josh-morgan-subways-news.blogspot.com.es/2011/10/abarth-695-tributo-ferrari-and.html
302 Moved Temporarily 225 B URL HTTP/1.1 josh-morgan-subways-news.blogspot.com.es/2011/10/abarth-695-tributo-ferrari-and.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 64eddd90f31c8f9f16f59bbc7aa9bcc1
eb755306574565c80e55ee5590b9c2f2fd7125e6
1e953d7fc49c8edbdc8ce47cfd23664cd0f45cf5a0ace7ea7cf1ce2b2b056503
Analyzer Verdict Alert fortinet Malware
GET /2011/10/abarth-695-tributo-ferrari-and.html HTTP/1.1
Host: josh-morgan-subways-news.blogspot.com.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 27 Nov 2022 15:00:34 GMT
Expires: Sun, 27 Nov 2022 15:00:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 225
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6043
Expires: Sun, 27 Nov 2022 16:41:18 GMT
Date: Sun, 27 Nov 2022 15:00:35 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2560
Cache-Control: max-age=159198
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:13:53 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 14:19:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2472
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Sun, 27 Nov 2022 16:39:12 GMT
Date: Sun, 27 Nov 2022 15:00:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2NBzSIrGx++dsWiybQ4tD7eSgWcU8u4I2AMZNPX7pyH2pbA1YbYTX6Pk/LPJjStm25YZx7ULA30k2FGoOB744w==
x-amz-request-id: 3NTD38BW8Z6CMPAD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 14:44:40 GMT
age: 955
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 15:00:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html
200 OK 16 kB URL HTTP/1.1 josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9968)
Hash 8465a7eb6cef36ef67174a9eb59f4c88
6f3ec622aa6f956adb5697be1f31ece82bb6bbe6
2f0da9679e468df51e02c6f5cb9099c8da0ae1dfaf13d0aec970568ea2bedd24
Analyzer Verdict Alert fortinet Malware
GET /2011/10/abarth-695-tributo-ferrari-and.html HTTP/1.1
Host: josh-morgan-subways-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 27 Nov 2022 15:00:35 GMT
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 09 Oct 2022 08:30:53 GMT
ETag: W/"97c847b7adf348816894aa6254db54b6e6318244814f76b192c4f8ec3990039d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15481
Server: GSE
josh-morgan-subways-news.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 josh-morgan-subways-news.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: josh-morgan-subways-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 05:45:46 GMT
Expires: Wed, 30 Nov 2022 05:45:46 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 23 Nov 2022 04:53:50 GMT
Content-Type: text/javascript
Age: 378889
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ca9a5a187a9301acd15cc891755a13c8
1522515a371821fe1c94ce773898f2e913e03012
469bcc07c9e15d43d093697277d75eaa3199cb3f455b6fd32daaa0153f4e0f98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sun, 27 Nov 2022 15:00:35 GMT
expires: Sun, 27 Nov 2022 15:00:35 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blog.roadandtrack.com/wp-content/uploads/HAMANN-Fiat-Abarth-front-440x292.jpg
308 Permanent Redirect 165 B URL HTTP/1.1 blog.roadandtrack.com/wp-content/uploads/HAMANN-Fiat-Abarth-front-440x292.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 7f2a831fbc5423e81f58761b95bfb7f8
2cece5cb723d104fdba5daf3a62249a32516118a
732879567f4a0b2fe40c36a8d80361a60f3c6dfdba4305b476aa805cccd61e1e
GET /wp-content/uploads/HAMANN-Fiat-Abarth-front-440x292.jpg HTTP/1.1
Host: blog.roadandtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Connection: keep-alive
Content-Length: 165
location: https://blog.roadandtrack.com/wp-content/uploads/HAMANN-Fiat-Abarth-front-440x292.jpg
content-type: text/html; charset=utf-8
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 514712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 417652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bnamodelworld.com/images/medium/st27/ST27-TK1243_MED.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.bnamodelworld.com/images/medium/st27/ST27-TK1243_MED.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/medium/st27/ST27-TK1243_MED.jpg HTTP/1.1
Host: www.bnamodelworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 15:00:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 16:00:35 GMT
Location: https://www.bnamodelworld.com/images/medium/st27/ST27-TK1243_MED.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwB7BFkIJF42ywsfyHFixosuk9ZHqbQV49h76VEKjgSvKV6oXbDa%2Fae8JjKRp6Thc2vLDRzoD9JHIMmpBWcWuPNJuEZkPJ%2BlxZlHMooI3tJPm2FqUIjWSdSGQ1YNIK2zGNF7u%2FGvOw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770bbbfaae3db500-OSL
alt-svc: h2=":443"; ma=60
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 412077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.donrickertdesign.com/images/2008/07/21/alycen_and_mini.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.donrickertdesign.com/images/2008/07/21/alycen_and_mini.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/2008/07/21/alycen_and_mini.jpg HTTP/1.1
Host: www.donrickertdesign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 15:00:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 16:00:35 GMT
Location: https://www.donrickertdesign.com/images/2008/07/21/alycen_and_mini.jpg
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770bbbfaae1cb52d-OSL
cdnclassics.chevelles.net/feature/Bortolotto.jpg
301 Moved Permanently 264 B URL HTTP/1.1 cdnclassics.chevelles.net/feature/Bortolotto.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d32382dd9f05d95bcac273e9852561d3
3a1b854adb7a9c1de3f53077f8d43213481fba9d
01f79a59937599e37cc9b2e2f6decb9aa576366d0ceedceb3eb9dffb639d2462
GET /feature/Bortolotto.jpg HTTP/1.1
Host: cdnclassics.chevelles.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 15:00:35 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=14400
Expires: Sun, 27 Nov 2022 19:00:35 GMT
Location: https://cdnclassics.chevelles.net/feature/Bortolotto.jpg
Via: 1.1 google
CF-Cache-Status: HIT
Age: 92220
Set-Cookie: __cf_bm=amdNJFfvznNQWvpugdoMt7qwSPD3Niw9upD_8jMcAeM-1669561235-0-AUquvALWn4zjSOI1u02GiN2NNIMtDcz3p5WG4FKiOq5UExUfZv1NVbYc6mc2c9Kh7e67eq+T8/tKLgxPQ8eglts=; path=/; expires=Sun, 27-Nov-22 15:30:35 GMT; domain=.cdnclassics.chevelles.net; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770bbbfaac61b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
resources.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
content-type: image/gif
age: 433000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
carbl.com/im/2010/02/fiat-abarth-500c-2.jpg
200 OK 560 kB URL HTTP/1.1 carbl.com/im/2010/02/fiat-abarth-500c-2.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2010:02:24 10:13:03], baseline, precision 8, 1600x1067, components 3\012- data
Size 560 kB (560035 bytes)
Hash 1001b29dcccef3a8cf88580a4975d550
6a4ec83b73dbf1ed8d2714c796125b136656e0fc
53aa1c2406f5d6b01e26a996ec87778676958b91d9c06570ea70a3d264874895
GET /im/2010/02/fiat-abarth-500c-2.jpg HTTP/1.1
Host: carbl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 15:00:35 GMT
Content-Type: image/jpeg
Content-Length: 560035
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 13:23:35 GMT
last-modified: Thu, 30 Dec 2021 15:13:39 GMT
x-frame-options: sameorigin
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 92220
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nhddqNFLNwhCD9WqYmVgIvh7GCy7SQvcj1EDcPFcrFL2IUnEdoFPjQCHqZCdbMtIISb9u1QtdZa6VomRUr5fQH28UyfkWrKncMhU1CS6Zb%2FlkLdtZ0Iim1rPCc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770bbbfaa8b3b4eb-OSL
alt-svc: h2=":443"; ma=60
www.picturearchive.co.za/Images/large_1972%252BPlymouth%252BSatellite%252BSebring%252BPlus%252B2D%252BHT%252Bblk%252Bfvl.jpg
400 Bad Request 20 B URL HTTP/1.1 www.picturearchive.co.za/Images/large_1972%252BPlymouth%252BSatellite%252BSebring%252BPlus%252B2D%252BHT%252Bblk%252Bfvl.jpg
IP
ASN #61969 Team Internet AG
File type ASCII text, with no line terminators
Hash 64b3d0bcb16e406cdd665ec49fefb7f1
8da5d8ac9123e50bbd4293b111f6f640f864256b
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
GET /Images/large_1972%252BPlymouth%252BSatellite%252BSebring%252BPlus%252B2D%252BHT%252Bblk%252Bfvl.jpg HTTP/1.1
Host: www.picturearchive.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sun, 27 Nov 2022 15:00:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Blocked: 11015.10
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 10:51:15 GMT
Expires: Sun, 11 Dec 2022 10:51:15 GMT
Cache-Control: public, max-age=1209600
Age: 14960
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
www.oldclassiccar.co.uk/photos-cars5/10.jpg
301 Moved Permanently 259 B URL HTTP/1.1 www.oldclassiccar.co.uk/photos-cars5/10.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae9e3811f61b9d322a8646b0a87e44f0
55d4f2c441dfd1482edbca17485fb104646bf6c9
a1cf8c5bbb5ce97ce8f60621d3dd9b6fb492be73d176eb202eb3669951641cdd
GET /photos-cars5/10.jpg HTTP/1.1
Host: www.oldclassiccar.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
Content-Length: 259
Connection: keep-alive
Keep-Alive: timeout=15
Date: Sun, 27 Nov 2022 15:00:35 GMT
Server: Apache
Location: https://www.oldclassiccar.co.uk/photos-cars5/10.jpg
www.picturearchive.co.za/Images/large_1972%252BPlymouth%252BSatellite%252BSebring%252BPlus%252B2D%252BHT%252Bblk%252Bfvl.jpg
400 Bad Request 20 B URL HTTP/1.1 www.picturearchive.co.za/Images/large_1972%252BPlymouth%252BSatellite%252BSebring%252BPlus%252B2D%252BHT%252Bblk%252Bfvl.jpg
IP
ASN #61969 Team Internet AG
File type ASCII text, with no line terminators
Hash 64b3d0bcb16e406cdd665ec49fefb7f1
8da5d8ac9123e50bbd4293b111f6f640f864256b
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
GET /Images/large_1972%252BPlymouth%252BSatellite%252BSebring%252BPlus%252B2D%252BHT%252Bblk%252Bfvl.jpg HTTP/1.1
Host: www.picturearchive.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sun, 27 Nov 2022 15:00:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Blocked: 11015.10
www.blogger.com/dyn-css/authorization.css?targetBlogID=7630409806211872907&zx=0e33d644-de1e-489f-8886-78af17d354ed
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7630409806211872907&zx=0e33d644-de1e-489f-8886-78af17d354ed
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=7630409806211872907&zx=0e33d644-de1e-489f-8886-78af17d354ed HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 27 Nov 2022 15:00:35 GMT
last-modified: Sun, 27 Nov 2022 15:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/1.1 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 15:00:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Connection: keep-alive
Location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
Cache-Control: max-age=86400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRzxubC%2BAubQbSpT59w1l1nW2ltaby3gNSLctvfm%2Fee%2BIR4vhgEeoIfWqTo13LsSCoRHpgwD82fAoLnqBAS8lFlsSOChBODNSxbHYesyxhS3LW2QmE7t3IIcmpFXNjwMrrQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770bbbfaeffa1c0e-OSL
alt-svc: h2=":443"; ma=60
www.carsession.com/news/photos/Fiat/Abarth-695-Tributo-Ferrari-and-500C-Esseesse-heading-to-Geneva-639855521.jpg
301 Moved Permanently 328 B URL HTTP/1.1 www.carsession.com/news/photos/Fiat/Abarth-695-Tributo-Ferrari-and-500C-Esseesse-heading-to-Geneva-639855521.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1f6b979d2198646f0cec47ee4e89eafb
7e1668acc42929cc3901e76ba65849fc15b4fa2b
5215c99d594a6d25c6d203fea60315066ab51ce49f77a8fc038c2519576e8bc2
GET /news/photos/Fiat/Abarth-695-Tributo-Ferrari-and-500C-Esseesse-heading-to-Geneva-639855521.jpg HTTP/1.1
Host: www.carsession.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 15:00:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Location: https://www.carsession.com/news/photos/Fiat/Abarth-695-Tributo-Ferrari-and-500C-Esseesse-heading-to-Geneva-639855521.jpg
Content-Length: 328
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
200 OK 471 B IP
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3677
Cache-Control: max-age=155254
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:08:09 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.blogger.com/img/logo-16.png
200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 04:27:52 GMT
Expires: Wed, 30 Nov 2022 04:27:52 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 07:51:00 GMT
Content-Type: image/png
Age: 383563
1.bp.blogspot.com/-i-1PW8DBdNs/TV4twPRMPeI/AAAAAAAARwA/80hhfPQcS4Q/NewAbarth500_Geneva2011_2.jpg
200 OK 32 kB URL HTTP/1.1 1.bp.blogspot.com/-i-1PW8DBdNs/TV4twPRMPeI/AAAAAAAARwA/80hhfPQcS4Q/NewAbarth500_Geneva2011_2.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 408x321, components 3\012- data
Hash e1e6d4480ceb90239aae2384a9d53b1c
10d435ed200b787a63faf03a1e91412fa1460639
2d0461b07f1ac98770621b4003f6a46e959c38ecfa4ab8232dd0bd549f2477f5
GET /-i-1PW8DBdNs/TV4twPRMPeI/AAAAAAAARwA/80hhfPQcS4Q/NewAbarth500_Geneva2011_2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="NewAbarth500_Geneva2011_2.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 31864
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 15:00:36 GMT
Expires: Sun, 27 Nov 2022 13:23:36 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4700"
Content-Type: image/jpeg
Age: 0
ocsp.digicert.com/
200 OK 279 B IP
Hash d419171701f4e0882ee86bb5c7edf6df
6fbb43bc769b351e3443e9adf2bf627ba5a665b0
610ec78f6471d7e6be1df0e1c63d3f4509710cf96ebe7f48d2488cc24c705bdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158432
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:35 GMT
Etag: "63834373-117"
Expires: Tue, 29 Nov 2022 11:01:07 GMT
Last-Modified: Sun, 27 Nov 2022 11:01:07 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 14:08:54 GMT
cache-control: public,max-age=3600
age: 3102
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.automodellistudio.com/wp-content/uploads/2011/09/RL84Ejaguar-650.jpg
301 Moved Permanently 162 B URL HTTP/1.1 www.automodellistudio.com/wp-content/uploads/2011/09/RL84Ejaguar-650.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2011/09/RL84Ejaguar-650.jpg HTTP/1.1
Host: www.automodellistudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 15:00:35 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.automodellistudio.com/wp-content/uploads/2011/09/RL84Ejaguar-650.jpg
lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html&ref=&l=cars
200 OK 624 B URL HTTP/1.1 lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html&ref=&l=cars
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (624), with no line terminators
Hash ba4781092cd3b2b835f7a1a5d0522d51
d1625fde009c1d0d0d6afd241c667ff3b30d1017
336ceaa50d0f5576815d428d30624d1f1de04ba2b041196cec6580c6085670fb
GET /?if=1&scr_w=1280&scr_h=1024&blog=http%3A//josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html&ref=&l=cars HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 624
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 15:00:35 GMT
server: nginx
set-cookie: sid=3f8568a2-6e64-11ed-9c78-eba879291dc4; path=/; domain=.lostwebtracker.com; expires=Fri, 15 Dec 2090 18:14:42 GMT; max-age=2147483647; HttpOnly
ocsp.digicert.com/
200 OK 280 B IP
Hash 5713d2e0b8362d064e9b5ec51273e7d4
b02074812a380266eef6ca04ce77bf0dfacdfed3
c83c540a8a6ab65094036942762eeff1b3b272f6680ea5c6873cb3e2b2c07374
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=150853
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Etag: "638325d8-118"
Expires: Tue, 29 Nov 2022 08:54:48 GMT
Last-Modified: Sun, 27 Nov 2022 08:54:48 GMT
Server: nginx
Content-Length: 280
www.classictvhits.com/munsters/pics/16_MCarsPhoto.jpg
200 OK 39 kB URL HTTP/1.1 www.classictvhits.com/munsters/pics/16_MCarsPhoto.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 689x498, components 3\012- data
Hash 5149ed30b58f569c4182e01a94ded15c
0714de7576da5e903d9747667c651cd61d42b8a7
56a12488080a91fa4e955490fa4ee095ae8efd983de0c46ce7d7ccceaaa877a1
GET /munsters/pics/16_MCarsPhoto.jpg HTTP/1.1
Host: www.classictvhits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 15:00:35 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 29 Feb 2004 08:40:11 GMT
Accept-Ranges: bytes
Content-Length: 38699
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg
ocsp.digicert.com/
200 OK 279 B IP
Hash 09eed0bd3a013f8e91811e99cbfddd09
ba9625b3fb34a83ea2d9486dbc2320026adc6576
f1cacfe137c2331f0e401a9731a5224db369e2247dd9a1453f80ffb49bbb31b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120606
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Etag: "6382afb2-117"
Expires: Tue, 29 Nov 2022 00:30:42 GMT
Last-Modified: Sun, 27 Nov 2022 00:30:42 GMT
Server: nginx
Content-Length: 279
www.oldclassiccar.co.uk/photos-cars5/10.jpg
200 OK 69 kB URL HTTP/2 www.oldclassiccar.co.uk/photos-cars5/10.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x450, components 3\012- data
Hash b7e9582795fb8a6ca8d8e2113adff679
0cfeac0d0c4b821c083574136a16e9ffb6ca0d72
984a382d384f9bb7f3e6de8ea7c0e1d80ee44cc89c1b6874c06dd53712b6fc16
GET /photos-cars5/10.jpg HTTP/1.1
Host: www.oldclassiccar.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 69346
date: Sun, 27 Nov 2022 15:00:36 GMT
server: Apache
last-modified: Thu, 08 Nov 2007 14:42:20 GMT
etag: "10ee2-43e6bdf8fab00"
accept-ranges: bytes
X-Firefox-Spdy: h2
blog.roadandtrack.com/wp-content/uploads/HAMANN-Fiat-Abarth-front-440x292.jpg
410 Gone 0 B URL HTTP/2 blog.roadandtrack.com/wp-content/uploads/HAMANN-Fiat-Abarth-front-440x292.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/HAMANN-Fiat-Abarth-front-440x292.jpg HTTP/1.1
Host: blog.roadandtrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
x-served-by: cache-bma1649-BMA
date: Sun, 27 Nov 2022 15:00:35 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 5c4d514b6d1917e33e88128089e792ef
306df12e4c3f7bf8c4c471cf11066f3ed4e5d527
d5290573b48044d0abf70e5bba1c3cdfc70d25ed17e1bc7fdd108d8a1d4af4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96520
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Etag: "6382519c-116"
Expires: Mon, 28 Nov 2022 17:49:16 GMT
Last-Modified: Sat, 26 Nov 2022 17:49:16 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2034c4f478581061d113c3cb87e2f362
e9950a76f355c510f0449153fc23f67a9757bbe6
07e5f139ebbc8e61741506be27710036806f9e369c267e80eb9ec12587feab95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhcFLTWDPt%2BRG46zJJRholvhkkrXRxq0y7Ug0gxGXPHwfP2%2BJ5l9%2F8ZNRUovTlsc9u%2BnD%2FUjEarW%2F%2FIi7pB87sEt92YRFvBI68WhadFGAH2I886JuA2I66lW8Gdy%2FFXbxvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbbfe9f54b4fa-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SyZ69/G2RyGC3nnyrI9wBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: taOivtJpBlTPjHnR2/AvG1qG8ZM=
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7630409806211872907%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1566352763432083479%26origin%3Dhttp://josh-morgan-subways-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7630409806211872907%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1566352763432083479%26origin%3Dhttp://josh-morgan-subways-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
302 Found 494 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7630409806211872907%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1566352763432083479%26origin%3Dhttp://josh-morgan-subways-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7630409806211872907%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1566352763432083479%26origin%3Dhttp://josh-morgan-subways-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (547)
Hash ea383ca42d483736ec2e75ffdd5b733a
364561ecb11706746b596d555093a42ae0db6229
d9304fce7113c4d37fd1e6c45df0472501b69cec44fc8ac04f86a76a11a5ad5e
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7630409806211872907%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1566352763432083479%26origin%3Dhttp://josh-morgan-subways-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7630409806211872907%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1566352763432083479%26origin%3Dhttp://josh-morgan-subways-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 27 Nov 2022 15:00:36 GMT
location: https://www.blogger.com/followers.g?blogID=7630409806211872907&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=1566352763432083479&origin=http%3A%2F%2Fjosh-morgan-subways-news.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-y-KF0L8UIuptTnc0uxfZgA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 494
server: GSE
set-cookie: __Host-GAPS=1:jK1wh7WH18XGhDUlVxeyOnM7bkh7-g:xC37fdrT2pMKZDjw;Path=/;Expires=Tue, 26-Nov-2024 15:00:36 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1f6130d3c3ef41ef19685fcc866c2571
ddb57d24b7e2d74e9313e3438c9028e2d106769e
4827958a9ed77991c5318fd6ff8398a1794a24fd77dd1d6ce873cada58d5b44f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4827958A9ED77991C5318FD6FF8398A1794A24FD77DD1D6CE873CADA58D5B44F"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7635
Expires: Sun, 27 Nov 2022 17:07:51 GMT
Date: Sun, 27 Nov 2022 15:00:36 GMT
Connection: keep-alive
www.luanpa.net/wp-content/uploads/2009/12/Ferrari_458_Italia_6.jpg
200 OK 195 B URL HTTP/1.1 www.luanpa.net/wp-content/uploads/2009/12/Ferrari_458_Italia_6.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7d00f87951d379da392db12403068e54
74baae77d37de5af0a27bc39468de17a9781cbe4
e82e45f56a30bbbad77168efb70378156ba6399de361917b86214cf6f0e83dd7
GET /wp-content/uploads/2009/12/Ferrari_458_Italia_6.jpg HTTP/1.1
Host: www.luanpa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 15:00:36 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 195
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.carsession.com/news/photos/Fiat/Abarth-695-Tributo-Ferrari-and-500C-Esseesse-heading-to-Geneva-639855521.jpg
403 Forbidden 302 B URL HTTP/2 www.carsession.com/news/photos/Fiat/Abarth-695-Tributo-Ferrari-and-500C-Esseesse-heading-to-Geneva-639855521.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d1ca52d88ee52bae1690d87e7dc153ed
ed6949fe290cbfc04504e08336907e70ef928fed
384819d1dbc66f5dad9ecd34b1da357e8441adc2fdf8e8b6440da6c033971473
GET /news/photos/Fiat/Abarth-695-Tributo-Ferrari-and-500C-Esseesse-heading-to-Geneva-639855521.jpg HTTP/1.1
Host: www.carsession.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 27 Nov 2022 15:00:36 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-length: 302
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 27 Nov 2022 15:00:36 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+514; expires=Tue, 26-Nov-2024 15:00:36 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 15:00:36 GMT
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f2b8bf83f75690c9d2da9e445ff1655
ecea785ffc7b950b066d19041fa4f44ca70f09b3
dd29b564c92c440e41ca193a722c8113a17fd9094ac76a0b9da6850ade861ee4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD29B564C92C440E41CA193A722C8113A17FD9094AC76A0B9DA6850ADE861EE4"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Sun, 27 Nov 2022 20:59:46 GMT
Date: Sun, 27 Nov 2022 15:00:36 GMT
Connection: keep-alive
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjDbUuFvuSlIf96FQTmC5x5viN9fTvRwqQ9irAOd1DrmUxs4i2EyMXG9D5aPshsr%2FI6F0WByo7ZYWoMrQh0VQDA4G1n%2FGC9DxiKtkaDQWgccfyVUe4hRAqc42qW1ROwzrOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc0089dab4fa-OSL
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2978
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 27 Nov 2022 15:00:36 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+840; expires=Tue, 26-Nov-2024 15:00:36 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 15:00:36 GMT
X-Firefox-Spdy: h2
www.donrickertdesign.com/images/2008/07/21/alycen_and_mini.jpg
200 OK 42 kB URL HTTP/2 www.donrickertdesign.com/images/2008/07/21/alycen_and_mini.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 500x371, components 3\012- data
Hash b1d695a7188ae4b890f49581fa1f2878
e558d47447115b2935af4e20a03f6e981921ec63
a3ce974fb81427d5431082a2bd1b4eb5159daf12b72efe89d07d5166a08611cc
GET /images/2008/07/21/alycen_and_mini.jpg HTTP/1.1
Host: www.donrickertdesign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: image/jpeg
content-length: 42173
cache-control: public, max-age=7200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=43012, status=vary_header_present
content-disposition: inline; filename=alycen_and_mini.jpg
last-modified: Tue, 22 Jul 2008 03:12:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: cookie, Accept-Encoding
via: 1.1 varnish
x-content-type-options: nosniff
x-phapp: oak-tp-web082
x-vserver: oak-tp-cache007
x-varnish: 1576927062 1576895936
x-webserver: oak-tp-web082
cf-cache-status: REVALIDATED
expires: Sun, 27 Nov 2022 17:00:36 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 770bbbfdcce2b50c-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnB%2FgeSFG9qM0S2eZNxRGT85ESamjT8bvF7vWclr8GbytVI9%2Bn9wg7tuvxIgrdnKbms4i70FH5zqas0gSqBVSh8FEbBeNvG0M2Yr46HSE%2B1kC1VqyyBPcfhZat3xiqlZa6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc00ba03b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRQYzuulUcuHZDPUwz7n3Gt98bC62Xea%2BxWq%2Bkj849ZRPODmDxkZGHjVfBZRYEkJAeFa7cID0KFuZC6RjyWglfspYjKR4GHNEdqIc0YfkTa5LafH%2B5dbo3ihsVHgrA5iDg0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc00ca17b4fa-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNCYv97%2BDaq7aKhgNXj6wv%2B%2FxM%2BAL%2FZs72cYh%2Fkv%2FRIni%2Bd3HitQDcS4HMv8aEA%2FExONo1U16SrURwJfNIS3rDBH%2Fj3B2t5wuxSrhETFUZ1UhVRaKkhPvWWZwxtGel1FMI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc00fa4fb4fa-OSL
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 27 Nov 2022 15:00:36 GMT
date: Sun, 27 Nov 2022 15:00:36 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk%2BpDsntQ5DBd0DQKbSWx6Wd9I4PGzt2pBobBOvyCd39%2BZ3jcUE6hwrWn1tn00OJK6NeKaP%2FCxWkzvzaBJh09zh8aDUmSZneGYZLDo8KTg71oOvuoSvWAhloY0TIBpg83bQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc011a7eb4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NMqRCbo8KWjbDj4%2F8Ad9YBOcaWVPIhVN9oMt0OHQOcZEraWVV6hhC973mtXMcs%2BKuPMED3CWa5oeOGP8XzTcpR8iuv4g0AYnbKn95uNILZ1sG0hkUAkelfAVZlDesOdmsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc015ae6b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmtGPwgzK4Jbn79PeBWJA%2Fl8wq3LOK5Ww4S7DHlpDj3BMaUsbIhrtyVjnKDZ0QhJxTpIl5FFlCtvEFC5KtlAv7sha%2FfqiRbDUqSWutHs8Cy82ylTLBicx5bUlk4tnkn6BEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc016b06b4fa-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzfQyybQpKjugEGaT4z2x%2Fbe0BkOZ%2FOfp3Uz6mMNAI8K6avA89RQmHwMr24LHbG7R5MJT1reupGGMXVL8RyJZOqMEB3%2FA6XRyccg5kcjGOphksDPonUo2Ania22MrdqhTIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc019b27b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAZC01nsZU0FpvVptKvENKF%2F6kUNxTCYFRoKEEs8s2zHlDeSc0feTHrfM0S7CyhJa6MySkg5WC1S0T2Gt1N3uvqr0b6SeOixKk5QvYYxcR5D6kAKLc6OyEbgVyWJbHehl2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc01ab4ab4fa-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 63272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=probRHBdE6kfeNXZZ%2FV5JaT4fXa%2F6HqMh7gPe0IjwyJK5yYTTyWqozZm5qNfVuFzKzJkc%2BTiTaCd0rn1T6xpKAYvm%2BMFJWvxOY5qUR0pxzWeGpYR42Z443EwCLL6p%2FvxvrI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc020bbdb4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZsWa%2BizCVSEu7C4bPpgoaxV6FXUm%2BOItoeBrlTLmD598Ywb0H5xtaqaF0UBQvPo2G68O5xLzTIvJKvyaEtL5ZcE39dKa9nRNzxJNQPi0SQli257bhLmeYJ203G08Nu68gs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc023c06b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7HgDv93MgCMvfqfBM6xroSHLgOFSbWacEBpCzWxjeq%2Fp1Um4A9ZPXo6xfeQgHzLIAYYjZBVrfsi8rREfWg4esLLYdMJuDruN9VfW4vlJYVkC4isYQ2vnDYHzQJwKhkb2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc025c2ab4fa-OSL
X-Firefox-Spdy: h2
www.automodellistudio.com/wp-content/uploads/2011/09/RL84Ejaguar-650.jpg
200 OK 27 kB URL HTTP/2 www.automodellistudio.com/wp-content/uploads/2011/09/RL84Ejaguar-650.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 650x387, components 3\012- data
Hash 73322dbd3196401f47d2f1c1e3c342fd
2a108df376f719b99bbb86d57ab572394df6343e
2063ebce9773b06aa6171a40939764161a8b92ba00b455632cc7ac354ff85162
GET /wp-content/uploads/2011/09/RL84Ejaguar-650.jpg HTTP/1.1
Host: www.automodellistudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: image/jpeg
content-length: 26874
last-modified: Thu, 15 Sep 2011 08:24:36 GMT
etag: "4e71b644-68fa"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atnNsOLNIJB2L3TRPlgdIIpfLZPhqQDpb59w8gYUEboNKXh89Hd8cGJkCspe%2FGKqFW3RpX8AQ%2FOznZ%2Bd%2Fkaz97WryNsgocSUMdPOdlX41B0aylpdbqTwdpi%2FlTIdaD35Zs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc026c45b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opE5kkJAyXJUOAGYTH8wtE1utZqZ7OrwXo0vhhGPAVYKRZtfHrQVWhQF9AAAc4VWs8ac%2Bh3iVEOlIox9WOA%2B2BfrzK1qrp1Gx%2F4La%2B%2BqdRqz9JImcevp1rnX9wRGTzkLI%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc02bce8b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnEbvOvWsa%2FhC%2BVwhl92O4ymCyI1zKlMFVU2XzeTQN5pZDOwgwRW%2FgYyT5FUCblQQ%2BoMde8AdYJQ%2BlU86HkqoV2ahthB0okVuRWZ2KBcA0dkgSUPd977s6YatNYje3TLvmA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc02dd03b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx4RciwDC5fQsdpd9fEF8h8ejkzKfn5H5RcimfI%2BghGs2PrVbe4JuhEUQapaulLG%2Fqqho%2Fek7%2F%2BynZJfhFBnkfKDF2mJ492nTKvtLFD6UDlC36T%2FXGjE8n5lT2k65Oz1xas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc02fd29b4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evZSKGKO0Nq98hOuU5g2nk7etS6LIfOPQvH93fTYYu1YGwFDLLSJAXAAPxbpxyKzfMSwgYu8x7lrVMl3hOm%2FCGuRdFDbtzdcb1aPVdk3e24%2FUHNoEmnn%2BrjrmNAaRbkoNLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc030d3eb4fa-OSL
X-Firefox-Spdy: h2
www.motorera.com/corvette/1970/1971/71black1.jpg
301 Moved Permanently 264 B URL HTTP/2 www.motorera.com/corvette/1970/1971/71black1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 426b8f8a73da53db8a48dab8b07998c0
8e42fb888701e881380ea9c731a4f05f8d1744f5
af2371138af19b39ff9076dcdaba0ee7d08051cd512df29e871369240077bc6b
GET /corvette/1970/1971/71black1.jpg HTTP/1.1
Host: www.motorera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 264
location: https://www.motorera.com/corvette/1970/1971/71black1.jpg
cache-control: max-age=86400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnhPQqVyinhix%2FCm9XrxkL7CHWPflkkemobUXN5N3mXpG19zPMaegymCkD%2FJ7tJs5dPhq60WG3NiDh%2BNbFO6KyoArJG5%2FecPZkdlggzJzeD8iswM8gmXpuY9C3C%2Bp6iWvoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbc032d6fb4fa-OSL
X-Firefox-Spdy: h2
oldcarandtruckpictures.com/Pontiac/1950_Pontiac_4_Door_Fastback-nov7a.jpg
200 OK 95 kB URL HTTP/1.1 oldcarandtruckpictures.com/Pontiac/1950_Pontiac_4_Door_Fastback-nov7a.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Hash 85e516af18ab00e33cf2bd6f03aa78c6
d2313404299b238eb7b6cdb24a8d99599af5faf4
2d04e3d5b5a6a92318cf6806a14a961afc6d083ad9a09b6a18b0bf8c97d3cb7d
GET /Pontiac/1950_Pontiac_4_Door_Fastback-nov7a.jpg HTTP/1.1
Host: oldcarandtruckpictures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 15:00:36 GMT
content-type: image/jpeg
last-modified: Sun, 04 Sep 2016 16:41:49 GMT
accept-ranges: bytes
content-length: 94592
date: Sun, 27 Nov 2022 15:00:36 GMT
server: LiteSpeed
ocsp.digicert.com/
200 OK 279 B IP
Hash 09eed0bd3a013f8e91811e99cbfddd09
ba9625b3fb34a83ea2d9486dbc2320026adc6576
f1cacfe137c2331f0e401a9731a5224db369e2247dd9a1453f80ffb49bbb31b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120605
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:37 GMT
Etag: "6382afb2-117"
Expires: Tue, 29 Nov 2022 00:30:42 GMT
Last-Modified: Sun, 27 Nov 2022 00:30:42 GMT
Server: nginx
Content-Length: 279
cdnclassics.chevelles.net/feature/Bortolotto.jpg
404 Not Found 16 kB URL HTTP/2 cdnclassics.chevelles.net/feature/Bortolotto.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c76ea60a942bf8d1b505f47cedf9fa6b
323040115a1e2332393985906dccb66540108aef
3b9c0db70c905cceb6a0b3c1bca1d913ec3a064c049ffed5ebf59ec25278b411
GET /feature/Bortolotto.jpg HTTP/1.1
Host: cdnclassics.chevelles.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 15:00:37 GMT
content-type: text/html; charset=iso-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: EXPIRED
expires: Sun, 27 Nov 2022 19:00:37 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=9j5MouBvowSC6N6yCOVHNtkhg79DIncZkwdLg4BC66s-1669561237-0-AeLqTpfvsAoix52ZSSieV7nybETGkjTvOA0GqQM37nMgBWLdjYMNdUj2X3WzfwtYxkpYnw3ztG/Z3CI18lFO+dQ=; path=/; expires=Sun, 27-Nov-22 15:30:37 GMT; domain=.cdnclassics.chevelles.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770bbbfdfb82b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 234861
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
josh-morgan-subways-news.blogspot.com/favicon.ico
200 OK 412 B URL HTTP/1.1 josh-morgan-subways-news.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: josh-morgan-subways-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Sun, 27 Nov 2022 15:00:37 GMT
Date: Sun, 27 Nov 2022 15:00:37 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sun, 09 Oct 2022 08:30:53 GMT
ETag: W/"97c847b7adf348816894aa6254db54b6e6318244814f76b192c4f8ec3990039d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
lostwebtracker.com/?blog=http%3A%2F%2Fjosh-morgan-subways-news.blogspot.com%2F2011%2F10%2Fabarth-695-tributo-ferrari-and.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTU2ODQzNSwiaWF0IjoxNjY5NTYxMjM1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2xuaTY5aHZwNGpqc2pqcDQwb2Z0ZTciLCJuYmYiOjE2Njk1NjEyMzUsInRzIjoxNjY5NTYxMjM1OTkwNzMyfQ.XOq4kyhtJE0o3RUOdzvREpLAbicqwO0djTsTQVaBtEE&l=cars&ref=&scr_h=1024&scr_w=1280&sid=3f8568a2-6e64-11ed-9c78-eba879291dc4
302 Found 11 B URL HTTP/1.1 lostwebtracker.com/?blog=http%3A%2F%2Fjosh-morgan-subways-news.blogspot.com%2F2011%2F10%2Fabarth-695-tributo-ferrari-and.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTU2ODQzNSwiaWF0IjoxNjY5NTYxMjM1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2xuaTY5aHZwNGpqc2pqcDQwb2Z0ZTciLCJuYmYiOjE2Njk1NjEyMzUsInRzIjoxNjY5NTYxMjM1OTkwNzMyfQ.XOq4kyhtJE0o3RUOdzvREpLAbicqwO0djTsTQVaBtEE&l=cars&ref=&scr_h=1024&scr_w=1280&sid=3f8568a2-6e64-11ed-9c78-eba879291dc4
IP
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?blog=http%3A%2F%2Fjosh-morgan-subways-news.blogspot.com%2F2011%2F10%2Fabarth-695-tributo-ferrari-and.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTU2ODQzNSwiaWF0IjoxNjY5NTYxMjM1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2xuaTY5aHZwNGpqc2pqcDQwb2Z0ZTciLCJuYmYiOjE2Njk1NjEyMzUsInRzIjoxNjY5NTYxMjM1OTkwNzMyfQ.XOq4kyhtJE0o3RUOdzvREpLAbicqwO0djTsTQVaBtEE&l=cars&ref=&scr_h=1024&scr_w=1280&sid=3f8568a2-6e64-11ed-9c78-eba879291dc4 HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//josh-morgan-subways-news.blogspot.com/2011/10/abarth-695-tributo-ferrari-and.html&ref=&l=cars
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 27 Nov 2022 15:00:36 GMT
location: http://ww1.lostwebtracker.com
server: nginx
set-cookie: sid=3f8568a2-6e64-11ed-9c78-eba879291dc4; path=/; domain=.lostwebtracker.com; expires=Fri, 15 Dec 2090 18:14:44 GMT; max-age=2147483647; HttpOnly
ww1.lostwebtracker.com/
200 OK 1.1 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1500), with no line terminators
Hash 9a2179992a8060dfcf7aba57e56c740d
c6125564c5a56a3c96c34d4f34bdf67c7c9ec3a1
fe34345f6a8bd51d101a7ee5e6c922ab71ac230dc47f6f4ebf99e1d73a1ad17e
GET / HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lostwebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=3937baa3-741b-bee6-97bb-235f3d8fc3fd; expires=Sun, 27-Nov-2022 15:15:37 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BTQ6cSsBQzLx3zBKetgSI8dHJVb2L9mBW1+HHXyOs7F+LjgjF6WXL5MdfkDCqaVLcplk0r1fWKREvuM8z2Q0qQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/js/parking.2.100.2.js
200 OK 22 kB URL HTTP/1.1 ww1.lostwebtracker.com/js/parking.2.100.2.js
IP
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 239c79e8ead12ade233b4b98f3a1d68d
ebb33fbc73ffa07c517270874bef61576c7aecf6
148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
Analyzer Verdict Alert fortinet Phishing
GET /js/parking.2.100.2.js HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:37 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 14 Nov 2022 17:45:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Sun, 27 Nov 2022 15:50:51 GMT
Date: Sun, 27 Nov 2022 15:00:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Sun, 27 Nov 2022 15:50:51 GMT
Date: Sun, 27 Nov 2022 15:00:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Sun, 27 Nov 2022 15:50:51 GMT
Date: Sun, 27 Nov 2022 15:00:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Sun, 27 Nov 2022 15:50:51 GMT
Date: Sun, 27 Nov 2022 15:00:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 64939
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 61740
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 47629
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 61829
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GT3Futv4Ztnl2Og2TQFk5311m92Mv_jfvkIZYJXpjJMdkxSB6MI06g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 06:42:16 GMT
age: 29901
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 61736
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww1.lostwebtracker.com/_fd
200 OK 2.1 kB URL HTTP/1.1 ww1.lostwebtracker.com/_fd
IP
File type ASCII text, with very long lines (4109), with no line terminators
Hash 97172af003af3422416306fcace6c268
dabc1019eab70e8a73344ae804514aeef78d9ced
1c208514ed44bb5255483d7337d473dc9c52c1c43598d8cdc15bb8eb18ed9244
Analyzer Verdict Alert fortinet Phishing
POST /_fd HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 27 Nov 2022 15:00:37 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=9cfde617-57ce-499f-a274-ba8f0de8633f; expires=Sun, 27-Nov-2022 15:15:37 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/px.gif?ch=1&rn=2.0888858908780383
200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=1&rn=2.0888858908780383
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=2.0888858908780383 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:38 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww1.lostwebtracker.com/px.gif?ch=2&rn=2.0888858908780383
200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=2&rn=2.0888858908780383
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=2.0888858908780383 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:38 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash ab1acb76dd408583614a7a6cedf41866
e2d2d7074479023d37474ab62755b658d22d4ab1
8622edbe2503910e3cbeecef073a09e662fd2507436c3aabf885d155afd96565
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 00:27:52 GMT
expires: Sun, 27 Nov 2022 23:27:52 GMT
cache-control: public, max-age=82800
age: 52366
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
200 OK 278 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Hash bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 08:41:06 GMT
expires: Mon, 28 Nov 2022 07:41:06 GMT
cache-control: public, max-age=82800
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
age: 22772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 402cbe860d64ae2e13145e34cbc7889c
7af4691dc306b7583365b9ff2ead0c1f6db017c5
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa
GET /s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:54:17 GMT
expires: Fri, 24 Nov 2023 21:54:17 GMT
cache-control: public, max-age=31536000
age: 234381
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Michroma&display=swap
200 OK 54 kB URL HTTP/2 fonts.googleapis.com/css?family=Michroma&display=swap
IP
Hash b9a39b69ce576104d498c5f3b5bba8cb
fe5158b0e4cef91c3f49e4c4c5bbceff57d18f40
9c7b5be52e220c67426b769e5987c7ac5d8b69aaface99c46e7c87c989eb545c
GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 15:00:38 GMT
date: Sun, 27 Nov 2022 15:00:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.lostwebtracker.com/
200 OK 1.1 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1504), with no line terminators
Hash 26c1d5f8a1c1dc48b60482bb4c64066b
cc63c089f5b334701d4d82ac43d51106ae7bd17c
d476ba5e1664854d3ad7ee76fc9c37d7eac756c78e02071282821753b4075cd2
GET / HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199; expires=Sun, 27-Nov-2022 15:15:38 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BTQ6cSsBQzLx3zBKetgSI8dHJVb2L9mBW1+HHXyOs7F+LjgjF6WXL5MdfkDCqaVLcplk0r1fWKREvuM8z2Q0qQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/js/parking.2.100.2.js
200 OK 22 kB URL HTTP/1.1 ww1.lostwebtracker.com/js/parking.2.100.2.js
IP
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 239c79e8ead12ade233b4b98f3a1d68d
ebb33fbc73ffa07c517270874bef61576c7aecf6
148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
Analyzer Verdict Alert fortinet Phishing
GET /js/parking.2.100.2.js HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:38 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 14 Nov 2022 17:45:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/_fd
200 OK 2.7 kB URL HTTP/1.1 ww1.lostwebtracker.com/_fd
IP
File type ASCII text, with very long lines (5369), with no line terminators
Hash 8fa208da675dbec1936e06eae3ae4b01
d6ba5be5c96224458864a6859bed367ec6ab79f0
9f6fd50f8eddb28a1dfacd84a1e71ec93122ac3276c91e6aa680ae7254ef6835
Analyzer Verdict Alert fortinet Phishing
POST /_fd HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 27 Nov 2022 15:00:38 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199; expires=Sun, 27-Nov-2022 15:15:38 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/px.gif?ch=1&rn=6.292901947544342
200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=1&rn=6.292901947544342
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=6.292901947544342 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:39 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww1.lostwebtracker.com/px.gif?ch=2&rn=6.292901947544342
200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=2&rn=6.292901947544342
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=6.292901947544342 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:39 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.lostwebtracker.com/favicon.ico
200 OK 0 B URL HTTP/1.1 ww1.lostwebtracker.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 27 Nov 2022 15:00:39 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-22.ec2.internal
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ww1.lostwebtracker.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie
200 OK 185 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww1.lostwebtracker.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie
IP
File type ASCII text, with no line terminators
Hash a01c5092d43f7eee0659b10db44d9569
9d48f411f27f0a5cb498f4b6890ff0565e1b10b7
7218f5f5a4cf915d5f56e71d4dab0d4040d265f1c1db34712c1a33593baee5ca
GET /gampad/cookie.js?domain=ww1.lostwebtracker.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 27 Nov 2022 15:00:39 GMT
server: cafe
cache-control: private
content-length: 185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
200 OK 55 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP
Hash 83436b7e6fdeba261e082c600ff37034
0a5bd9ac678f59c387f5720db73ed111a22f6139
26e51ce7a3d42f2b39dad6d08a2ffed504400b42c0826d8694a42df6e673d2a2
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sun, 27 Nov 2022 15:00:39 GMT
expires: Sun, 27 Nov 2022 15:00:39 GMT
cache-control: private, max-age=3600
etag: "5691164722343775337"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 15:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Michroma&display=swap
200 OK 552 B URL HTTP/2 fonts.googleapis.com/css?family=Michroma&display=swap
IP
File type ASCII text, with very long lines (390)
Hash 3ae821533645aa6e503e21990703c050
7f98fde15e93e75afad6c3b8738e9d6ae7e53e46
2cad3d8109f565218b15713f3c3992b8301f949fc73dd8b28b8bb2a41887350f
GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 15:00:39 GMT
date: Sun, 27 Nov 2022 15:00:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
200 OK 278 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Hash bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 08:41:06 GMT
expires: Mon, 28 Nov 2022 07:41:06 GMT
cache-control: public, max-age=82800
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
age: 22773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 402cbe860d64ae2e13145e34cbc7889c
7af4691dc306b7583365b9ff2ead0c1f6db017c5
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa
GET /s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:54:17 GMT
expires: Fri, 24 Nov 2023 21:54:17 GMT
cache-control: public, max-age=31536000
age: 234382
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13888, version 1.0\012- data
Hash 099548fac114f5f6498c5c75b943581d
7505fcaf9f4fe36634352b322a9f5fed1256a9f6
e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05
GET /s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:55:46 GMT
expires: Tue, 21 Nov 2023 21:55:46 GMT
cache-control: public, max-age=31536000
age: 493493
last-modified: Mon, 18 Jul 2022 19:12:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ww1.lostwebtracker.com/_tr
200 OK 22 B URL HTTP/1.1 ww1.lostwebtracker.com/_tr
IP
File type ASCII text, with no line terminators
Hash 5cfde9b47de2d84bd26fc473632647c0
fd53c70631b6068328be57daec71bd94bf004d41
47fd05ef74fef5da03fa22483e63fc977cad8e026ae41dadbbcc3745907f306b
Analyzer Verdict Alert fortinet Phishing
POST /_tr HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Content-Length: 2153
Connection: keep-alive
Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199; __gsas=ID=8f2581483e050977:T=1669561239:S=ALNI_MbVNSka3VQhimI_UApBJ0YDrydhlg
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 27 Nov 2022 15:00:39 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=24fef1e7-04cd-0a62-df43-92e410653199; expires=Sun, 27-Nov-2022 15:15:39 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
driving-dutchman.com/wp-content/uploads/2011/04/Abart-Tributo3.jpg
200 OK 0 B URL HTTP/1.1 driving-dutchman.com/wp-content/uploads/2011/04/Abart-Tributo3.jpg
IP
GET /wp-content/uploads/2011/04/Abart-Tributo3.jpg HTTP/1.1
Host: driving-dutchman.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://josh-morgan-subways-news.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 15:00:35 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Server: Apache/2.4.25 (Debian)
X-NoCache: 1
X-Varnish-Host: ip-172-16-1-50
X-Varnish: 93415864
Age: 0
Via: 1.1 varnish (Varnish/5.0)
Accept-Ranges: bytes
www.bnamodelworld.com/images/medium/st27/ST27-TK1243_MED.jpg
404 Not Found 0 B URL HTTP/2 www.bnamodelworld.com/images/medium/st27/ST27-TK1243_MED.jpg
IP
GET /images/medium/st27/ST27-TK1243_MED.jpg HTTP/1.1
Host: www.bnamodelworld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://josh-morgan-subways-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 15:00:36 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPMYhyZk7iKl8oltcEG3hVZzIhNw1gbik%2FH98WprfiQH4TbMZvmqrim%2FOBzNzsFB1wcojTzPHYUsbL%2FfHszICLGxcJ8%2BOkKg5cXv5krt2qkWK2%2Fot4ULU%2FIEnVzN4pmUjvjVWywyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770bbbfd7be1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
142.250.74.161
217.160.0.4
192.81.170.3
93.184.220.29
104.18.139.190
23.36.77.32
151.101.84.155
34.240.216.169