4D859CD19C015967F69A018"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10391
Expires: Tue, 06 Sep 2022 15:41:37 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/img/close.png
200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/img/close.png
IP
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/ssp/utility/live-message/3-2/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 28 Apr 2022 08:29:14 GMT
etag: "626a505a-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2947454
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXOBTg%2Fmr2jDlL01jr2QHI%2BovzBGlkTaDB%2FzYvW1iQt4acOcv7txXmF9Tv38TGLzvMm7hkQH1RC2tTkQGDk1pcKy5taIhSqD2eAA2DD9tPsupm0Br8rHOq%2Ft2WbU7ZxHiD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746751a4a985b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 1.0 kB IP
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 58723109ddbcdfaf2adb54bbe8fc711d
295802d3c0fcd6d0627b2051fd66a55f20935f15
9f88cd708bff159d597e5b2365fc6bffe579800a255acfc0e0500d17c094442a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5D4E2EE6F555B320EF3E62390C1F3D8934F690E4F4D859CD19C015967F69A018"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10391
Expires: Tue, 06 Sep 2022 15:41:37 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
www.profitabledisplaycontent.com/watch.1034192646129.js?key=04ab7bf8059140f2e892fdc85a5bb04d&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=0ebbc3a43327d64ceb98045833e09a9d8a92a17fefb2b8ac794e3e94849db78df5d670ad12c618552cb038b4997c4ca4dc76541f9557620757292e85069d0dd260a8b81e4ba890353bbdd35fb65490567fb71ce2&pst=1662468566&rmtc=t
200 OK 2.4 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.1034192646129.js?key=04ab7bf8059140f2e892fdc85a5bb04d&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=0ebbc3a43327d64ceb98045833e09a9d8a92a17fefb2b8ac794e3e94849db78df5d670ad12c618552cb038b4997c4ca4dc76541f9557620757292e85069d0dd260a8b81e4ba890353bbdd35fb65490567fb71ce2&pst=1662468566&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (3073)
Hash 111fbc12a55d9a2a6ad2c9bc0d3e353a
14bde9f36f0bf3a4d1e47da6a262bcd32dc49320
01bc88fe97f19482ad2885f4e341fce85459e5d732dd3f275c144c5754fe7ded
GET /watch.1034192646129.js?key=04ab7bf8059140f2e892fdc85a5bb04d&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=0ebbc3a43327d64ceb98045833e09a9d8a92a17fefb2b8ac794e3e94849db78df5d670ad12c618552cb038b4997c4ca4dc76541f9557620757292e85069d0dd260a8b81e4ba890353bbdd35fb65490567fb71ce2&pst=1662468566&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Referer: https://rendathi.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15182884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg4NCwiayI6IjA0YWI3YmY4MDU5MTQwZjJlODkyZmRjODVhNWJiMDRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJrN3drcmtzcTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcmVuZGF0aGkuYmxvZ3Nwb3QuY29tLzIwMjAvMDMvcmlmZS1mcmVxdWVuY2llcy1mb3ItYW54aWV0eS1iYWxhbmNlLmh0bWwifX0.FUsJH31MijeD4Zy2E8GqS2F-9MAuTm5DKCl_cpmwC9I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 12:48:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://rendathi.blogspot.com
Access-Control-Allow-Origin: https://rendathi.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; expires=Tue, 13 Sep 2022 12:48:26 GMT; secure; SameSite=None
iprce4e91335bffa5cb71cc496a2213cf653=3569684; expires=Tue, 06 Sep 2022 16:48:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 07 Sep 2022 12:48:26 GMT; secure; SameSite=None
uncs=1; expires=Wed, 07 Sep 2022 12:48:26 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 07 Sep 2022 12:48:26 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 07 Sep 2022 12:48:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06f7f5a34b74ebab2c39ad2621f56af9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=315
200 OK 19 kB URL HTTP/1.1 forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=315
IP
File type gzip compressed data, max compression\012- data
Hash 5729212e0e76c7387628a2f6af0eb5ee
0b721b55f23c41e7b0fe5a70b3ad674e3730d5f0
62a3562ffb35c6c93004280031f8c97bb17840469e613d733a0f26c5a7d42866
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F18%2F52%2F6a%2F18526a6becad408914fcf53d946360f0%2F1651134763.html&l=1558&fd=315 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: u_pl=15462671; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec35da1e3af13599295821b2545bdc31fc=[3527115]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Sep 2022 12:48:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fdaa3919b9ba998d302973cf78060da7
be8697f38399f372352bad57131fd4e4812525c3
ee1cf02126c1311b6da7d80d30bd3a69d33f592fe6d11ec8ded804465d0eba7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE1CF02126C1311B6DA7D80D30BD3A69D33F592FE6D11EC8DED804465D0EBA7A"
Last-Modified: Sun, 04 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8349
Expires: Tue, 06 Sep 2022 15:07:35 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fdaa3919b9ba998d302973cf78060da7
be8697f38399f372352bad57131fd4e4812525c3
ee1cf02126c1311b6da7d80d30bd3a69d33f592fe6d11ec8ded804465d0eba7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE1CF02126C1311B6DA7D80D30BD3A69D33F592FE6D11EC8DED804465D0EBA7A"
Last-Modified: Sun, 04 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8349
Expires: Tue, 06 Sep 2022 15:07:35 GMT
Date: Tue, 06 Sep 2022 12:48:26 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/ea/f0/94/eaf0942638a7a317f57c1878d002acf8/1657118897.jpg
200 OK 20 kB URL HTTP/2 cdn.cloudimagesb.com/si/ea/f0/94/eaf0942638a7a317f57c1878d002acf8/1657118897.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 230de911f731c4f23dabb009a70c0eda
5d479defd4a1232e6b74381dd24eaf851b558c8f
ee4c1628ce37108fd1ecf632577ccd6ccf4969c08956d564567016605114d7fd
GET /si/ea/f0/94/eaf0942638a7a317f57c1878d002acf8/1657118897.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: image/jpeg
content-length: 19490
server: nginx/1.17.6
last-modified: Wed, 06 Jul 2022 14:48:25 GMT
etag: "62c5a0b9-4c22"
expires: Thu, 08 Sep 2022 12:48:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/c1/c0/62/c1c062f73d44eb2dca0b925636376cdf/1657118874.jpg
200 OK 20 kB URL HTTP/2 cdn.cloudimagesb.com/si/c1/c0/62/c1c062f73d44eb2dca0b925636376cdf/1657118874.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 4c4795c032dbed41a88bdd7b3cd4477d
d58fe0d2d9c42b46fd31827669dd994d5fb510fd
0989b8e38c3fadcde1908be965a4b980d1720f63281404f8156b2694e6e8cf8c
GET /si/c1/c0/62/c1c062f73d44eb2dca0b925636376cdf/1657118874.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: image/jpeg
content-length: 19999
server: nginx/1.17.6
last-modified: Wed, 06 Jul 2022 14:48:02 GMT
etag: "62c5a0a2-4e1f"
expires: Thu, 08 Sep 2022 12:48:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=35da1e3af13599295821b2545bdc31fc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=35da1e3af13599295821b2545bdc31fc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=35da1e3af13599295821b2545bdc31fc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 12:48:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d43d7e0a8f4a61cf8600fa0353e595e
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
200 OK 112 kB URL HTTP/2 cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (112168 bytes)
Hash c45241b13549342de998e8518b0430f8
4520fd975fc212eb0e8d67981697b04787280f6a
12d50ef4939929d2f45254e0a404bda1f11fb2509599a9a7cb5e601e9c8f66b6
GET /cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: image/png
content-length: 112168
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:53:30 GMT
etag: "62e10b1a-1b628"
expires: Thu, 08 Sep 2022 12:48:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=328
200 OK 0 B URL HTTP/1.1 forgerylimit.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=328
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=328 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: u_pl=15462671; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec35da1e3af13599295821b2545bdc31fc=[3527115]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Sep 2022 12:48:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/css/style.css
200 OK 1.6 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/css/style.css
IP
Hash 1383ff77a305cbbde6dd2f35a747ef33
f3b341dcdbf56dd56e19348bf352370265bbfd30
ee44277ebc4dc007956e8d709ad10b2d9f897a6a88b58c0d0f23c405bae73d6a
GET /sb/ssp/utility/live-message/3-2/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-22dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0S2Ue18EYYs%2FnFNny5d7hBxjQ90izn8XtPmTpOkhqu0r5zJ4EaTgAeQ0iw%2BH%2FBjem86vvbhzwkVXupH9sU9AZdLhRxuriXhuFEG%2BKROOGYBoXz%2BTpzye20JeJ7VTv40rMWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746751a448f5b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
200 OK 492 B URL HTTP/2 cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text
Hash 3f0fe6e62d7bab7ac7d253b9547709d3
568810a7fb28c234338845f0ca9d91223ccc6e58
3dfad62e6d1557c95777fefc1135d0cf0cdb655ed1e6a1b0987590942eea7677
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-616"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 06 Sep 2022 13:48:26 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
forgerylimit.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSTWhc1RvGz%2B1%2F%2BIO48Ksggh%2BzrCCTe%2BcjM2MXobGmBmNT24ru5HzdyTHn3nM55965k1kFC9LluBQ3N88kjR%2Bl2IVLa5kEBAeEjKsIBosbwU2lULcyk2DwhcP7nvM8i9%2F7nveTreyI%2BMjo4cV3TF9pTecaFb987oMgOF9eUXHWK%2Fda8x%2FO18%2BXbff19nzFf7V8SfJ1M1f1A98P%2FKC8pKwMTW9uKkIlt9tBpe1X6tVK0KijZ%2F97d5kHRz2I7hF5FkpMSvveWSg%2BQhx9c1G69dQkr70ZZZqmxqIrdt%2BL12OTx4hOy9B6COPdEzeMO1i6BxPvzHBhuv8amZoQ74d7YPHuCSRYd3vGyTRkDCaeRN4dQeoRFB2BmxtQ4oAAXODyKuLo1mVjc7pxrNKpOiGlx4%2Bg8gkp%2FXoWcXRnUate%2BZrRWapM7NALC6jeCKozQpLtIe2fgcr3wNOPocRPZO7xCuJoe9VpAyWKWe9KjaDCEbQcgDoP2fQoD1noIUs8ROKwzIMgaPqCU7%2FV5rwmmpLNCz%2BgzTCggT%2FfQsaneAOkyQBcD8DtJhK7iXU1gM3uw60VcMKDSyfEe3cTXVEglwS5I8gpQa4I8pQg7xY7QruqK24J7TIWnOTqSa4VQ5N2tuiOSTsyJlvJEXlmNpc%2F%2F3oK6%2FKwXGsIGsgaDYNao92uthutasCqjXqDCV4LQg6nCih3ZtZqX03I%2F%2B%2F%2FhkRNyJnoFTC6B6f3wNXToNlLoPmwWfVB14b1lo9%2B%2FG0kaZxaE1eYNh2XmLTCTQRhCiRpCemGt6WPyAszoMbBGJKPF%2F4o73%2B%2B8%2Ft1cFsgsQU%2BUvsEHX1zeNXkZPuqyR25u5qkKlJ9Ov3EaylNZemrt%2BVGbqxYvugGX17gU2Fa3r4uXbpCY6HijiNfLyohpF0ylkvy3bJ7X7IrmVtbzGycJStX3lhajhIrnVMmHoFO9%2FG5t8DVhDyxKGf7%2BeK5LpQdwWYFomxMTgLK7IEnm3DJeOGXB5funO0%2FgDMlWH3qYYmHPCuGtspOH7WakOqjH6HleOHuw8HftS%2B2QVkBJ08HweT4%2B4fH%2Fi13Ex37Mmh6A3FUoGsLdHUBqgdw2f%2BGaWLHCz%2FXZgGmvSHT1ttm2upPjwfs1GG55osmk6FsMllv1EPJBWs0mM9Dzmqi1eJI3YQ%2Ff%2BGzfwAAAP%2F%2FAQAA%2F%2F%2Fd8jWxbgQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 forgerylimit.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSTWhc1RvGz%2B1%2F%2BIO48Ksggh%2BzrCCTe%2BcjM2MXobGmBmNT24ru5HzdyTHn3nM55965k1kFC9LluBQ3N88kjR%2Bl2IVLa5kEBAeEjKsIBosbwU2lULcyk2DwhcP7nvM8i9%2F7nveTreyI%2BMjo4cV3TF9pTecaFb987oMgOF9eUXHWK%2Fda8x%2FO18%2BXbff19nzFf7V8SfJ1M1f1A98P%2FKC8pKwMTW9uKkIlt9tBpe1X6tVK0KijZ%2F97d5kHRz2I7hF5FkpMSvveWSg%2BQhx9c1G69dQkr70ZZZqmxqIrdt%2BL12OTx4hOy9B6COPdEzeMO1i6BxPvzHBhuv8amZoQ74d7YPHuCSRYd3vGyTRkDCaeRN4dQeoRFB2BmxtQ4oAAXODyKuLo1mVjc7pxrNKpOiGlx4%2Bg8gkp%2FXoWcXRnUate%2BZrRWapM7NALC6jeCKozQpLtIe2fgcr3wNOPocRPZO7xCuJoe9VpAyWKWe9KjaDCEbQcgDoP2fQoD1noIUs8ROKwzIMgaPqCU7%2FV5rwmmpLNCz%2BgzTCggT%2FfQsaneAOkyQBcD8DtJhK7iXU1gM3uw60VcMKDSyfEe3cTXVEglwS5I8gpQa4I8pQg7xY7QruqK24J7TIWnOTqSa4VQ5N2tuiOSTsyJlvJEXlmNpc%2F%2F3oK6%2FKwXGsIGsgaDYNao92uthutasCqjXqDCV4LQg6nCih3ZtZqX03I%2F%2B%2F%2FhkRNyJnoFTC6B6f3wNXToNlLoPmwWfVB14b1lo9%2B%2FG0kaZxaE1eYNh2XmLTCTQRhCiRpCemGt6WPyAszoMbBGJKPF%2F4o73%2B%2B8%2Ft1cFsgsQU%2BUvsEHX1zeNXkZPuqyR25u5qkKlJ9Ov3EaylNZemrt%2BVGbqxYvugGX17gU2Fa3r4uXbpCY6HijiNfLyohpF0ylkvy3bJ7X7IrmVtbzGycJStX3lhajhIrnVMmHoFO9%2FG5t8DVhDyxKGf7%2BeK5LpQdwWYFomxMTgLK7IEnm3DJeOGXB5funO0%2FgDMlWH3qYYmHPCuGtspOH7WakOqjH6HleOHuw8HftS%2B2QVkBJ08HweT4%2B4fH%2Fi13Ex37Mmh6A3FUoGsLdHUBqgdw2f%2BGaWLHCz%2FXZgGmvSHT1ttm2upPjwfs1GG55osmk6FsMllv1EPJBWs0mM9Dzmqi1eJI3YQ%2Ff%2BGzfwAAAP%2F%2FAQAA%2F%2F%2Fd8jWxbgQAAA%3D%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSTWhc1RvGz%2B1%2F%2BIO48Ksggh%2BzrCCTe%2BcjM2MXobGmBmNT24ru5HzdyTHn3nM55965k1kFC9LluBQ3N88kjR%2Bl2IVLa5kEBAeEjKsIBosbwU2lULcyk2DwhcP7nvM8i9%2F7nveTreyI%2BMjo4cV3TF9pTecaFb987oMgOF9eUXHWK%2Fda8x%2FO18%2BXbff19nzFf7V8SfJ1M1f1A98P%2FKC8pKwMTW9uKkIlt9tBpe1X6tVK0KijZ%2F97d5kHRz2I7hF5FkpMSvveWSg%2BQhx9c1G69dQkr70ZZZqmxqIrdt%2BL12OTx4hOy9B6COPdEzeMO1i6BxPvzHBhuv8amZoQ74d7YPHuCSRYd3vGyTRkDCaeRN4dQeoRFB2BmxtQ4oAAXODyKuLo1mVjc7pxrNKpOiGlx4%2Bg8gkp%2FXoWcXRnUate%2BZrRWapM7NALC6jeCKozQpLtIe2fgcr3wNOPocRPZO7xCuJoe9VpAyWKWe9KjaDCEbQcgDoP2fQoD1noIUs8ROKwzIMgaPqCU7%2FV5rwmmpLNCz%2BgzTCggT%2FfQsaneAOkyQBcD8DtJhK7iXU1gM3uw60VcMKDSyfEe3cTXVEglwS5I8gpQa4I8pQg7xY7QruqK24J7TIWnOTqSa4VQ5N2tuiOSTsyJlvJEXlmNpc%2F%2F3oK6%2FKwXGsIGsgaDYNao92uthutasCqjXqDCV4LQg6nCih3ZtZqX03I%2F%2B%2F%2FhkRNyJnoFTC6B6f3wNXToNlLoPmwWfVB14b1lo9%2B%2FG0kaZxaE1eYNh2XmLTCTQRhCiRpCemGt6WPyAszoMbBGJKPF%2F4o73%2B%2B8%2Ft1cFsgsQU%2BUvsEHX1zeNXkZPuqyR25u5qkKlJ9Ov3EaylNZemrt%2BVGbqxYvugGX17gU2Fa3r4uXbpCY6HijiNfLyohpF0ylkvy3bJ7X7IrmVtbzGycJStX3lhajhIrnVMmHoFO9%2FG5t8DVhDyxKGf7%2BeK5LpQdwWYFomxMTgLK7IEnm3DJeOGXB5funO0%2FgDMlWH3qYYmHPCuGtspOH7WakOqjH6HleOHuw8HftS%2B2QVkBJ08HweT4%2B4fH%2Fi13Ex37Mmh6A3FUoGsLdHUBqgdw2f%2BGaWLHCz%2FXZgGmvSHT1ttm2upPjwfs1GG55osmk6FsMllv1EPJBWs0mM9Dzmqi1eJI3YQ%2Ff%2BGzfwAAAP%2F%2FAQAA%2F%2F%2Fd8jWxbgQAAA%3D%3D HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: u_pl=15462671; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec35da1e3af13599295821b2545bdc31fc=[3527115]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 06 Sep 2022 12:48:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0cf2d0bc54974a7c42462b88b1f52d20
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/css/animate.css
200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/css/animate.css
IP
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/ssp/utility/live-message/3-2/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: text/css
last-modified: Thu, 28 Apr 2022 08:29:13 GMT
etag: W/"626a5059-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZO81yt4WdK7nsaVlomlNunbtQXqkBcI%2F7z%2BDlnfpR9ELNPPZiGUnfS3s7e31py38k9L2JXw2xFP25puCfxzAtqseEbQDXUs9nlq18uHuAGx297T5k4vCiZu6nXLZSnEASo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746751a448fcb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.effectivedisplaycontent.com/4af9baae14a71c16d7c9c5b12bb59fdb/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplaycontent.com/4af9baae14a71c16d7c9c5b12bb59fdb/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
Analyzer Verdict Alert quad9 Sinkholed
GET /4af9baae14a71c16d7c9c5b12bb59fdb/invoke.js HTTP/1.1
Host: www.effectivedisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 06 Sep 2022 12:48:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0dfd05609430ae93337db687393022ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaycontent.com/watch.235353802776.js?key=4af9baae14a71c16d7c9c5b12bb59fdb&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.235353802776.js?key=4af9baae14a71c16d7c9c5b12bb59fdb&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.235353802776.js?key=4af9baae14a71c16d7c9c5b12bb59fdb&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: u_pl=15182884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg4NCwiayI6IjA0YWI3YmY4MDU5MTQwZjJlODkyZmRjODVhNWJiMDRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJrN3drcmtzcTAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcmVuZGF0aGkuYmxvZ3Nwb3QuY29tLzIwMjAvMDMvcmlmZS1mcmVxdWVuY2llcy1mb3ItYW54aWV0eS1iYWxhbmNlLmh0bWwifX0.FUsJH31MijeD4Zy2E8GqS2F-9MAuTm5DKCl_cpmwC9I; uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; iprce4e91335bffa5cb71cc496a2213cf653=3569684; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 12:48:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://rendathi.blogspot.com
Access-Control-Allow-Origin: https://rendathi.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.235353802776.js?key=4af9baae14a71c16d7c9c5b12bb59fdb&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=ab9868d2cc2e0b9742b84ccb3b65a3e80d9f8bc37a44302cc098a2ca29f5b622a60ad660e433b5f523cdd285f618b440548dd6b37f1af7d8206c374af247f0bcfce91b1d9a1e61273b0ee8ea151ac7e566fb20&pst=1662468567&rmtc=t
Set-Cookie: u_pl=15182884,15182890; expires=Wed, 07 Sep 2022 12:48:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg5MCwiayI6IjRhZjliYWFlMTRhNzFjMTZkN2M5YzViMTJiYjU5ZmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImtwanE3OHpnYyIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZW5kYXRoaS5ibG9nc3BvdC5jb20vMjAyMC8wMy9yaWZlLWZyZXF1ZW5jaWVzLWZvci1hbnhpZXR5LWJhbGFuY2UuaHRtbCJ9fQ.LECr6Fqs25SvWLwa7pDRACjmgWfxipGwcSu_pmrdSLw; expires=Tue, 06 Sep 2022 12:49:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22011c262abb1e73cd67dc4e836c9bf8
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.235353802776.js?key=4af9baae14a71c16d7c9c5b12bb59fdb&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=ab9868d2cc2e0b9742b84ccb3b65a3e80d9f8bc37a44302cc098a2ca29f5b622a60ad660e433b5f523cdd285f618b440548dd6b37f1af7d8206c374af247f0bcfce91b1d9a1e61273b0ee8ea151ac7e566fb20&pst=1662468567&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.235353802776.js?key=4af9baae14a71c16d7c9c5b12bb59fdb&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=ab9868d2cc2e0b9742b84ccb3b65a3e80d9f8bc37a44302cc098a2ca29f5b622a60ad660e433b5f523cdd285f618b440548dd6b37f1af7d8206c374af247f0bcfce91b1d9a1e61273b0ee8ea151ac7e566fb20&pst=1662468567&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2666)
Hash 3a9379530575aa18ef55dff353a427b4
386805ea2693e6d46bae768a72e20cb10ac056e9
ed8be9a5674e19dd27dcb4f540a932cd92401c0067b7a23d7cb06609266d1567
GET /watch.235353802776.js?key=4af9baae14a71c16d7c9c5b12bb59fdb&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=ab9868d2cc2e0b9742b84ccb3b65a3e80d9f8bc37a44302cc098a2ca29f5b622a60ad660e433b5f523cdd285f618b440548dd6b37f1af7d8206c374af247f0bcfce91b1d9a1e61273b0ee8ea151ac7e566fb20&pst=1662468567&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Referer: https://rendathi.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15182884,15182890; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg5MCwiayI6IjRhZjliYWFlMTRhNzFjMTZkN2M5YzViMTJiYjU5ZmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImtwanE3OHpnYyIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZW5kYXRoaS5ibG9nc3BvdC5jb20vMjAyMC8wMy9yaWZlLWZyZXF1ZW5jaWVzLWZvci1hbnhpZXR5LWJhbGFuY2UuaHRtbCJ9fQ.LECr6Fqs25SvWLwa7pDRACjmgWfxipGwcSu_pmrdSLw; uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; iprce4e91335bffa5cb71cc496a2213cf653=3569684; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 12:48:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://rendathi.blogspot.com
Access-Control-Allow-Origin: https://rendathi.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; expires=Tue, 13 Sep 2022 12:48:28 GMT; secure; SameSite=None
iprc644528f4e917b487c4ca2a57adb4fccd=3569806; expires=Tue, 06 Sep 2022 16:48:28 GMT; secure; SameSite=None
uncs=2; expires=Wed, 07 Sep 2022 12:48:28 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 07 Sep 2022 12:48:28 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 07 Sep 2022 12:48:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 203000f6661919a8436ffed707c01830
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:28 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Thu, 08 Sep 2022 12:48:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.effectivedisplaycontent.com/a458d2acccabadb0ad769a3f1eb6a238/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplaycontent.com/a458d2acccabadb0ad769a3f1eb6a238/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
Analyzer Verdict Alert quad9 Sinkholed
GET /a458d2acccabadb0ad769a3f1eb6a238/invoke.js HTTP/1.1
Host: www.effectivedisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 06 Sep 2022 12:48:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a432e7e211fa83d01162e8ca2f58141
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaycontent.com/watch.857973940020.js?key=a458d2acccabadb0ad769a3f1eb6a238&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.857973940020.js?key=a458d2acccabadb0ad769a3f1eb6a238&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.857973940020.js?key=a458d2acccabadb0ad769a3f1eb6a238&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Cookie: u_pl=15182884,15182890; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg5MCwiayI6IjRhZjliYWFlMTRhNzFjMTZkN2M5YzViMTJiYjU5ZmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6ImtwanE3OHpnYyIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZW5kYXRoaS5ibG9nc3BvdC5jb20vMjAyMC8wMy9yaWZlLWZyZXF1ZW5jaWVzLWZvci1hbnhpZXR5LWJhbGFuY2UuaHRtbCJ9fQ.LECr6Fqs25SvWLwa7pDRACjmgWfxipGwcSu_pmrdSLw; uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; iprce4e91335bffa5cb71cc496a2213cf653=3569684; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc644528f4e917b487c4ca2a57adb4fccd=3569806; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 12:48:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://rendathi.blogspot.com
Access-Control-Allow-Origin: https://rendathi.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.857973940020.js?key=a458d2acccabadb0ad769a3f1eb6a238&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=7159f6eb156236a66b1a30519a75639779d1d1b3ad627a5ded38e11606c4f13121a8d9ab32bcce60ffed310725bb619b572a6cfe6d98ae728b0cf29b6b4b9686f26ebf3501d29c67c0d50c99d49cc2ad1795b7ef&pst=1662468570&rmtc=t
Set-Cookie: u_pl=15182884,15182890,15182887; expires=Wed, 07 Sep 2022 12:48:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg4NywiayI6ImE0NThkMmFjY2NhYmFkYjBhZDc2OWEzZjFlYjZhMjM4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJoc2tpY216dWZ3IiwidCI6MX0sInUiOnsidSI6MywiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3JlbmRhdGhpLmJsb2dzcG90LmNvbS8yMDIwLzAzL3JpZmUtZnJlcXVlbmNpZXMtZm9yLWFueGlldHktYmFsYW5jZS5odG1sIn19.7JPaQGfrMzH1DnEb6vQnVEIyoueh86jQIAKCcoDxuwk; expires=Tue, 06 Sep 2022 12:49:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 27da022c7996a78c5d35a7706840ac48
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.857973940020.js?key=a458d2acccabadb0ad769a3f1eb6a238&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=7159f6eb156236a66b1a30519a75639779d1d1b3ad627a5ded38e11606c4f13121a8d9ab32bcce60ffed310725bb619b572a6cfe6d98ae728b0cf29b6b4b9686f26ebf3501d29c67c0d50c99d49cc2ad1795b7ef&pst=1662468570&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.857973940020.js?key=a458d2acccabadb0ad769a3f1eb6a238&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=7159f6eb156236a66b1a30519a75639779d1d1b3ad627a5ded38e11606c4f13121a8d9ab32bcce60ffed310725bb619b572a6cfe6d98ae728b0cf29b6b4b9686f26ebf3501d29c67c0d50c99d49cc2ad1795b7ef&pst=1662468570&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2544)
Hash 8bcaed82fb56388ff4007e40c96f7eb8
f23e05c0bbd4f20001f515d5cb1eb996c486671d
ff612fbb6ea51763211e1076371cf647e70d7b47258220da7a7988ad09a394d1
GET /watch.857973940020.js?key=a458d2acccabadb0ad769a3f1eb6a238&kw=%5B%22rife%22%2C%22frequencies%22%2C%22for%22%2C%22anxiety%22%2C%22-%22%2C%22balance%22%2C%22heart%22%2C%22chakra%22%2C%22-%22%2C%22energy%22%2C%22healing%22%2C%22for%22%2C%22anxiety%22%5D&refer=https%3A%2F%2Frendathi.blogspot.com%2F2020%2F03%2Frife-frequencies-for-anxiety-balance.html&tz=0&dev=r&res=12.31&uuid=8cb03ff8-8f90-4c87-93cb-9d70fdde828b%3A2%3A1&shu=7159f6eb156236a66b1a30519a75639779d1d1b3ad627a5ded38e11606c4f13121a8d9ab32bcce60ffed310725bb619b572a6cfe6d98ae728b0cf29b6b4b9686f26ebf3501d29c67c0d50c99d49cc2ad1795b7ef&pst=1662468570&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Referer: https://rendathi.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15182884,15182890,15182887; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4Mjg4NywiayI6ImE0NThkMmFjY2NhYmFkYjBhZDc2OWEzZjFlYjZhMjM4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NDI1OTIsInBpZCI6MTU5MDA3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJoc2tpY216dWZ3IiwidCI6MX0sInUiOnsidSI6MywiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3JlbmRhdGhpLmJsb2dzcG90LmNvbS8yMDIwLzAzL3JpZmUtZnJlcXVlbmNpZXMtZm9yLWFueGlldHktYmFsYW5jZS5odG1sIn19.7JPaQGfrMzH1DnEb6vQnVEIyoueh86jQIAKCcoDxuwk; uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; iprce4e91335bffa5cb71cc496a2213cf653=3569684; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc644528f4e917b487c4ca2a57adb4fccd=3569806; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 12:48:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://rendathi.blogspot.com
Access-Control-Allow-Origin: https://rendathi.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8cb03ff8-8f90-4c87-93cb-9d70fdde828b:2:1; expires=Tue, 13 Sep 2022 12:48:31 GMT; secure; SameSite=None
uncs=3; expires=Wed, 07 Sep 2022 12:48:31 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 07 Sep 2022 12:48:31 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 07 Sep 2022 12:48:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6820cff6d474c59683ddd03bfc865737
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/695/23a/2f1/mc_ns_26.06.2018_468x60_4_en.jpg
200 OK 44 kB URL HTTP/2 cdn.cloudimagesb.com/695/23a/2f1/mc_ns_26.06.2018_468x60_4_en.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 468x60, components 3\012- data
Hash 8d88cc38b6012dd1344e8e5f513cfb8d
6a0afc5301af9c06ac2793f38c52e6ecb828ae00
264ec52472af81300ef33bb0343d512f9df48fbab863855fe9db250cf6b56e97
GET /695/23a/2f1/mc_ns_26.06.2018_468x60_4_en.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:31 GMT
content-type: image/jpeg
content-length: 44549
server: nginx/1.17.6
last-modified: Tue, 24 Sep 2019 10:48:54 GMT
etag: "5d89f496-ae05"
expires: Thu, 08 Sep 2022 12:48:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/3745257530063993900?po=3017069543913887646&hl=en&skin=contempo&blogspotRpcToken=7776841
200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/3745257530063993900?po=3017069543913887646&hl=en&skin=contempo&blogspotRpcToken=7776841
IP
GET /comment/frame/3745257530063993900?po=3017069543913887646&hl=en&skin=contempo&blogspotRpcToken=7776841 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 12:48:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-TSQl9kOpjHjXZSP27ovMQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=mUJ1utvGBqeQowhiqy06Kklj1hFI4R1MXe0dJFElhtn3F4GvcBsITuag4Fcuw2WnW_c7nKOyqv6u1Ak9kVgc0u9Y16qPsJHp5M7JgSUXDurOX0PxcA8Ddw1zKSHsDK1XZKKR-fEzxWVv2wVS7lsmUkl-zcGnu9IQyYtO7MUm9fI; expires=Wed, 08-Mar-2023 12:48:23 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i
IP
GET /css?family=Noto+Sans:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 12:48:23 GMT
date: Tue, 06 Sep 2022 12:48:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a81405d7b94b1f7ef6b3a342753a0181
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 06 Sep 2022 12:48:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sq7z1M%2FOdBUgQ2cSceOht0ro0BCW4j%2FScpwCMkXifa1yvFE%2F6tXUjajAJqsF2sr7vv8Y%2B58CbyBtUrx4mLKdafHLh8pcFS8GW0iweHVthUvsCLCpTnsYhR6ZQ1zgbW4ztTCXZS0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746751985e7e76f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/js/script.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/js/script.js
IP
GET /sb/ssp/utility/live-message/3-2/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rendathi.blogspot.com
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: application/javascript
last-modified: Thu, 28 Apr 2022 08:29:16 GMT
etag: W/"626a505c-495"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5yDF6T2b3uZD830ETR1VrCpDHILHJ%2BqAreK13%2BVnXRmr4tc4OAjnVb3Yyqa9bOKW76baw8rFg4P3i18Ei297viDB5Ncvrm9SsGrNmGG0%2FvyLFFWenqKizrMo0PZ1v5RbgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746751a4e9efb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/7nwfBRYxXJk
200 OK 0 B URL HTTP/2 www.youtube.com/embed/7nwfBRYxXJk
IP
GET /embed/7nwfBRYxXJk HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rendathi.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 12:48:23 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=2OIB1Kj1SNk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Fp7hBSGOdAY; Domain=.youtube.com; Expires=Sun, 05-Mar-2023 12:48:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+223; expires=Thu, 05-Sep-2024 12:48:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/live-message/3-2/js/jquery.min.js
IP
GET /sb/ssp/utility/live-message/3-2/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:48:26 GMT
content-type: application/javascript
last-modified: Thu, 28 Apr 2022 08:29:17 GMT
etag: W/"626a505d-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2947454
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krSvzRkAv8pQIwXcvkoQK5LO45RzbqmBfttETBxDilOsmKOn6ofFk1xajEMPf4evxYr03stCZCkatJ%2BS%2BFnEbmFLLD46yaoZCNN%2BJtuuYlWXPYoC2QPhDXkB8b7DTWvRWrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746751a4a988b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
142.250.74.161
93.184.220.29
46.105.201.240
158.69.251.190
23.36.77.32
31.13.72.12
104.21.234.233
18.192.162.188