firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 17:07:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D-z0_CeMzV8Ogyc-v-XIb0ChyoZRuUdY1xeGSsVzFd8T-Sk0Z2SxnQ==
Age: 3541
nelson-yersblogrichards.blogspot.com/2022/05/protists-are-best-described-as-which-of.html
142.250.74.161301 Moved Permanently 227 B URL HTTP/1.1 nelson-yersblogrichards.blogspot.com/2022/05/protists-are-best-described-as-which-of.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1400d1da99bd4a0a2a3d1e7f8e271693
781ae4fb639219c523804c4bf4e643161dcc8e2e
37fda9905ffb444179fc95701116ad7d64e15389fb2a22e02e2989dcfc97e8dc
GET /2022/05/protists-are-best-described-as-which-of.html HTTP/1.1
Host: nelson-yersblogrichards.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://nelson-yersblogrichards.blogspot.com/2022/05/protists-are-best-described-as-which-of.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 11 Sep 2022 18:06:44 GMT
Expires: Sun, 11 Sep 2022 18:06:44 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 227
Server: GSE
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13323
Expires: Sun, 11 Sep 2022 21:48:47 GMT
Date: Sun, 11 Sep 2022 18:06:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kD5R4LKG3SHOwMXqOVHzUaJ_j2oHCKelobp9UXJHGX4b1BKx48m4aQ==
age: 38972
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d0ea6bf4cc7ee5b4483912776c47dacc
bd1333224cc1beead423969ce903b4a67c13bbf8
46521d14873cd9553052ab9bd601d74ca8278f44d97e3964ff7681b938d953eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 18:06:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 17:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 18:19:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vG_8ME2LWEhEdh10eiNpwlIUaQDWBO8A13nuiJe0m47lC3DbWlqnbg==
Age: 638
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d0ea6bf4cc7ee5b4483912776c47dacc
bd1333224cc1beead423969ce903b4a67c13bbf8
46521d14873cd9553052ab9bd601d74ca8278f44d97e3964ff7681b938d953eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nelson-yersblogrichards.blogspot.com/2022/05/protists-are-best-described-as-which-of.html
142.250.74.161200 OK 49 kB URL HTTP/2 nelson-yersblogrichards.blogspot.com/2022/05/protists-are-best-described-as-which-of.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (474)
Hash 3d82021abd86f105e93905237e302738
5023a48a7fa6f623083ef3bdb75bae04ba40e1f8
9f3f605153cb9e86000d888dae35ffe7a4f1840707b662025f6d3b3801008efa
GET /2022/05/protists-are-best-described-as-which-of.html HTTP/1.1
Host: nelson-yersblogrichards.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 11 Sep 2022 18:06:45 GMT
date: Sun, 11 Sep 2022 18:06:45 GMT
cache-control: private, max-age=0
last-modified: Mon, 01 Aug 2022 21:08:25 GMT
etag: W/"9a2435cfd9e4edef8e4218321817cb9a2d834555ac609e65698035b598e93f0f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 49208
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
104.17.24.14200 OK 9.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (54998)
Hash 2b0f6842c4954ea1ac87e102c86b46d6
b2347b42e69fbf8a8f42f55a41e988f93047db9e
d28ca638cc83a512bd0cea5d91ff833b6109fabebecdef0a58e8226c8f21adbf
GET /ajax/libs/font-awesome/5.8.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:45 GMT
content-type: text/css; charset=utf-8
content-length: 9802
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-d78f"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3803461
expires: Fri, 01 Sep 2023 18:06:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=va1vCTPWawU8NdokKf46Cblv%2FfYQxUUEnHJ1GhEGa1P%2FabJJakc%2B02mHT8iqvw2F0bhawX2te3eyO07HbZCOYq6xk7XZI7b1hZRzX%2BvhLAT%2BmcoaCaEquXzxe4XG0fPvNVepa4gZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749256ceec79b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5963630
expires: Fri, 01 Sep 2023 18:06:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOXypK5Z3BefP3ZIJMqlRytn6iIpY7IrjkpIXzERhTanOR8C0dAjKg8c4sOHFknUq0uZwO2%2BsUrHgPZf22MZF0E1bEgWuTM23v6B5JeJrrPuOy8dpuFahybcw4cEdwxbBVE7VzNb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749256cf4d5cb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2
104.17.24.14200 OK 74 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 74328, version 329.-17695\012- data
Hash 64b3e814a66c2719b15abf8f7998bd73
fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
GET /ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:45 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 74328
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-12258"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8358880
expires: Fri, 01 Sep 2023 18:06:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TuTfB4377Bc%2FUzxq%2B2b5sdtDCoIQQDQbLw7VpZPVnJ8AEo8vqLjdxOguyAxHNnaLNWNnhDJTHtTF0J4vUtpSqmtrKVk%2BOvkIfj%2BtHG72XiH9Ji8PnxdKTJJEHvj%2BO32tHfX%2BUAU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749256cf6d8db524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b134f2125f2430cece17a69bb4a2711
f9ccd650a51a65fdb5472fccb8d936dde79fe93a
8e0c0e4fb61c38c1330cd65f4daa2218fd9184ac04c767098b973ecbd5f83700
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4807
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Last-Modified: Sun, 11 Sep 2022 16:46:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
216.58.207.201200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 14:54:37 GMT
expires: Sat, 09 Sep 2023 14:54:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 15:01:24 GMT
content-type: text/javascript
age: 184328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2
104.17.24.14200 OK 75 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 74656, version 329.-17695\012- data
Hash 9f4ce3dc689981a1b87faab0f5484f9e
1b33b1246610585c440e464b04df64cf0cea1dca
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
GET /ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:45 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 74656
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-123a0"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 865327
expires: Fri, 01 Sep 2023 18:06:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd3ITVd16DMB5BYPDS12Do58KejwjkRZBWZiSljl95n0%2F3vZwVff3RLYeWO4suygrIiN%2FhQz94i3X8TaQ6%2BT8Ekj6ISDerVn6fxOZltfd7%2Fc%2BsnMfMc3tNufkKNykq%2BvonRB%2Fa2C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749256cfbdfeb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-regular-400.woff2
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-regular-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 329.-17695\012- data
Hash 7980a6361c25b4665dbbe92d4488783c
22516802ef9ac878298519c18ffab11769ee6cd7
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af
GET /ajax/libs/font-awesome/5.8.2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:45 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13584
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-3510"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5773959
expires: Fri, 01 Sep 2023 18:06:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpW%2FIa9mAHA1EEjOKpR8ZEhUBSCA1yQ1H5NTlDhUQgIQra55e0Yr0WLMpn641nuWtLxv7puvXL768mnSRUTTKXsAyaCjVVp5ij%2BfI%2FTdmxixuQeU5LN7l37OFlLnZAW6SzBi%2FdSj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749256cfce16b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3753684042-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3753684042-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 9310029f33929201831992bd74c13953
092fc9b60b0fcc7e24b80eb89f40178e91effb98
ed0ad17efb3c922e7bc8feffa0a5718d2ad226c44f2bb183b6ad163684f3b982
GET /static/v1/widgets/3753684042-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57039
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 01:53:39 GMT
expires: Fri, 08 Sep 2023 01:53:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 22:51:39 GMT
content-type: text/javascript
age: 317586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 19:50:06 GMT
expires: Mon, 04 Sep 2023 19:50:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 598599
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22336, version 1.0\012- data
Hash 2ecb426f85ffc1c53b677556210e629f
ad9850819763f79ddc8e1edb97609acbb5f1c28d
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 16:10:36 GMT
expires: Sat, 09 Sep 2023 16:10:36 GMT
cache-control: public, max-age=31536000
age: 179769
last-modified: Mon, 22 Jul 2019 19:22:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21244, version 1.0\012- data
Hash 78773521b0ffe376bc7edd8ec2a591fb
298df2fcb48b2e9b51e81a6e12d5529835204e29
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
GET /s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:50:06 GMT
expires: Fri, 08 Sep 2023 16:50:06 GMT
cache-control: public, max-age=31536000
age: 263799
last-modified: Mon, 22 Jul 2019 19:21:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5f137902618b69cb5009f804d05f41a5
7fd17db0ee59063fad57bd86e127f9419b1eb6ca
1266c38381304388041507749390e9adb4435d136d799b5a64879ab2948a9a02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22184, version 1.0\012- data
Hash 5a2c789b59571ce97f51f9c75600f49b
4cc6f3da8e778609a8f7105618eb649d27b7fafe
2c78829309a448aea34fab52316dae24c72769ff800289c98760416c8fa77d7c
GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 13:11:14 GMT
expires: Sat, 09 Sep 2023 13:11:14 GMT
cache-control: public, max-age=31536000
age: 190531
last-modified: Mon, 22 Jul 2019 19:21:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v10/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v10/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22100, version 1.0\012- data
Hash ee9f23730618d80fcb96905621eb5155
34c698826dd9fa28d707092a79fd4265ced51a6e
88f34d90cb970c712d57f802cb4fd4fdcf3ba9a247a359b1c255f2b503b30766
GET /s/firasans/v10/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 02:59:24 GMT
expires: Sat, 09 Sep 2023 02:59:24 GMT
cache-control: public, max-age=31536000
age: 227241
last-modified: Mon, 22 Jul 2019 19:22:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21304, version 1.0\012- data
Hash d8bc03a60729f4b05b42e057e21eaed3
51d1a6303f98e2426f5b300105fd9c04784f1395
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 01:47:13 GMT
expires: Sat, 09 Sep 2023 01:47:13 GMT
cache-control: public, max-age=31536000
age: 231572
last-modified: Mon, 22 Jul 2019 19:21:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=1452522554514590763&zx=e83a1fdc-d7ff-4255-82df-9a9f3fa5b943
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1452522554514590763&zx=e83a1fdc-d7ff-4255-82df-9a9f3fa5b943
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1452522554514590763&zx=e83a1fdc-d7ff-4255-82df-9a9f3fa5b943 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 18:06:45 GMT
last-modified: Sun, 11 Sep 2022 18:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6Sqc1FauaCbDHEXt4kg3Zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J1/ctvNsuFxx1TNa3JVw/ld8pT4=
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1DWEDT6iGxKgIFolyXPfOankBpkog7BeMSF_ezk20h7pJqbeUn7Xf1T93iXlowdk1N_D81DOSxHqhX2fV3WZjn1Hknjwyzy-tDnPrZLz5c00EH-XHePuSQPZcaqn6tzlCA3Bk8agcdXtKvGFl3mWE=w72-h72-p-k-no-nu
142.250.74.1200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1DWEDT6iGxKgIFolyXPfOankBpkog7BeMSF_ezk20h7pJqbeUn7Xf1T93iXlowdk1N_D81DOSxHqhX2fV3WZjn1Hknjwyzy-tDnPrZLz5c00EH-XHePuSQPZcaqn6tzlCA3Bk8agcdXtKvGFl3mWE=w72-h72-p-k-no-nu
IP 142.250.74.1:0
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 9eeb4476dfe76f195c62dd29b5626f6f
9e8056e6ce874ad62e959b50fb686f962eba1114
0afef92a95aa4922f35e65e00637877a8743b8c6f5756ad4d623021e0d1f5d08
GET /blogger_img_proxy/ANbyha1DWEDT6iGxKgIFolyXPfOankBpkog7BeMSF_ezk20h7pJqbeUn7Xf1T93iXlowdk1N_D81DOSxHqhX2fV3WZjn1Hknjwyzy-tDnPrZLz5c00EH-XHePuSQPZcaqn6tzlCA3Bk8agcdXtKvGFl3mWE=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 12 Sep 2022 18:06:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 18:06:46 GMT
server: fife
content-length: 2191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/comment/frame/1452522554514590763?po=7654142738269748851&hl=en&skin=contempo&blogspotRpcToken=7253779
216.58.207.201200 OK 24 kB URL HTTP/2 www.blogger.com/comment/frame/1452522554514590763?po=7654142738269748851&hl=en&skin=contempo&blogspotRpcToken=7253779
IP 216.58.207.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33976)
Hash 55bc7cba46fa09f7d70c7cc8b7563756
b4ac0cb71e742f3c70c7be57b35f041300a411f1
5c02b79ca5a562306a0fbe61874c928cba762756d40d384914fb3d5482595990
GET /comment/frame/1452522554514590763?po=7654142738269748851&hl=en&skin=contempo&blogspotRpcToken=7253779 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 18:06:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-d0g0erlJqIM7MhDym5uckQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=bPxp0FwYESVhsUIiSpSCrcnZ5ttdZEQ6k2vfOT_QjRriPlX9eKj7nVnis7SUPcrFGN2dD3OfcTwTxjD95QVfBmySmaNUtk4SbekpZTtZoFvJYv7mEIfh3LAEp0GU1CRvrYrKJKvDNxMMCpWoJKpdqLXervPcXS0Y-iv2UlSQzew; expires=Mon, 13-Mar-2023 18:06:45 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Pc7KvYTDgf08xU1N-WflRWDWI1Og26a1EW6HtnWwNiBbj_aeSO5P_B30lvnA3sUVqPfEpZrqZXjUrij9t3_P_1OtGwdKGpMh6kj3hRwQcspBtYaCUIzzhba7mvkwfB5jPuPxB_X4=w72-h72-p-k-no-nu
142.250.74.1200 OK 1.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Pc7KvYTDgf08xU1N-WflRWDWI1Og26a1EW6HtnWwNiBbj_aeSO5P_B30lvnA3sUVqPfEpZrqZXjUrij9t3_P_1OtGwdKGpMh6kj3hRwQcspBtYaCUIzzhba7mvkwfB5jPuPxB_X4=w72-h72-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 810fbb96553890fb0031fd46eb0a85b1
6d6551adc8b0d9b2c03972c9eb91ad32ef7500d1
f8dbd8b13248360e31f21b0ea5f05c85376460cb78d4a441eacf74f8057e5fdf
GET /blogger_img_proxy/ANbyha3Pc7KvYTDgf08xU1N-WflRWDWI1Og26a1EW6HtnWwNiBbj_aeSO5P_B30lvnA3sUVqPfEpZrqZXjUrij9t3_P_1OtGwdKGpMh6kj3hRwQcspBtYaCUIzzhba7mvkwfB5jPuPxB_X4=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 12 Sep 2022 18:06:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 18:06:46 GMT
server: fife
content-length: 1251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 670 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 24fb827545f0df82ba9ce873507284b7
9b19dbdd1f7e262643f5c8937bd71b8b4bbf51e9
8c9289a263ad355d61c55a414ea621a8019e6355e2532825d03d39e0e59292b0
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 11 Sep 2022 18:06:46 GMT
date: Sun, 11 Sep 2022 18:06:46 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 670
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
142.250.74.163200 OK 157 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (539)
Size 157 kB (157166 bytes)
Hash 026df0dfed2314af108e700900288961
51c2a55bca7d65c549ef138d1294cac2aa98dd96
24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34
GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:23:20 GMT
expires: Wed, 06 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
age: 434606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha34_eIf3O5tsJH4LCm9MG3-6WMAjbYY_oH4QkwpLphuVZ-Ii52CTmrV_0NsP__p37hx9Uwe8QDdcXJeRHBIPNXU50UpOJj4P323O5KkiW3f73zUdvGUOYA6zoJCZmxf1fFq3pSLW67YR7kNlQ=w72-h72-p-k-no-nu
142.250.74.1200 OK 3.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha34_eIf3O5tsJH4LCm9MG3-6WMAjbYY_oH4QkwpLphuVZ-Ii52CTmrV_0NsP__p37hx9Uwe8QDdcXJeRHBIPNXU50UpOJj4P323O5KkiW3f73zUdvGUOYA6zoJCZmxf1fFq3pSLW67YR7kNlQ=w72-h72-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 95ed771d9b30b3246a62a84dc55f41ed
155567e31705e1abf0ba38d8dfa250ab3a15b4e7
c524a273332f7af3f165d84045ee3c54171a80b66fa488bf29fcd9e8098b080b
GET /blogger_img_proxy/ANbyha34_eIf3O5tsJH4LCm9MG3-6WMAjbYY_oH4QkwpLphuVZ-Ii52CTmrV_0NsP__p37hx9Uwe8QDdcXJeRHBIPNXU50UpOJj4P323O5KkiW3f73zUdvGUOYA6zoJCZmxf1fFq3pSLW67YR7kNlQ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 12 Sep 2022 18:06:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 18:06:47 GMT
server: fife
content-length: 3624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
litemarca2223.github.io/iklanmarcasocial/socialmasbro.js
185.199.111.153200 OK 9.9 kB URL HTTP/2 litemarca2223.github.io/iklanmarcasocial/socialmasbro.js
IP 185.199.111.153:0
File type ASCII text, with very long lines (33869)
Hash 3cec519fd24634fd05d878fba41da904
73056b53c8d73d7782bf77f24c8a18ef4fcb5186
d635ac3808134b4a550b8e9d472d23875abaf86d2f1c073dcc9d8b9e01806c72
GET /iklanmarcasocial/socialmasbro.js HTTP/1.1
Host: litemarca2223.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Tue, 29 Mar 2022 11:18:28 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"6242eb04-844e"
expires: Sun, 11 Sep 2022 17:08:10 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 8D70:BA4A:11B2F84:1256484:631E13A2
accept-ranges: bytes
date: Sun, 11 Sep 2022 18:06:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662919606.757227,VS0,VE1317
vary: Accept-Encoding
x-fastly-request-id: dfeed0ef800ab83df85109d15aa1b247f7a09555
content-length: 9908
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10627
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 18:06:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10627
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 18:06:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10627
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 18:06:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10627
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 18:06:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10627
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 18:06:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 14440
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b290c3f75a769f5cb0f36b5c84436c9b
22e386713ccb95ca1cf9aa367a5ad02bd1664954
e311757ae3bc5b821a9c1d4d654250b1ac936228eb4a600aa1e5b391d25adaaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10611
x-amzn-requestid: f034fbd9-c83e-4a29-84ff-674629759818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN3E8PoAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-63dd86ec10dbc2fb7dc0e5de;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -Fht5R4_rLcLWqglaPldh1846mPs_JS6_L3G_mi5G2iQbmkCPopvuQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 07:27:02 GMT
age: 38385
etag: "22e386713ccb95ca1cf9aa367a5ad02bd1664954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 73421
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 72559
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:50:01 GMT
age: 62206
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe7cd8a3-d14f-4b0a-852b-f5b637f631ac.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe7cd8a3-d14f-4b0a-852b-f5b637f631ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2d317543d935b1e691a0523c437e83
88adc81c040e8fc7246652362b12cb0c659dcd7a
ae5884ed08ff32caf1383a91a95c47c9dc0298fd38568d3d00cedf8d3b7e9ce3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe7cd8a3-d14f-4b0a-852b-f5b637f631ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10091
x-amzn-requestid: dbc13b68-f749-47fa-b2f0-ae8f9bb6724a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIgtEVRoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d879d-3dccc84a07c8cc7906351bbe;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:45 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TGByMzndAcW2Z4o_Hm_eelKqigueFQRv1pWYPM2WQB7YLRtVLT60OA==
via: 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 07:02:36 GMT
age: 39851
etag: "88adc81c040e8fc7246652362b12cb0c659dcd7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bbbbfa9e47f5b76e2816f8934f005596
16d8626ee00730c38c6a7ebcac5e8d13808ce219
5fc1f41c7a41b951607bf32a3e1bfa544107ed0cbf8096e36249c3e34c47c25a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5FC1F41C7A41B951607BF32A3E1BFA544107ED0CBF8096E36249C3E34C47C25A"
Last-Modified: Fri, 09 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=820
Expires: Sun, 11 Sep 2022 18:20:27 GMT
Date: Sun, 11 Sep 2022 18:06:47 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1506
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 11 Sep 2022 18:06:48 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+525; expires=Tue, 10-Sep-2024 18:06:48 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Sep 2022 18:06:48 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81d2234e3bccf3094a71dbcc8f728fc3
bcbca768607acacf0225870802b3d941ded87b70
ec520c95dfb3323795f7720128d558563333b67140364bf265fceab17a173d7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC520C95DFB3323795F7720128D558563333B67140364BF265FCEAB17A173D7F"
Last-Modified: Fri, 09 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19146
Expires: Sun, 11 Sep 2022 23:25:54 GMT
Date: Sun, 11 Sep 2022 18:06:48 GMT
Connection: keep-alive
image.slidesharecdn.com/ekonomirumahtanggatingkatan1latihannota-140826234743-phpapp02/95/ekonomi-rumah-tangga-tingkatan-1-latihan-nota-3-638.jpg?cb=1409097018
151.101.86.152200 OK 28 kB URL HTTP/2 image.slidesharecdn.com/ekonomirumahtanggatingkatan1latihannota-140826234743-phpapp02/95/ekonomi-rumah-tangga-tingkatan-1-latihan-nota-3-638.jpg?cb=1409097018
IP 151.101.86.152:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 638x903, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d83126065feeb77a16c32fdf74388c59
8cda49b7f077f11948cb2e3dd362a2256f0437f8
8b6e8dc13b8dc429a6374518021f2d795c78dddb6f2ab81c8e67b75123236d91
GET /ekonomirumahtanggatingkatan1latihannota-140826234743-phpapp02/95/ekonomi-rumah-tangga-tingkatan-1-latihan-nota-3-638.jpg?cb=1409097018 HTTP/1.1
Host: image.slidesharecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-type: image/webp
etag: "4SnBdpLzOIdQEpccuN9Acg+TwIqJFq7dMR4r0cH+yRs"
fastly-io-info: ifsz=62133 idim=638x903 ifmt=jpeg ofsz=28452 odim=638x903 ofmt=webp
fastly-stats: io=1
server: AmazonS3
x-amz-id-2: ZCOH7tscyF5DnuW0F/xCy6ELeiNVGTW5IZFXQmkwLcZhkjF6WX4jhQCCcuQOQaCMUMWR81unVo0=
x-amz-request-id: 7T5ESJ08A0WMM9TR
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 11 Sep 2022 18:06:48 GMT
age: 440407
x-served-by: cache-iad-kiad7000035-IAD, cache-bma1669-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662919608.163547,VS0,VE101
vary: Accept
expires: Sun, 18 Sep 2022 18:06:48 GMT
cache-control: max-age=604800
content-length: 28452
X-Firefox-Spdy: h2
imgv2-1-f.scribdassets.com/img/document/104483732/original/477ea380e0/1648069347?v=1
151.101.86.152200 OK 31 kB URL HTTP/2 imgv2-1-f.scribdassets.com/img/document/104483732/original/477ea380e0/1648069347?v=1
IP 151.101.86.152:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 768x1024, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9cef084edeea25cb4db2868137b9ce2f
85237146d74f4e4d971d1d4a73fbb92d428187ca
70a0e36d56f67a68b6dbbcfeec1d824a9d1568a8097e47b87a9857182dab0ab7
GET /img/document/104483732/original/477ea380e0/1648069347?v=1 HTTP/1.1
Host: imgv2-1-f.scribdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=864000,stale-while-revalidate=86400,stale-if-error=86400
content-type: image/webp
etag: "cMdfObUu+WqIwOXgdX8/3FGJMjYP4Ate/84JwvIdQAI"
fastly-io-info: ifsz=73319 idim=768x1024 ifmt=jpeg ofsz=31036 odim=768x1024 ofmt=webp
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 11 Sep 2022 18:06:48 GMT
age: 318925
x-served-by: cache-chi-klot8100153-CHI, cache-bma1639-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662919608.163479,VS0,VE107
vary: Accept
content-length: 31036
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b898142df15c87ed2e89cec5b524ae4
bf04adb3d1bc96ef16ad166d3ec60de573b960ea
eac5ed92cc69a67b083359aa1a3bf17fd17f6784240eef140bd5dbe6e938a3a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAC5ED92CC69A67B083359AA1A3BF17FD17F6784240EEF140BD5DBE6E938A3A8"
Last-Modified: Fri, 09 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15970
Expires: Sun, 11 Sep 2022 22:32:58 GMT
Date: Sun, 11 Sep 2022 18:06:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a2bb02ec3547a10f80dfe34b1a15d704
eac82e53e65cca0f77e35b4c88e489e349e18d3f
7a74c40aa8ca3ba83dd741b8d475417e4b5cfb8c45dcf1e71655455f721c8d58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A74C40AA8CA3BA83DD741B8D475417E4B5CFB8C45DCF1E71655455F721C8D58"
Last-Modified: Sat, 10 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14224
Expires: Sun, 11 Sep 2022 22:03:52 GMT
Date: Sun, 11 Sep 2022 18:06:48 GMT
Connection: keep-alive
thebutterflyresepi.files.wordpress.com/2012/05/kh-pilihan-ekonomi-rumah-tangga-ting-1.jpg?w=303
192.0.72.28200 OK 49 kB URL HTTP/2 thebutterflyresepi.files.wordpress.com/2012/05/kh-pilihan-ekonomi-rumah-tangga-ting-1.jpg?w=303
IP 192.0.72.28:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 303x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 468c26fbd72c3c613b979937fd826367
916e90ea1dc1a231504d97feb9bcb885a8ada8de
c8f8bf3bda548c53e0abefb83087618839142bf21dc4fb763fbe1973bc367a51
GET /2012/05/kh-pilihan-ekonomi-rumah-tangga-ting-1.jpg?w=303 HTTP/1.1
Host: thebutterflyresepi.files.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 18:06:48 GMT
content-type: image/webp
content-length: 49134
last-modified: Mon, 14 May 2012 18:34:26 GMT
expires: Thu, 20 Oct 2022 14:07:11 GMT
x-orig-src: 0_imageresize
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://thebutterflyresepi.wordpress.com
vary: Accept, Origin
x-nc: MISS arn 28 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
significantoperativeclearance.com/sbar.json?key=b0a5aa4d907bf630e424aef014557523
192.243.59.13200 OK 4.1 kB URL HTTP/1.1 significantoperativeclearance.com/sbar.json?key=b0a5aa4d907bf630e424aef014557523
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5878), with no line terminators
Hash 2b909036108bba47a2fd5fa872e105c3
6abc9f883b249f8d93550d298845dadddb402b02
d8280f81ae990e34272a986e3112f6233a35c850911a87618d288b4d7038a71f
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=b0a5aa4d907bf630e424aef014557523 HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:48 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nelson-yersblogrichards.blogspot.com
Access-Control-Allow-Origin: https://nelson-yersblogrichards.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17050302; expires=Mon, 12 Sep 2022 18:06:48 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 12 Sep 2022 18:06:48 GMT; secure; SameSite=None
uncs=1; expires=Mon, 12 Sep 2022 18:06:48 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 12 Sep 2022 18:06:48 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 12 Sep 2022 18:06:48 GMT; secure; SameSite=None
slecb0a5aa4d907bf630e424aef014557523=[3520334]; expires=Sun, 11 Sep 2022 18:06:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa298b9b134feeaa59bb000804d67925
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
significantoperativeclearance.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3sxFPK0sirCGAS8qMunumenJuIfFGCPBmOwPRW9SXVUzKVPd1VZ1TU9yii7Kgh7G%2F6DzJtmwuoie3ItBJwseAkJGEHIw%2F4DehD3LzAZHP2i%2B9%2Fq9w%2Fu%2Brz7fc%2BfEh6Nny%2B%2FoHakUXWjW%2FOpLHwTBteqaTF2%2F2l%2BMPowa16qm91o7qvkvV98SbEsvhH7g%2B4EfVFekER3dX5iIkNmDdlBr%2B7VGWAuaDfTN%2F7l1Hiz1wHvn5BlIPq488q5AshHS5LtlYbdynb36ZuIUzbVBjx%2B%2Bl26lukiRzGDHeOikhxduaHu6cgSdHkzjQvf%2BNcZyTLxfjhCnhxchEff2pzljBZEi5k%2Bj6I0g1AiSjsD0HUh%2BSgDGsb6BNLm3rk1Bt5%2BodKKOSeXx35DFmFT%2BuII0%2BXZJyX71tlYulzq16HdKyP4IsjtC5o6R71yCLI7B8k8h%2Ba9k4fEa0mR%2FwyoNycvp7FKOIDsjKDEAtR7c5JMeXMeDyzwk%2FKzKgiBo%2BZxRf7HNWJ23RBxxP6CtTkADP1qEY5N4A%2BTZAEwNwMwuMrOLLTmAcT%2FBbpaw3IPNx8S7uYseL1EIgsISFJSgkARFTlD0ygOubGjLe1xZFwcXPbzo9XKo8%2B4ePdB5V6RkLzsnlyd78SqvHGFLnFVjnzYpbfC234o7Ud0XjbBBRccPGs1mqxnWYWUJaS9NR92RY%2FLsJ5eRyTGpBL8jpsew6hhMXgV1L4AWw1bog24OG4s%2BdtL7wm4K8XGNaXBdIssryLe9PXVOnp8ep%2FnDOgQ7uf7zn5%2FNP7z5F5gpkZkSH8lHBF11d3hLF2T%2Fli4s%2BX4jy2Uid%2BjkcLdzmou5r98W24U2fHXZDu6%2FzibCBD54V9h8jaZcpl1LvlmSnAuzog0T5MdV%2B76Ibzi7ueRM6rK1G2%2BsrCaZEdZKnY5A5an9EkyOyVNUT1%2Fk1ee%2BgDQjGFcicSfkoiD1MVi2C5vN0ls9B6NmnjjzULhyaMJ49lNJAiVmnMYl7H94PMN79i66Zh40v4M0KdEzJXqqBFUDWDc3zDNzcv23%2BrQQK28YK%2BPtx8qor56s1sqzaqte92nUbgatFhWtuBEudqKAUxo2ojCKaB25HbP5Fx%2F%2BAwAA%2F%2F8BAAD%2F%2F6rBR%2BhcBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 significantoperativeclearance.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3sxFPK0sirCGAS8qMunumenJuIfFGCPBmOwPRW9SXVUzKVPd1VZ1TU9yii7Kgh7G%2F6DzJtmwuoie3ItBJwseAkJGEHIw%2F4DehD3LzAZHP2i%2B9%2Fq9w%2Fu%2Brz7fc%2BfEh6Nny%2B%2FoHakUXWjW%2FOpLHwTBteqaTF2%2F2l%2BMPowa16qm91o7qvkvV98SbEsvhH7g%2B4EfVFekER3dX5iIkNmDdlBr%2B7VGWAuaDfTN%2F7l1Hiz1wHvn5BlIPq488q5AshHS5LtlYbdynb36ZuIUzbVBjx%2B%2Bl26lukiRzGDHeOikhxduaHu6cgSdHkzjQvf%2BNcZyTLxfjhCnhxchEff2pzljBZEi5k%2Bj6I0g1AiSjsD0HUh%2BSgDGsb6BNLm3rk1Bt5%2BodKKOSeXx35DFmFT%2BuII0%2BXZJyX71tlYulzq16HdKyP4IsjtC5o6R71yCLI7B8k8h%2Ba9k4fEa0mR%2FwyoNycvp7FKOIDsjKDEAtR7c5JMeXMeDyzwk%2FKzKgiBo%2BZxRf7HNWJ23RBxxP6CtTkADP1qEY5N4A%2BTZAEwNwMwuMrOLLTmAcT%2FBbpaw3IPNx8S7uYseL1EIgsISFJSgkARFTlD0ygOubGjLe1xZFwcXPbzo9XKo8%2B4ePdB5V6RkLzsnlyd78SqvHGFLnFVjnzYpbfC234o7Ud0XjbBBRccPGs1mqxnWYWUJaS9NR92RY%2FLsJ5eRyTGpBL8jpsew6hhMXgV1L4AWw1bog24OG4s%2BdtL7wm4K8XGNaXBdIssryLe9PXVOnp8ep%2FnDOgQ7uf7zn5%2FNP7z5F5gpkZkSH8lHBF11d3hLF2T%2Fli4s%2BX4jy2Uid%2BjkcLdzmou5r98W24U2fHXZDu6%2FzibCBD54V9h8jaZcpl1LvlmSnAuzog0T5MdV%2B76Ibzi7ueRM6rK1G2%2BsrCaZEdZKnY5A5an9EkyOyVNUT1%2Fk1ee%2BgDQjGFcicSfkoiD1MVi2C5vN0ls9B6NmnjjzULhyaMJ49lNJAiVmnMYl7H94PMN79i66Zh40v4M0KdEzJXqqBFUDWDc3zDNzcv23%2BrQQK28YK%2BPtx8qor56s1sqzaqte92nUbgatFhWtuBEudqKAUxo2ojCKaB25HbP5Fx%2F%2BAwAA%2F%2F8BAAD%2F%2F6rBR%2BhcBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3sxFPK0sirCGAS8qMunumenJuIfFGCPBmOwPRW9SXVUzKVPd1VZ1TU9yii7Kgh7G%2F6DzJtmwuoie3ItBJwseAkJGEHIw%2F4DehD3LzAZHP2i%2B9%2Fq9w%2Fu%2Brz7fc%2BfEh6Nny%2B%2FoHakUXWjW%2FOpLHwTBteqaTF2%2F2l%2BMPowa16qm91o7qvkvV98SbEsvhH7g%2B4EfVFekER3dX5iIkNmDdlBr%2B7VGWAuaDfTN%2F7l1Hiz1wHvn5BlIPq488q5AshHS5LtlYbdynb36ZuIUzbVBjx%2B%2Bl26lukiRzGDHeOikhxduaHu6cgSdHkzjQvf%2BNcZyTLxfjhCnhxchEff2pzljBZEi5k%2Bj6I0g1AiSjsD0HUh%2BSgDGsb6BNLm3rk1Bt5%2BodKKOSeXx35DFmFT%2BuII0%2BXZJyX71tlYulzq16HdKyP4IsjtC5o6R71yCLI7B8k8h%2Ba9k4fEa0mR%2FwyoNycvp7FKOIDsjKDEAtR7c5JMeXMeDyzwk%2FKzKgiBo%2BZxRf7HNWJ23RBxxP6CtTkADP1qEY5N4A%2BTZAEwNwMwuMrOLLTmAcT%2FBbpaw3IPNx8S7uYseL1EIgsISFJSgkARFTlD0ygOubGjLe1xZFwcXPbzo9XKo8%2B4ePdB5V6RkLzsnlyd78SqvHGFLnFVjnzYpbfC234o7Ud0XjbBBRccPGs1mqxnWYWUJaS9NR92RY%2FLsJ5eRyTGpBL8jpsew6hhMXgV1L4AWw1bog24OG4s%2BdtL7wm4K8XGNaXBdIssryLe9PXVOnp8ep%2FnDOgQ7uf7zn5%2FNP7z5F5gpkZkSH8lHBF11d3hLF2T%2Fli4s%2BX4jy2Uid%2BjkcLdzmou5r98W24U2fHXZDu6%2FzibCBD54V9h8jaZcpl1LvlmSnAuzog0T5MdV%2B76Ibzi7ueRM6rK1G2%2BsrCaZEdZKnY5A5an9EkyOyVNUT1%2Fk1ee%2BgDQjGFcicSfkoiD1MVi2C5vN0ls9B6NmnjjzULhyaMJ49lNJAiVmnMYl7H94PMN79i66Zh40v4M0KdEzJXqqBFUDWDc3zDNzcv23%2BrQQK28YK%2BPtx8qor56s1sqzaqte92nUbgatFhWtuBEudqKAUxo2ojCKaB25HbP5Fx%2F%2BAwAA%2F%2F8BAAD%2F%2F6rBR%2BhcBAAA HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Cookie: u_pl=17050302; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb0a5aa4d907bf630e424aef014557523=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1121ab7e49cedc69dcbb85c4906ee409
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 142f92ab885d0446b4ac2b40619a6456
28535d1e4a2d387da2c4b2f69b8e330a3c5509f9
4cd8de918d644d5206bab46fd255d3967bb28445c9e5de29cba85675d88176de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CD8DE918D644D5206BAB46FD255D3967BB28445C9E5DE29CBA85675D88176DE"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Sun, 11 Sep 2022 19:06:25 GMT
Date: Sun, 11 Sep 2022 18:06:48 GMT
Connection: keep-alive
data03.123doks.com/thumbv2/123dok/001/888/1888712/cover.webp
104.21.67.240200 OK 8.8 kB URL HTTP/2 data03.123doks.com/thumbv2/123dok/001/888/1888712/cover.webp
IP 104.21.67.240:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x550, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 664151fafe2100b5d69452305af0e006
fa2f9a17f8b3f5eab043d3ff417e205ed616e505
ee536710ee17541d339f82baa31afd970af065317f030e901e1657d61e221ed0
GET /thumbv2/123dok/001/888/1888712/cover.webp HTTP/1.1
Host: data03.123doks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:48 GMT
content-type: image/webp
x-powered-by: PHP/8.0.13
ds-cache-status: HIT
etag: "03729e3e3a6ca9de248cd71ec31cca53"
expires: Tue, 11 Oct 2022 18:06:46 GMT
cache-control: public, max-age=5356800
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z%2FWpSuN%2FjaZaYW5Dq4IK1SGqtCz8EDjJkYqAUzQ0bS%2B%2BB4YzFZF2IL%2B8YwBHVvtRVYHMn93fclACJTN0pOiOoZh6W0VcwWarWirNx5joQc4SL8BUnJqtQVqd4heR%2BTuDAdBywk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749256deebe0b4fd-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 11a62de4541037ab66a1ee3a198916bd
767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4
1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15297
Expires: Sun, 11 Sep 2022 22:21:46 GMT
Date: Sun, 11 Sep 2022 18:06:49 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 11a62de4541037ab66a1ee3a198916bd
767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4
1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15297
Expires: Sun, 11 Sep 2022 22:21:46 GMT
Date: Sun, 11 Sep 2022 18:06:49 GMT
Connection: keep-alive
significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=306
192.243.59.13200 OK 0 B URL HTTP/1.1 significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=306
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=306 HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Cookie: u_pl=17050302; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb0a5aa4d907bf630e424aef014557523=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 11a62de4541037ab66a1ee3a198916bd
767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4
1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15297
Expires: Sun, 11 Sep 2022 22:21:46 GMT
Date: Sun, 11 Sep 2022 18:06:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13975
Expires: Sun, 11 Sep 2022 21:59:44 GMT
Date: Sun, 11 Sep 2022 18:06:49 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg
45.133.44.10200 OK 17 kB URL HTTP/2 cdn.cloudimagesb.com/si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 809ffd9e1f1ac876ab9fd0dea65e9e3a
4ac08c834e987fffe8659e65ddca741c0c4ca76c
a4a3b8a6d269923e312691d560f9522a3c57e5b4f350e0cb20a5ff1b654ea2b6
GET /si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:49 GMT
content-type: image/jpeg
content-length: 16863
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:45:32 GMT
etag: "62d547dc-41df"
expires: Tue, 13 Sep 2022 18:06:49 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
media.karousell.com/media/photos/products/2018/02/11/pt3_kemahiran_hidup_bersatu_ekonomi_rumah_tangga_tingkatan_123_1518322495_428dd69c.jpg
190.93.245.83200 OK 62 kB URL HTTP/2 media.karousell.com/media/photos/products/2018/02/11/pt3_kemahiran_hidup_bersatu_ekonomi_rumah_tangga_tingkatan_123_1518322495_428dd69c.jpg
IP 190.93.245.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 640x640, components 3\012- data
Hash eae8658a4a15c95b5055fd2311463d99
3cb21efb262afda6b8a9a9286aa0ebe07b4f513a
d753b77b52b76629d36d6c6e91858ca908a4b486bc6cd89b4bcfc31daec37eea
GET /media/photos/products/2018/02/11/pt3_kemahiran_hidup_bersatu_ekonomi_rumah_tangga_tingkatan_123_1518322495_428dd69c.jpg HTTP/1.1
Host: media.karousell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:49 GMT
content-type: image/jpeg
content-length: 62402
x-guploader-uploadid: ADPycdsCxUmUvQ7jgjm0n98V-e7eFSEfYfsKO7seB7yMEWkLdax2Lukvw3QSbmWsja5bVUbYC0y-Wz-omg5ub7SNQqSH8eXi-VlF
expires: Sun, 11 Sep 2022 19:06:48 GMT
cache-control: public, max-age=3600
last-modified: Sun, 11 Feb 2018 04:14:55 GMT
etag: "eae8658a4a15c95b5055fd2311463d99"
x-goog-generation: 1518322495673749
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62402
x-goog-hash: crc32c=mG6A/Q==, md5=6uhlikoVyVtQVf0jEUY9mQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749256deeb2bb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c52f00dc203483501330b93da8673ea
bb58935fa272c810572d3290a9835e1390a8ef35
4cbe66c98fdaa1bdce29769a8dda769b7b46e14a8bdab5c61bba9e171ec925f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4993
Cache-Control: max-age=147562
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:49 GMT
Etag: "631dada2-1d7"
Expires: Tue, 13 Sep 2022 11:06:11 GMT
Last-Modified: Sun, 11 Sep 2022 09:42:58 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f9586374bb1bef58a7f21c55bdcccbcf
f4dfc53e23c579b828c19a2ab88d095b05d7b8df
545d01bc8dd9ba4d616be5179a3ae220c605bfba00982fd639835ca09a4dc56f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "545D01BC8DD9BA4D616BE5179A3AE220C605BFBA00982FD639835CA09A4DC56F"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4292
Expires: Sun, 11 Sep 2022 19:18:21 GMT
Date: Sun, 11 Sep 2022 18:06:49 GMT
Connection: keep-alive
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 6927b064b08f5b860ca9d31956e0da77
c1f4197983d207e3c700555cec139b5472187474
675e50387f43c29cb3ff1becd8af384aede606e849f5dcfb53f256defa219186
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c6202d4d6d191bb70d63c1333dabe963
etag: "5e81c372256e0079d779bb6f15080f8b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 11 Sep 2022 18:21:44 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: aSewZLCPW4YMqdMZVuDadw==
x-fb-debug: p9VP6DoavpZX8GorPYhVJqL9twEzJIT1QT2SvVeEMXXJYyvK9IXS9uxcf8mS2LjSpUBLIefYO7h1Todv6wvF9A==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 18:06:49 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:03:34 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 439910421
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
i.pinimg.com/originals/35/b0/fe/35b0fec23dbb3845293229a896de7494.jpg
151.101.84.84200 OK 317 kB URL HTTP/2 i.pinimg.com/originals/35/b0/fe/35b0fec23dbb3845293229a896de7494.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1188x1836, components 3\012- data
Size 317 kB (317133 bytes)
Hash 36624f6dcaa24b9d15b4e07d9dae82d1
b34b272a662a03eedb3ab349ddd2007e108bd08a
7ab103b12b74a2a35753f0744abcc9f551d22eee1ad1833df9efc319beb419f5
GET /originals/35/b0/fe/35b0fec23dbb3845293229a896de7494.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "36624f6dcaa24b9d15b4e07d9dae82d1"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 18:06:49 GMT
content-length: 317133
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 08717793887508da2b68c46d4bdfaec4
c45b402d8ef46b60c2d4ed0db65483e602b7aa0b
db22377d78648258ddf6df6b60c6c53fff67ea7da838a7119a7753008ddbf547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5932
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:49 GMT
Last-Modified: Sun, 11 Sep 2022 16:27:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
45.133.44.4200 OK 98 kB URL HTTP/2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 385dfd9c4f0bf02de9b93cf42b2c3edf
a2447764fdcfb9a4d3b674b8f05b5879dd51926b
271b6345ef2f99145386c7d77b7efb2e4a7e476bd5ddd1fde4594cf1f5190036
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:48 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 11 Sep 2022 19:06:48 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c52f00dc203483501330b93da8673ea
bb58935fa272c810572d3290a9835e1390a8ef35
4cbe66c98fdaa1bdce29769a8dda769b7b46e14a8bdab5c61bba9e171ec925f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4993
Cache-Control: max-age=147562
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 18:06:49 GMT
Etag: "631dada2-1d7"
Expires: Tue, 13 Sep 2022 11:06:11 GMT
Last-Modified: Sun, 11 Sep 2022 09:42:58 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=335
192.243.59.13200 OK 0 B URL HTTP/1.1 significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=335
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=335 HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Cookie: u_pl=17050302; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb0a5aa4d907bf630e424aef014557523=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
172.67.183.56200 OK 36 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP 172.67.183.56:0
Hash a6e76bcad45d5f6f33d19b2b3f4acc7b
4fed67dc490477432d733325091e1105a1202366
7cea81c85601875b70dbfe28288c215d09a9158e93c47fb8953f846bffc1e7f5
GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:49 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CfnxFFGugyi0TPizILge%2Bq34gZlvmtvYuxeUHPjYJoR%2FIjnCZPtSZMJuWPzK%2B59X0b718DPOVcdyLq4KZoteoPBf5SkXlTdi8aeibDnnr1p%2BjMlJ%2BkZGrzl4mpbknkbWzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749256e4df52b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.pinimg.com/474x/87/57/02/875702abecadf395a56207fcd195942a.jpg
151.101.84.84200 OK 34 kB URL HTTP/2 i.pinimg.com/474x/87/57/02/875702abecadf395a56207fcd195942a.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 297x350, components 3\012- data
Hash 679b1a1763c56ab87a883977a27a1cbd
9a8216f6e46208c2319df8fa967fa4d095dc3aac
5c44ae181d3032fcda682c8bd896f6b1bf592d093c272d1c13afd963e250ba95
GET /474x/87/57/02/875702abecadf395a56207fcd195942a.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "679b1a1763c56ab87a883977a27a1cbd"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 18:06:49 GMT
content-length: 33686
X-Firefox-Spdy: h2
i.pinimg.com/originals/df/7d/39/df7d39cd38a5a12efedb59a83808d37c.jpg
151.101.84.84200 OK 106 kB URL HTTP/2 i.pinimg.com/originals/df/7d/39/df7d39cd38a5a12efedb59a83808d37c.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x736, components 3\012- data
Size 106 kB (105815 bytes)
Hash 46cce15524faad93e3cf73de791f3164
a5050da89d5be3e6eea50b196dd92607b473fc89
7afb2ed7a5c7f7490aa6a02c0faf0e81d5757eb180232ef8db29df67c358a273
GET /originals/df/7d/39/df7d39cd38a5a12efedb59a83808d37c.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "46cce15524faad93e3cf73de791f3164"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 18:06:49 GMT
content-length: 105815
X-Firefox-Spdy: h2
i.pinimg.com/736x/7e/1f/63/7e1f63a82df5b345ea70225bb2a4e773--email-marketing-digital-marketing.jpg
151.101.84.84200 OK 45 kB URL HTTP/2 i.pinimg.com/736x/7e/1f/63/7e1f63a82df5b345ea70225bb2a4e773--email-marketing-digital-marketing.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x619, components 3\012- data
Hash d507d7e6c20d1a756244765be4a90ee5
02e7a0da9cacf5757bc5d3ed6bd68ad6621f2d42
976292e87311c06f15399b476ea3515155e56fe64fb3472067c9a5ac0de887d5
GET /736x/7e/1f/63/7e1f63a82df5b345ea70225bb2a4e773--email-marketing-digital-marketing.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "d507d7e6c20d1a756244765be4a90ee5"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 18:06:49 GMT
content-length: 45049
X-Firefox-Spdy: h2
i.pinimg.com/originals/54/63/8f/54638f40d0461ca5c2b0188e0aabfcb7.jpg
151.101.84.84200 OK 154 kB URL HTTP/2 i.pinimg.com/originals/54/63/8f/54638f40d0461ca5c2b0188e0aabfcb7.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 600x1260, components 3\012- data
Size 154 kB (153848 bytes)
Hash d418e73239d246b4ef459fc8c610c47a
bf6c17052b4ae26ef51c37aa4ccb3877550ecba5
5cd820f1385c9a13551bb5bca9670865a879d02c45f361b12a6f155f2c0d3e3f
GET /originals/54/63/8f/54638f40d0461ca5c2b0188e0aabfcb7.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "d418e73239d246b4ef459fc8c610c47a"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 18:06:49 GMT
content-length: 153848
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
172.67.183.56200 OK 50 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP 172.67.183.56:0
Hash b206f27eb1efc0fc37dc3ac49a5d56ca
25f7484d89b75038439572b9b51fb0d4b2f31156
6a2d596cc7db281e11218fbfb393f53e80232c5c2b4872b6264467b57d4e2ee1
GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:49 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhokSSrF39xhWvn65diyQFK87x7RfbBbbV8n6qDgWy%2F5dHOQkM3FTAVRsDKmPc5GrC31OpQI%2FTspQNl%2BQ2IgufYLK9eAlR%2Fb%2Fj4DY6ens0oaW5MZsouZ13C9fNlgT83pAIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749256e4df2db4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=351
192.243.59.13200 OK 0 B URL HTTP/1.1 significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=351
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=351 HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Cookie: u_pl=17050302; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb0a5aa4d907bf630e424aef014557523=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
i.pinimg.com/564x/60/ce/ed/60ceed7e2c4e4d679c6742e328dd03ba.jpg
151.101.84.84200 OK 60 kB URL HTTP/2 i.pinimg.com/564x/60/ce/ed/60ceed7e2c4e4d679c6742e328dd03ba.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 462x599, components 3\012- data
Hash 2d93b167732b01a82fc540b823105d4f
2a20a19b6c5921ecb02ce880f50d2b2ed4b94418
ba0e856ee98b85dc31462bd0c29d02f99f06bc6dce99265fac260fc3a02395f3
GET /564x/60/ce/ed/60ceed7e2c4e4d679c6742e328dd03ba.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "2d93b167732b01a82fc540b823105d4f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 18:06:49 GMT
content-length: 59858
X-Firefox-Spdy: h2
significantoperativeclearance.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NemNuBoZFGEMDW5UpFPV33EWgzFGgjGZD0V38r6q88zreuV79bo6WUUHZUAX7T%2BonE4mjA6iK2dj0M6Ai4CQFoQszB%2FQnTBr6Z5g64XinlPnLM69932%2B589JCE%2FPlt8xO0prutCohOWXPoiia%2BU1lfh%2Bud9uftisXyvb3muLzUr4cvktybfMQjWMwjAKo%2FKKsjI2%2FYWJCJU%2BWIwqi2GlXq1EjTr69v%2Fc%2BQCOBhC9c%2FIMlBiXHgVXoPgISfe7Zem2MpO%2B%2BmbXa5oZi544fC%2FZSkyeoDuDsQ0QJ4cXbhh3unIEkxxM48L0%2FjUyNSbBL0dgyeFFSLDe%2FjQn05AJmHgaeW8EqUdQdARu7kCJUwJwgfUNJN1768bmdPuJSifqmJQe%2Fw2Vj0npjytIut8uadUv3zbaZ8okDv24gOqPoDojpP4Y2c4lqPwYPPsUSvxKFh6vIenubzhtoEQxnV2pEVQ8gpYDUBfATz4VwMcBfBqgK87KPIqiVig4DduLnNdES7KmCCPaiiMahc02PJ%2FEGyBLB%2BB6AG53kdpdbKkBrP8JbrOAEwFcNibBzV30RIFcEuSOIKcEuSLIM4K8VxwI7aquuCe08yy66NWLXiuGJuvs0QOTdWRC9tJzcnmyl6D0yhG25FmZhbRBaV0shi0WN2uhrFfrVMZhVG80Wo1qDU4VUO7SdNQdNSbPfnIZqRqTUvQ7GD2G08fg6iqofwE0H7aqIejmsN4OsZPcl25Tyo8r3ECYAmlWQrYd7Olz8vz0OI0f1iH5yfWf%2F%2Fxs%2FuHNv8BtgdQW%2BEg9Iujou8NbJif7t0zuyPcbaaa6aodODnc7o5mc%2B%2FptuZ0bK1aX3eD%2B63wiTOCDd6XL1mgiVNJx5JslJYS0K8ZySX5cde9LdsO7zSVvE5%2Bu3XhjZbWbWumcMskIVJ26L8HVmDxFzfRFXn3uCyg7gvUFuv6EXBSUOQZPd%2BHSWXpn5mD1zMPSALkvhrbKZj%2B1ItByxikr4P7D2Qzvubvo2HnQ7A6SboGeLdDTBagewPm5YZbak%2Bu%2F1aYFpoMh0zbYZ9rqr56s1qmzci0ULSZj2WKy3qjHkgvWaLCQx5zVRLvNkbkxn3%2Fx4T8AAAD%2F%2FwEAAP%2F%2FKhWSAFwEAAA%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 significantoperativeclearance.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NemNuBoZFGEMDW5UpFPV33EWgzFGgjGZD0V38r6q88zreuV79bo6WUUHZUAX7T%2BonE4mjA6iK2dj0M6Ai4CQFoQszB%2FQnTBr6Z5g64XinlPnLM69932%2B589JCE%2FPlt8xO0prutCohOWXPoiia%2BU1lfh%2Bud9uftisXyvb3muLzUr4cvktybfMQjWMwjAKo%2FKKsjI2%2FYWJCJU%2BWIwqi2GlXq1EjTr69v%2Fc%2BQCOBhC9c%2FIMlBiXHgVXoPgISfe7Zem2MpO%2B%2BmbXa5oZi544fC%2FZSkyeoDuDsQ0QJ4cXbhh3unIEkxxM48L0%2FjUyNSbBL0dgyeFFSLDe%2FjQn05AJmHgaeW8EqUdQdARu7kCJUwJwgfUNJN1768bmdPuJSifqmJQe%2Fw2Vj0npjytIut8uadUv3zbaZ8okDv24gOqPoDojpP4Y2c4lqPwYPPsUSvxKFh6vIenubzhtoEQxnV2pEVQ8gpYDUBfATz4VwMcBfBqgK87KPIqiVig4DduLnNdES7KmCCPaiiMahc02PJ%2FEGyBLB%2BB6AG53kdpdbKkBrP8JbrOAEwFcNibBzV30RIFcEuSOIKcEuSLIM4K8VxwI7aquuCe08yy66NWLXiuGJuvs0QOTdWRC9tJzcnmyl6D0yhG25FmZhbRBaV0shi0WN2uhrFfrVMZhVG80Wo1qDU4VUO7SdNQdNSbPfnIZqRqTUvQ7GD2G08fg6iqofwE0H7aqIejmsN4OsZPcl25Tyo8r3ECYAmlWQrYd7Olz8vz0OI0f1iH5yfWf%2F%2Fxs%2FuHNv8BtgdQW%2BEg9Iujou8NbJif7t0zuyPcbaaa6aodODnc7o5mc%2B%2FptuZ0bK1aX3eD%2B63wiTOCDd6XL1mgiVNJx5JslJYS0K8ZySX5cde9LdsO7zSVvE5%2Bu3XhjZbWbWumcMskIVJ26L8HVmDxFzfRFXn3uCyg7gvUFuv6EXBSUOQZPd%2BHSWXpn5mD1zMPSALkvhrbKZj%2B1ItByxikr4P7D2Qzvubvo2HnQ7A6SboGeLdDTBagewPm5YZbak%2Bu%2F1aYFpoMh0zbYZ9rqr56s1qmzci0ULSZj2WKy3qjHkgvWaLCQx5zVRLvNkbkxn3%2Fx4T8AAAD%2F%2FwEAAP%2F%2FKhWSAFwEAAA%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NemNuBoZFGEMDW5UpFPV33EWgzFGgjGZD0V38r6q88zreuV79bo6WUUHZUAX7T%2BonE4mjA6iK2dj0M6Ai4CQFoQszB%2FQnTBr6Z5g64XinlPnLM69932%2B589JCE%2FPlt8xO0prutCohOWXPoiia%2BU1lfh%2Bud9uftisXyvb3muLzUr4cvktybfMQjWMwjAKo%2FKKsjI2%2FYWJCJU%2BWIwqi2GlXq1EjTr69v%2Fc%2BQCOBhC9c%2FIMlBiXHgVXoPgISfe7Zem2MpO%2B%2BmbXa5oZi544fC%2FZSkyeoDuDsQ0QJ4cXbhh3unIEkxxM48L0%2FjUyNSbBL0dgyeFFSLDe%2FjQn05AJmHgaeW8EqUdQdARu7kCJUwJwgfUNJN1768bmdPuJSifqmJQe%2Fw2Vj0npjytIut8uadUv3zbaZ8okDv24gOqPoDojpP4Y2c4lqPwYPPsUSvxKFh6vIenubzhtoEQxnV2pEVQ8gpYDUBfATz4VwMcBfBqgK87KPIqiVig4DduLnNdES7KmCCPaiiMahc02PJ%2FEGyBLB%2BB6AG53kdpdbKkBrP8JbrOAEwFcNibBzV30RIFcEuSOIKcEuSLIM4K8VxwI7aquuCe08yy66NWLXiuGJuvs0QOTdWRC9tJzcnmyl6D0yhG25FmZhbRBaV0shi0WN2uhrFfrVMZhVG80Wo1qDU4VUO7SdNQdNSbPfnIZqRqTUvQ7GD2G08fg6iqofwE0H7aqIejmsN4OsZPcl25Tyo8r3ECYAmlWQrYd7Olz8vz0OI0f1iH5yfWf%2F%2Fxs%2FuHNv8BtgdQW%2BEg9Iujou8NbJif7t0zuyPcbaaa6aodODnc7o5mc%2B%2FptuZ0bK1aX3eD%2B63wiTOCDd6XL1mgiVNJx5JslJYS0K8ZySX5cde9LdsO7zSVvE5%2Bu3XhjZbWbWumcMskIVJ26L8HVmDxFzfRFXn3uCyg7gvUFuv6EXBSUOQZPd%2BHSWXpn5mD1zMPSALkvhrbKZj%2B1ItByxikr4P7D2Qzvubvo2HnQ7A6SboGeLdDTBagewPm5YZbak%2Bu%2F1aYFpoMh0zbYZ9rqr56s1qmzci0ULSZj2WKy3qjHkgvWaLCQx5zVRLvNkbkxn3%2Fx4T8AAAD%2F%2FwEAAP%2F%2FKhWSAFwEAAA%3D HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Cookie: u_pl=17050302; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb0a5aa4d907bf630e424aef014557523=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:49 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87984a887083754fc2f9f75432e40a8d
Strict-Transport-Security: max-age=0; includeSubdomains
i.pinimg.com/736x/0f/45/dc/0f45dc348414d095e8ec514894df9814--learning-the-stage.jpg
151.101.84.84200 OK 382 kB URL HTTP/2 i.pinimg.com/736x/0f/45/dc/0f45dc348414d095e8ec514894df9814--learning-the-stage.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 716x2452, components 3\012- data
Size 382 kB (382538 bytes)
Hash 6b85c851b7f953e30cca0b40f9ec47e6
533bd80d2cf5ba1c232f29929f9d08479f6b0763
4e8f6045d654fbb2838d22904f220197cc948cb4ae66317c50830cdac941d92d
GET /736x/0f/45/dc/0f45dc348414d095e8ec514894df9814--learning-the-stage.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "6b85c851b7f953e30cca0b40f9ec47e6"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 18:06:49 GMT
content-length: 382538
X-Firefox-Spdy: h2
significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=360
192.243.59.13200 OK 0 B URL HTTP/1.1 significantoperativeclearance.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=360
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=360 HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Cookie: u_pl=17050302; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb0a5aa4d907bf630e424aef014557523=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
significantoperativeclearance.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL HTTP/1.1 significantoperativeclearance.com/pixel/sbs?c=1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: significantoperativeclearance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Cookie: u_pl=17050302; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb0a5aa4d907bf630e424aef014557523=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 18:06:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
s10.histats.com/counters/cc_509.js
46.105.201.240200 OK 5.6 kB URL HTTP/2 s10.histats.com/counters/cc_509.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (13291), with no line terminators
Hash 201f1813051dfb988328f91615c8089a
884ca871e6ed0442711fe0bd7ec82a24100e0419
209c7d5bde79fe879f4e992b330d515c9e381f9e9e99f8f579c6e7ff151b7f11
GET /counters/cc_509.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 17:57:33 GMT
etag: "-1598200718"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 315753369
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5579
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=972aa1cb829d9298f1b5b4226081d2c7
157.240.200.14200 OK 86 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=972aa1cb829d9298f1b5b4226081d2c7
IP 157.240.200.14:0
File type ASCII text, with very long lines (13115)
Hash 45ca5f1b37fcfdd804abf937a59237ff
c90590988c22128f1e6d6e65763eedc3750574e9
1130a01563d3a0be5f4700ec5794b8421f4637a583629d9d00a01eb8ca3b83ba
GET /en_US/sdk.js?hash=972aa1cb829d9298f1b5b4226081d2c7 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nelson-yersblogrichards.blogspot.com
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fb2a7798f3068c079aae9478e7a71669
etag: "cdd7f6acb2b71a92a0b3891849846054"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Sep 2023 16:29:02 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: RcpfGzf8/dgEq/k3pZI3/w==
x-fb-debug: 541BJgtTPNrOH3H95Xrg0tvrihK6KNeep9FThSbYop6/ww26IAqr5xxslrC9jybl0adjhASBMmpEjcmIxpI/mQ==
content-length: 86524
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 18:06:49 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4635212&@f16&@g1&@h1&@i1&@j1662919598466&@k0&@l1&@mProtists%20Are%20Best%20Described%20as%20Which%20of%20the%20Following&@n0&@o1000&@q0&@r0&@s509&@ten-US&@u1280&@b1:174925787&@b3:1662919598&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnelson-yersblogrichards.blogspot.com%2F2022%2F05%2Fprotists-are-best-described-as-which-of.html&@w
158.69.248.123200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4635212&@f16&@g1&@h1&@i1&@j1662919598466&@k0&@l1&@mProtists%20Are%20Best%20Described%20as%20Which%20of%20the%20Following&@n0&@o1000&@q0&@r0&@s509&@ten-US&@u1280&@b1:174925787&@b3:1662919598&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnelson-yersblogrichards.blogspot.com%2F2022%2F05%2Fprotists-are-best-described-as-which-of.html&@w
IP 158.69.248.123:0
File type ASCII text, with no line terminators
Hash 43590378fce5bd63f894d7eb0de26fc6
4aa511569bf38800331be15a2eb32333e727ed21
f06d0384ee606720dce9387cf250f4b554f9e25fe37490ea57c7c115a6961c42
GET /stats/0.php?4635212&@f16&@g1&@h1&@i1&@j1662919598466&@k0&@l1&@mProtists%20Are%20Best%20Described%20as%20Which%20of%20the%20Following&@n0&@o1000&@q0&@r0&@s509&@ten-US&@u1280&@b1:174925787&@b3:1662919598&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnelson-yersblogrichards.blogspot.com%2F2022%2F05%2Fprotists-are-best-described-as-which-of.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nelson-yersblogrichards.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 18:06:50 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
172.67.183.56200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP 172.67.183.56:0
GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 18:06:49 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3398545
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJ6ld4iLmFcGWW3TtfZu%2FDd%2BFKlV9Rsj4DYXXQPzjmcJnAE1sCbiVPmu%2Bj6El1zpwH0mDhvyqQfFNJRgz5B520LkX%2BP4cS9K72zyibmOgxIlGP2OOxiYde6e3PapNYb3s1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749256e53ff1b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 18:06:49 GMT
date: Sun, 11 Sep 2022 18:06:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2