firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 15:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zIRs9TPvkIOLCGC4I_mT9cppavnQIJIec7vLBjlPweKHbPdVPd9zgg==
Age: 3131
nadjavidal.blogspot.kr/
142.250.74.161302 Moved Temporarily 179 B IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ea4423957487443ecc9556ff35e06637
d5a235d6397a8e7d9ce86142c0cfddafd3b09392
a79f9dd47b42a6a83421143140053f12d7cb77a917afab64f71eb22a028b9ef9
GET / HTTP/1.1
Host: nadjavidal.blogspot.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://nadjavidal.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 16:39:15 GMT
Expires: Tue, 04 Oct 2022 16:39:15 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 179
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2726
Expires: Tue, 04 Oct 2022 17:24:41 GMT
Date: Tue, 04 Oct 2022 16:39:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PSPMCPmedKCSoABGGQSbHnFLZ7ve4VNKXhzZnmOf-jq3y0AIaf6pqQ==
age: 40248
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 16:39:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nadjavidal.blogspot.com/
142.250.74.161301 Moved Permanently 179 B IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ad0fff1bcf881708ae713f1961fb767d
b1e4ed2f54cc02ca6418a1e5e71c740a9db7711e
6d53dfdbad728cec49376614c560b05bbe42fdeb4c0a5ebc1ac571dece6771be
GET / HTTP/1.1
Host: nadjavidal.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://nadjavidal.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 16:39:16 GMT
Expires: Tue, 04 Oct 2022 16:39:16 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 179
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 16:29:33 GMT
Expires: Tue, 04 Oct 2022 16:31:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5Aex9spe7YmXoYxt8OHpJrpBeq6mxX1MFCopbMVhMBJiVFxacQls9A==
Age: 583
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6594
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:16 GMT
Last-Modified: Tue, 04 Oct 2022 14:49:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (56656)
Hash 5c32368e2726220885c82f35b6fb4e78
bb3909d2aaca84d895296187aeaea024c76f46ec
53ceda316a9da4b956909214bb1bdaf76d2b2e3d2037614a13b6749e1e5c9e17
GET /ajax/libs/font-awesome/5.11.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:16 GMT
content-type: text/css; charset=utf-8
content-length: 10022
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-de0a"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1708826
expires: Sun, 24 Sep 2023 16:39:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUOVG8f%2BcpDZOqmXiwP2KncKjeUKMdkVDxdP3ehWWb%2FPJhAy4NVJT%2BtXOZ8zfanTS2%2BZZPyE4XoRYIL7d14dR%2BWvg%2FhvuRqbVAzB%2BKLuYZu9VUboaYnkZSlNgXtrFC02f%2FD64b%2BH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754f5a4a6b8bb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nadjavidal.blogspot.com/
142.250.74.161200 OK 48 kB IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1383)
Hash a4ed384cab1f90c4e07ebb93b94aa155
0dc9217d08345bab35b7175d57cd33ebca52c38a
b6f950223acc225c9a133098c9d17da687adf2b10082a96af70d7de7cd5a921b
GET / HTTP/1.1
Host: nadjavidal.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 04 Oct 2022 16:39:16 GMT
date: Tue, 04 Oct 2022 16:39:16 GMT
cache-control: private, max-age=0
last-modified: Tue, 04 Oct 2022 15:28:52 GMT
etag: W/"9bba3e7c74c8bb16798ca94470de1c25fdd500e5bbacafbc8ae119ae9274915f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 47803
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L/jhMXHnA5JpSYiuV3JE3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IJyvlNk1yVAYLfu5ZAYDbApySI4=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20872, version 1.0\012- data
Hash 911d926608ce81ca8d62e74b7d09d276
e0ff54366f03e110e51c2850db6eac72dc4f25fe
7e088dcc1b0435ae26460f199b7362c41f885a5ec9ff8efc17d7e12ed053c123
GET /s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 20:03:37 GMT
expires: Sun, 01 Oct 2023 20:03:37 GMT
cache-control: public, max-age=31536000
age: 246940
last-modified: Tue, 23 Jul 2019 03:47:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/792789798-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/792789798-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 02e6bf311e18828a522b4d3a4079084f
a63cd373fa23b4fe11f938d57737e6bfa1ebe789
25d469843aa09be2473931d33aaa37b65ac371874bd98ca84ec780bead3e33e4
GET /static/v1/widgets/792789798-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 02:15:20 GMT
expires: Tue, 03 Oct 2023 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 00:49:27 GMT
content-type: text/javascript
age: 138237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20724, version 1.0\012- data
Hash 43c849ea0258ce0d23a480e840881f16
5222f2283ff9eed9c05025b15dcca453a43cb8c3
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
GET /s/raleway/v14/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:44:15 GMT
expires: Sun, 01 Oct 2023 04:44:15 GMT
cache-control: public, max-age=31536000
age: 302102
last-modified: Tue, 23 Jul 2019 03:48:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21164, version 1.0\012- data
Hash 6a9b9c422e662a18013ee064fd789213
dbd7535cca2552efef08a77d11956652cc09bcd8
ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681
GET /s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 07:13:44 GMT
expires: Wed, 04 Oct 2023 07:13:44 GMT
cache-control: public, max-age=31536000
age: 33933
last-modified: Tue, 23 Jul 2019 03:47:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 66b5667bbd0ca7bd21e3425f5043d110
d7beae3e33189546c0281201eabe759e9a6b2c50
e31a52c4afdf8a8d8fe1730820d5c90c67132263fb825e32c93b405367d18c5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 08:27:03 GMT
Expires: Tue, 11 Oct 2022 08:27:02 GMT
Etag: "d7beae3e33189546c0281201eabe759e9a6b2c50"
Cache-Control: max-age=574664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754f5a4b8cd3b4f7-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 66b5667bbd0ca7bd21e3425f5043d110
d7beae3e33189546c0281201eabe759e9a6b2c50
e31a52c4afdf8a8d8fe1730820d5c90c67132263fb825e32c93b405367d18c5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 08:27:03 GMT
Expires: Tue, 11 Oct 2022 08:27:02 GMT
Etag: "d7beae3e33189546c0281201eabe759e9a6b2c50"
Cache-Control: max-age=574664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754f5a4b8a0d0b3d-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
poweredby.jads.co/js/jads.js
185.94.236.244301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.244:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nadjavidal.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 66b5667bbd0ca7bd21e3425f5043d110
d7beae3e33189546c0281201eabe759e9a6b2c50
e31a52c4afdf8a8d8fe1730820d5c90c67132263fb825e32c93b405367d18c5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 08:27:03 GMT
Expires: Tue, 11 Oct 2022 08:27:02 GMT
Etag: "d7beae3e33189546c0281201eabe759e9a6b2c50"
Cache-Control: max-age=574664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754f5a4baa960b65-OSL
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:17 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://nadjavidal.blogspot.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a4dae87b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://nadjavidal.blogspot.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
blogger.googleusercontent.com/img/a/AVvXsEjenKVZKZPi59-z_PIz9W6F1PKrpMnbjMOQxxVP2gXbL926FF6nF-HjXaKoG6OvCotpm7DD21_Dm93HFdSfivaW8JRIExEF59ijxtW9JzcmaEImVW3xMN7bm37fyTX62wFyBOt4cwzoSy30ppUP3O85bAJT1ATqDF5p8Fe66SFH3SnREASk4Ckjuih-=s728
142.250.74.33200 OK 48 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjenKVZKZPi59-z_PIz9W6F1PKrpMnbjMOQxxVP2gXbL926FF6nF-HjXaKoG6OvCotpm7DD21_Dm93HFdSfivaW8JRIExEF59ijxtW9JzcmaEImVW3xMN7bm37fyTX62wFyBOt4cwzoSy30ppUP3O85bAJT1ATqDF5p8Fe66SFH3SnREASk4Ckjuih-=s728
IP 142.250.74.33:0
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 4150b4eac435751314493823bf79756e
b8d0e46b5c4b23bfb548da75011c5a78ad20d31d
c5a729e413c6c6a4067f67244b93284f6d31c8207e959fabeff5cec85b86d48b
GET /img/a/AVvXsEjenKVZKZPi59-z_PIz9W6F1PKrpMnbjMOQxxVP2gXbL926FF6nF-HjXaKoG6OvCotpm7DD21_Dm93HFdSfivaW8JRIExEF59ijxtW9JzcmaEImVW3xMN7bm37fyTX62wFyBOt4cwzoSy30ppUP3O85bAJT1ATqDF5p8Fe66SFH3SnREASk4Ckjuih-=s728 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6bb"
expires: Wed, 05 Oct 2022 16:39:17 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cavalo grande.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 16:39:17 GMT
server: fife
content-length: 48318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2989a8517592009dd57f77de0e961cb
ff261b55442d9c50270767d2aeff2acf6c53bd71
8dab713dbaba5496a2f16e857d716f8912bc80681aa49a173f677b908a6f7cd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DAB713DBABA5496A2F16E857D716F8912BC80681AA49A173F677B908A6F7CD3"
Last-Modified: Mon, 03 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19648
Expires: Tue, 04 Oct 2022 22:06:45 GMT
Date: Tue, 04 Oct 2022 16:39:17 GMT
Connection: keep-alive
www.blogger.com/blogin.g?blogspotURL=https://nadjavidal.blogspot.com/&type=blog
216.58.207.201302 Found 280 B URL HTTP/2 www.blogger.com/blogin.g?blogspotURL=https://nadjavidal.blogspot.com/&type=blog
IP 216.58.207.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (344)
Hash 36c70e0c69d661a1fde29f73e395604f
45ea3f042f7418c8f3d7e46b642c2d12ddf80a13
536320b3a42e3b48ff21483b4431a2999b3f897e70f38cdf9aa8684b7bba79d3
GET /blogin.g?blogspotURL=https://nadjavidal.blogspot.com/&type=blog HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 04 Oct 2022 16:39:17 GMT
expires: Tue, 04 Oct 2022 16:39:17 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 280
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed99f70f6f70dd73982d974d3a0337f5
7bd95ccdd7a681aeb4c629bec5ed508f4245ebcb
bdd95a4891ec394f7fdd0e340d5014034cd9da175f8911f2e195b87fa1604ec9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDD95A4891EC394F7FDD0E340D5014034CD9DA175F8911F2E195B87FA1604EC9"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17824
Expires: Tue, 04 Oct 2022 21:36:21 GMT
Date: Tue, 04 Oct 2022 16:39:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a7b92212ae4106a9ed5d5e1799853f2
c1fef7d0e5389a9dc047bb1ff0bd7f923cf83d97
ba1b8ae206d40083e34aeb116ac4356070aa12bc09e051765154e8a1648fe2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
216.58.207.237302 Found 229 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ec79dea9cc26e41699b4652c98ebc0fb
9530b9e07568198ed6f4e4aa7b149b4f16301cd5
24508adc5ef208fcb10f9e69da2c227d47e247db46cf44161fe4b76d02a800cb
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://nadjavidal.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nadjavidal.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 16:39:17 GMT
location: https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fnadjavidal.blogspot.com%2F&type=blog&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-xyAfQcXfN8-xtGJbr59gew' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 229
server: GSE
set-cookie: __Host-GAPS=1:6tKhxD_cN6EyE72W4hjEkjMP7BG1_g:9yYt1vSwYS274eZj;Path=/;Expires=Thu, 03-Oct-2024 16:39:17 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f936b953fdf91692463e6745f5151375
9f94b177ba59497086040cbec72f9e26e22a54c3
21c4c1a25e3f41ea5d0262216d19cb081023a79500eae7dab8b8c1f5022ad18e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e150o4aummva.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 e150o4aummva.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: e150o4aummva.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
pl16081888.trustedgatetocontent.com/b7/4d/53/b74d53519ea6afdc28bab75d8f5c256b.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 pl16081888.trustedgatetocontent.com/b7/4d/53/b74d53519ea6afdc28bab75d8f5c256b.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37127), with no line terminators
Hash e188064e6de0999c72254ba2d607af3e
17957a8fbc0e8510f14e596c24efc3d23f960c7d
cb59b21058fca9ccce6a7987b3cfd7813e9d04249b8489dd675362bf258bbacc
Analyzer Verdict Alert quad9 Sinkholed
GET /b7/4d/53/b74d53519ea6afdc28bab75d8f5c256b.js HTTP/1.1
Host: pl16081888.trustedgatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a1a94c66a6aa3ed65a95ad541422b97
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=882762
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=882762
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (420), with CRLF, LF line terminators
Hash efd4c4be45e785fdb67d1e9e0dd6a34e
ef96d1f6f9d52e539e3f2985a0046022e1991349
1ea80750aec3b7eadcb994321085a500ab53ebfb34aea37029f927244b5f54cc
GET /adshow.php?adzone=882762 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 16:39:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e1ec5fe3cfa4baa9c4bc671418b11a67; expires=Wed, 04-Oct-2023 16:39:17 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps61=1; expires=Wed, 05-Oct-2022 16:39:17 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY5NzQ7aToxNjY1MTYwNzU3O30%3D; expires=Fri, 07-Oct-2022 16:39:17 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 07-Oct-2022 16:39:17 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user1037/131-1584677627-0454438001584677627.jpg
69.16.175.10200 OK 62 kB URL HTTP/2 i.jads.co/network/user1037/131-1584677627-0454438001584677627.jpg
IP 69.16.175.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3\012- data
Hash cacf3fddb74d7499bcd3e253566f5c69
58ccc962fecbaeb13f75c142e240d69bf432102d
036030b6d1cf30b7822e510244bbd892ce7f6de47b5d488e8d38d04e0867bab9
GET /network/user1037/131-1584677627-0454438001584677627.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=e1ec5fe3cfa4baa9c4bc671418b11a67; imps61=1; juicy_data_1=YToxOntpOjExOTY5NzQ7aToxNjY1MTYwNzU3O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:18 GMT
etag: "1584677627"
cache-control: max-age=8743446
content-length: 62341
content-type: image/jpeg
last-modified: Fri, 20 Mar 2020 04:13:47 GMT
accept-ranges: bytes
x-hw: 1664901558.dop219.sk1.t,1664901558.cds067.sk1.hn,1664901558.cds022.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=882636
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=882636
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (422), with CRLF, LF line terminators
Hash 054d9ed90493ab757fb02c72d44ac3fe
5713602f2f683cb2badb6b63dd1bc2b3c6007d41
4ecf06ae5a9b0e9dba2be838d0c4d829c92b03a3b767d8a4ab4d2dc48f808fa5
GET /adshow.php?adzone=882636 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 16:39:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e1ec5fe3cfa4baa9c4bc671418b11a67; expires=Wed, 04-Oct-2023 16:39:17 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps271=1; expires=Wed, 05-Oct-2022 16:39:17 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjgwODA0NztpOjE2NjUxNjA3NTc7fQ%3D%3D; expires=Fri, 07-Oct-2022 16:39:17 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 07-Oct-2022 16:39:17 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash e01a9c3ae0c56e2a9a98e02c1ff404cf
b42412aa7fdd35c1b62cf58e0da237d3b0bde179
84b019815e38b6eba0ad7fb7827be8e49f0c69221901c92ef298776d750c3e9d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 16:39:18 GMT
Last-Modified: Tue, 04 Oct 2022 16:37:53 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f1ubt8XQoJ4zSZl5lag55cFfIcUJDIVVkesYBAUeUccP7To_ekyEqQ==
Age: 85
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.jads.co/network/user4057a/271-1573094833-0028507001573094833.gif
69.16.175.10200 OK 149 kB URL HTTP/2 i.jads.co/network/user4057a/271-1573094833-0028507001573094833.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 149 kB (148712 bytes)
Hash 239fa7ed0c4e69f024854f05950e8fb7
58c256343f475d85c3be17ca6899c7b566213e46
2fca0eb22eae7cdfdc8690a27f0af500eecb6535e98c53db7cf6b3573829fff6
GET /network/user4057a/271-1573094833-0028507001573094833.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=e1ec5fe3cfa4baa9c4bc671418b11a67; imps61=1; juicy_data_1=YToxOntpOjgwODA0NztpOjE2NjUxNjA3NTc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps271=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:18 GMT
etag: "1573094833"
cache-control: max-age=20666765
content-length: 148712
content-type: image/gif
last-modified: Thu, 07 Nov 2019 02:47:13 GMT
accept-ranges: bytes
x-hw: 1664901558.dop219.sk1.t,1664901558.cds067.sk1.hn,1664901558.cds204.sk1.c
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash e440f3220ac9523531e3c2b19ac286e9
367882519d75ef4f495c2f8ec4c208919969b3ed
d69ffb378209578659d124ed3e34a3261f776dfd6d3aa9c2edf76ec5c73aee00
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nadjavidal.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=bdbde4ae-6c59-46f8-8653-0615eaaafc69:3:1; expires=Fri, 01 Oct 2032 16:39:18 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21456
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 16:39:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5408faa43b00f2687ceaaee458d96ba1
42d701362c0ab1e40ec5d7521fdfa3777d5b54bc
56dd8c12ee678dfbadf397542dc6d5f33ed043ceab980f28238303a9421b2bbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DD8C12EE678DFBADF397542DC6D5F33ED043CEAB980F28238303A9421B2BBD"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3363
Expires: Tue, 04 Oct 2022 17:35:21 GMT
Date: Tue, 04 Oct 2022 16:39:18 GMT
Connection: keep-alive
www.google.com/css/maia.css
142.250.74.164200 OK 12 kB URL HTTP/2 www.google.com/css/maia.css
IP 142.250.74.164:0
File type Unicode text, UTF-8 text, with very long lines (43499), with no line terminators
Hash bbb96f1e62e3f84502664d603d4ecbfc
684db7b7626d997e41d11716107d25824f322983
fcb969338fcac7f4d33a5f51945c6756d58881b82572604863fd8c0f3b1840c7
GET /css/maia.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 12181
date: Tue, 04 Oct 2022 16:39:18 GMT
expires: Tue, 04 Oct 2022 16:39:18 GMT
cache-control: private, max-age=0
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 14:41:09 GMT
expires: Tue, 04 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 7089
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21456
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 16:39:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 67352
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21456
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 16:39:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21456
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 16:39:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 66499
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2287c489794dab0e9ba923a2057988f
2b9f6828a38da81b40dcad033572e48b4c5896db
e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:37:24 GMT
age: 64914
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 67404
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 65399
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 42985
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16748, version 1.0\012- data
Hash 62d24b94de2fd801742f49d8c6306ba2
d4b841b136adad3051b58a66692f7c5942cf6deb
1b2f88142c19df560f487368810bba2d41c5d6948df584abaa2e0091c0b2245b
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:54:21 GMT
expires: Tue, 03 Oct 2023 18:54:21 GMT
cache-control: public, max-age=31536000
age: 78297
last-modified: Mon, 15 Aug 2022 18:14:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 172 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 6b134007b851e27ab5ab22b8ecc590da
9b5bf5de45a5fe39b23459664f756a27ec1f34ce
161a4de439fed6dbd588af9d24e80d1cd93c1fa7cb498cf0dc11b4164e39fce6
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1834
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://nadjavidal.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 507910
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
142.250.74.163200 OK 663 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
IP 142.250.74.163:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1660), with no line terminators
Hash d3ec4b74ea0887aeff93ed6767748dc8
95aac504eb982d2806af370586b681cdd7b8877a
303c26d0404d542bfbdd1bf05e7ae0f103a017c0f97870ef6993d0747fd88573
GET /images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 663
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 02:12:35 GMT
expires: Sun, 01 Oct 2023 02:12:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
age: 311203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/og/_/js/k=og.qtm.en_US.F9GLv3vJthY.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTudCw2XotoVCZRHW0V_ffgR5WCCig
142.250.74.163200 OK 50 kB URL HTTP/2 www.gstatic.com/og/_/js/k=og.qtm.en_US.F9GLv3vJthY.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTudCw2XotoVCZRHW0V_ffgR5WCCig
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Hash 1e2aa0b53af173cba15b536913fb1de0
d1c92b9012a0dbb47279ecde99b4639156e2f46f
cb9d072d8459abcce2c36f27c3955c11d03fd051a53d1cddde1ae07283830f29
GET /og/_/js/k=og.qtm.en_US.F9GLv3vJthY.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTudCw2XotoVCZRHW0V_ffgR5WCCig HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 49543
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:17:55 GMT
expires: Sun, 01 Oct 2023 04:17:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 01:34:29 GMT
content-type: text/javascript; charset=UTF-8
age: 303683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300
142.250.74.10200 OK 910 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300
IP 142.250.74.10:0
File type ASCII text, with very long lines (452)
Hash 270bca0c2f65a3f13f61470479db92c6
4a7bf95f69bd72c433f5861ae00bc58716a3b03d
009dd2015ca56f5b30cec922c38777fbfbc292eaf889f3a2845afbead9af3cad
GET /css?family=Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 16:39:18 GMT
date: Tue, 04 Oct 2022 16:39:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash db775b8d58d4e959e1ebbe27b053f1b2
97328dba1a0f9532fe1215fbdf613707a9c1c461
072a16655403858c5a1cccb7189194516045f42adfcf3d5fec7bcff74937bad1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.IK5OmUURd2E.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo932JinkSJHK92WgVjIV-Jwwyu3Rw/cb=gapi.loaded_0
142.250.74.174200 OK 36 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.IK5OmUURd2E.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo932JinkSJHK92WgVjIV-Jwwyu3Rw/cb=gapi.loaded_0
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 48ff0e8782ee2e49fb2fc1e680e7953a
669792e69fa69c053a346ce0c75272fb6ec4e330
84496f0ae0347138128eb776b51457f470452aa1e7284653af71efa3d4954c62
GET /_/scs/abc-static/_/js/k=gapi.gapi.en.IK5OmUURd2E.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo932JinkSJHK92WgVjIV-Jwwyu3Rw/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 36496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 13:45:39 GMT
expires: Sat, 30 Sep 2023 13:45:39 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 30 Jul 2022 15:19:59 GMT
content-type: text/javascript; charset=UTF-8
age: 356019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=882636
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=882636
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (422), with CRLF, LF line terminators
Hash 20fa95b11e1843e0ac25de4a2d55b71c
bbb92b2c1674ac7af240985afe948d83c4c8702c
6981de7785880d069a9ab417e0cb31b4c209816f4fb4be67fc49468cb7c67637
GET /adshow.php?adzone=882636 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 16:39:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=8daf7abbc7ce2d8366822c5e3067be9e; expires=Wed, 04-Oct-2023 16:39:18 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps271=1; expires=Wed, 05-Oct-2022 16:39:18 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjgwODA0NztpOjE2NjUxNjA3NTg7fQ%3D%3D; expires=Fri, 07-Oct-2022 16:39:18 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 07-Oct-2022 16:39:18 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
e150o4aummva.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 e150o4aummva.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: e150o4aummva.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:18 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5db45330f58566e2813387d3f0c99c36
a482c949c24b4209ff8d2fa88b5270fd25a8126d
d97db06023e822b44380887c867525a970dbc6256f69deed2e204a51781f8066
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 16:39:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 18:35:56 GMT
Expires: Sun, 09 Oct 2022 18:35:55 GMT
Etag: "a482c949c24b4209ff8d2fa88b5270fd25a8126d"
Cache-Control: max-age=438396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754f5a555abeb4f7-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 50286903b1552c5e10b5bb6fd180ff72
08136163cefbdbbe6b6b5e2bdf52932110cba789
694e9c4f0de7d7649cd48152b8433881d13d89f8389e98186b43b6db45d20f82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "694E9C4F0DE7D7649CD48152B8433881D13D89F8389E98186B43B6DB45D20F82"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5029
Expires: Tue, 04 Oct 2022 18:03:07 GMT
Date: Tue, 04 Oct 2022 16:39:18 GMT
Connection: keep-alive
intellipopup.com/a.htm?_=BAYAYzxhtgFjPGG2gAGBAsAAIAeNAcR_rz4_trXk6Ygw8hu--EuUyulOWYfDH3f66xWpwQBHMEUCIQCJp-bVXhRYBjQZYJYu6SAIk_40jdKEqaPBaf3EZnfdKgIgWfobz3E6kJUtcZefrRr3e7sHZO0-oL1xQHG9ACc7xbU&v=4&gACDvmMX=4351007&SQIVANsX=&lhvGrFkw=0:1,0&WQwaTvbr=&FpvqJMiE=&s=1280,1024,1,1280,1024,0
216.21.13.26200 OK 830 B URL HTTP/2 intellipopup.com/a.htm?_=BAYAYzxhtgFjPGG2gAGBAsAAIAeNAcR_rz4_trXk6Ygw8hu--EuUyulOWYfDH3f66xWpwQBHMEUCIQCJp-bVXhRYBjQZYJYu6SAIk_40jdKEqaPBaf3EZnfdKgIgWfobz3E6kJUtcZefrRr3e7sHZO0-oL1xQHG9ACc7xbU&v=4&gACDvmMX=4351007&SQIVANsX=&lhvGrFkw=0:1,0&WQwaTvbr=&FpvqJMiE=&s=1280,1024,1,1280,1024,0
IP 216.21.13.26:0
File type ASCII text, with very long lines (1164), with no line terminators
Hash 36eea4a08de49182ec7b2e19a007b2d2
65e7075bc036de37c64cf023cbbd12143b9ff38d
23e7474ef2c6ba5e5d99c1fbc0a0534f5e53e800fbcb764af6f74906b21e0238
GET /a.htm?_=BAYAYzxhtgFjPGG2gAGBAsAAIAeNAcR_rz4_trXk6Ygw8hu--EuUyulOWYfDH3f66xWpwQBHMEUCIQCJp-bVXhRYBjQZYJYu6SAIk_40jdKEqaPBaf3EZnfdKgIgWfobz3E6kJUtcZefrRr3e7sHZO0-oL1xQHG9ACc7xbU&v=4&gACDvmMX=4351007&SQIVANsX=&lhvGrFkw=0:1,0&WQwaTvbr=&FpvqJMiE=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: intellipopup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Tue, 04-Oct-2022 17:39:18 GMT; Max-Age=3600
fraudcheck=4a11bb32c8fcc46bb773dc0da0ecb054; expires=Thu, 03-Nov-2022 16:39:18 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Tue, 04-Oct-2022 22:39:18 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 830
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 16:39:18 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0f797485e378667db9125b9ec74702
57738a42829239327e18a307110559a75d3ec6b4
0327e49198bfa1d52b428b18c280333e00851baed05ef4e714fc71f072a1a29b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0327E49198BFA1D52B428B18C280333E00851BAED05EF4E714FC71F072A1A29B"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8171
Expires: Tue, 04 Oct 2022 18:55:30 GMT
Date: Tue, 04 Oct 2022 16:39:19 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0f797485e378667db9125b9ec74702
57738a42829239327e18a307110559a75d3ec6b4
0327e49198bfa1d52b428b18c280333e00851baed05ef4e714fc71f072a1a29b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0327E49198BFA1D52B428B18C280333E00851BAED05EF4E714FC71F072A1A29B"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8171
Expires: Tue, 04 Oct 2022 18:55:30 GMT
Date: Tue, 04 Oct 2022 16:39:19 GMT
Connection: keep-alive
knockoutantipathy.com/sbar.json?key=b74d53519ea6afdc28bab75d8f5c256b
192.243.61.227200 OK 4.0 kB URL HTTP/1.1 knockoutantipathy.com/sbar.json?key=b74d53519ea6afdc28bab75d8f5c256b
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5580), with no line terminators
Hash d4610355e3f11b036267af88ef1f5f1e
d702fe6e7311d2bffb06701eae18b3e40b07bf01
044e7597ef978ecf79cc38a5bb0b71939a6e88ab15ff2c1f90b1830ef33d68d2
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=b74d53519ea6afdc28bab75d8f5c256b HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 16:39:19 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nadjavidal.blogspot.com
Access-Control-Allow-Origin: https://nadjavidal.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15981389; expires=Wed, 05 Oct 2022 16:39:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 16:39:19 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 16:39:19 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 05 Oct 2022 16:39:19 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 05 Oct 2022 16:39:19 GMT; secure; SameSite=None
slecb74d53519ea6afdc28bab75d8f5c256b=[3364901]; expires=Tue, 04 Oct 2022 16:39:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a8b87e274969c837c782db545c8145c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a1c45d147edffcf7edf9a2a6efcc27d1
3377fb5f6ff4311aa5ba6087dd389074fae7279c
5658f0c18fb7b3e8c28473d83dddae2d7672c70746004f49a04e9d00582bf587
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3405
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 16:39:19 GMT
Last-Modified: Tue, 04 Oct 2022 15:42:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
knockoutantipathy.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq7N7EDwp8aCgzEVQkNnu%2BdEzY4RgXFcWd7MxUcxN60fPbGWru5qqru7ZPS2GhBzH%2F6D3O7tZokEUhJwMMhuIsCCkPS3invwHJJCTB5nJ4uiD4r1X3%2B%2Fh817V7T13Snw4erK8rnekUnSpXfdrb10Pggu1NZm4YW3YDb8IWxdqJn%2B3F9b9t2sfRXxLLzX8wPcDP6itSBP19XBpKkKm93tBvefXW4160G5haP7fW%2BfBUg8iPyUvQ4pq8ZF3HpJPkMTfL0d2K9PpOx%2FGTtFMG%2BTi8LNkK9FFgnhe9o2HfnJ45oa2T1YeQicHM1zo%2FF8jkxXxHj8ESw7PIMHy%2FRknU4gSMPEiinyCSE0g6QRc34QUTwjABS5vIInvXtamoNvPVTpVK7L47ClkUZHFP84jib%2B7pOSwdk0rl0mdWAz7JeRwAjmYIHVHyHbOQRZH4NlXkOJXsvRsDUm8v2GVhhTlbHYpJ5D9CVQ0ArUe3PRID67vwaUeYnFS40EQdHzBqd%2Ftcd4UnYiFwg9opx%2FQwA%2B7cHyKN0KWjsDVCNzsIjW72JIjGPcz7GYJKzzYrCLeJ7vIRYkiIigsQUEJCklQZARFXh4IZRu2vCuUdSw4y42z3CzHOhvs0QOdDaKE7KWn5KXZXp7%2Bvo6t6KTGOi3RbraDXkRD2he80WWUddqi22%2FzRjtksLKEtOdmo%2B7Iirxy%2B0%2BksiILv5Rg9AhWHYHLBVD3Omgx7jR80M1xq%2BtjJ3mQUHGD5lJQVWdKD2yqszrXMYQukWaLyLa9PXVKXp0hNa%2B%2FiYgfX%2FySrVd%2F3fsb3JRITYkb8hHBQN0ZX9UF2b%2BqC0t%2B2EgzGcsdOn3GaxnNooVvPo62C23E6rId3XufT4Vpef%2FTyGZrNBEyGVjy7SUpRGRWtOER%2BWnVfh6xK85uXnImcenalQ9WVuPURNZKnUxAZUXI42NwWZEXfjyY%2FdDXbt2CNBMYVyJ2x%2BQsIPUReLoLm875rV6AUXMPSz0UrhybBptfKkmgonlPWQn7n57N6z17BwPzBmh2E0lcIjclclWCqhGsWxhnqTm%2B%2BFtzFmDKGzNlvH2mjPr6%2BXKtPKl1mk2fhr120OnQqMNajW4%2FDASljVbYCEPaRGYr%2Fh598A8AAAD%2F%2FwEAAP%2F%2Fv3nFgGwEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 knockoutantipathy.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq7N7EDwp8aCgzEVQkNnu%2BdEzY4RgXFcWd7MxUcxN60fPbGWru5qqru7ZPS2GhBzH%2F6D3O7tZokEUhJwMMhuIsCCkPS3invwHJJCTB5nJ4uiD4r1X3%2B%2Fh817V7T13Snw4erK8rnekUnSpXfdrb10Pggu1NZm4YW3YDb8IWxdqJn%2B3F9b9t2sfRXxLLzX8wPcDP6itSBP19XBpKkKm93tBvefXW4160G5haP7fW%2BfBUg8iPyUvQ4pq8ZF3HpJPkMTfL0d2K9PpOx%2FGTtFMG%2BTi8LNkK9FFgnhe9o2HfnJ45oa2T1YeQicHM1zo%2FF8jkxXxHj8ESw7PIMHy%2FRknU4gSMPEiinyCSE0g6QRc34QUTwjABS5vIInvXtamoNvPVTpVK7L47ClkUZHFP84jib%2B7pOSwdk0rl0mdWAz7JeRwAjmYIHVHyHbOQRZH4NlXkOJXsvRsDUm8v2GVhhTlbHYpJ5D9CVQ0ArUe3PRID67vwaUeYnFS40EQdHzBqd%2Ftcd4UnYiFwg9opx%2FQwA%2B7cHyKN0KWjsDVCNzsIjW72JIjGPcz7GYJKzzYrCLeJ7vIRYkiIigsQUEJCklQZARFXh4IZRu2vCuUdSw4y42z3CzHOhvs0QOdDaKE7KWn5KXZXp7%2Bvo6t6KTGOi3RbraDXkRD2he80WWUddqi22%2FzRjtksLKEtOdmo%2B7Iirxy%2B0%2BksiILv5Rg9AhWHYHLBVD3Omgx7jR80M1xq%2BtjJ3mQUHGD5lJQVWdKD2yqszrXMYQukWaLyLa9PXVKXp0hNa%2B%2FiYgfX%2FySrVd%2F3fsb3JRITYkb8hHBQN0ZX9UF2b%2BqC0t%2B2EgzGcsdOn3GaxnNooVvPo62C23E6rId3XufT4Vpef%2FTyGZrNBEyGVjy7SUpRGRWtOER%2BWnVfh6xK85uXnImcenalQ9WVuPURNZKnUxAZUXI42NwWZEXfjyY%2FdDXbt2CNBMYVyJ2x%2BQsIPUReLoLm875rV6AUXMPSz0UrhybBptfKkmgonlPWQn7n57N6z17BwPzBmh2E0lcIjclclWCqhGsWxhnqTm%2B%2BFtzFmDKGzNlvH2mjPr6%2BXKtPKl1mk2fhr120OnQqMNajW4%2FDASljVbYCEPaRGYr%2Fh598A8AAAD%2F%2FwEAAP%2F%2Fv3nFgGwEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq7N7EDwp8aCgzEVQkNnu%2BdEzY4RgXFcWd7MxUcxN60fPbGWru5qqru7ZPS2GhBzH%2F6D3O7tZokEUhJwMMhuIsCCkPS3invwHJJCTB5nJ4uiD4r1X3%2B%2Fh817V7T13Snw4erK8rnekUnSpXfdrb10Pggu1NZm4YW3YDb8IWxdqJn%2B3F9b9t2sfRXxLLzX8wPcDP6itSBP19XBpKkKm93tBvefXW4160G5haP7fW%2BfBUg8iPyUvQ4pq8ZF3HpJPkMTfL0d2K9PpOx%2FGTtFMG%2BTi8LNkK9FFgnhe9o2HfnJ45oa2T1YeQicHM1zo%2FF8jkxXxHj8ESw7PIMHy%2FRknU4gSMPEiinyCSE0g6QRc34QUTwjABS5vIInvXtamoNvPVTpVK7L47ClkUZHFP84jib%2B7pOSwdk0rl0mdWAz7JeRwAjmYIHVHyHbOQRZH4NlXkOJXsvRsDUm8v2GVhhTlbHYpJ5D9CVQ0ArUe3PRID67vwaUeYnFS40EQdHzBqd%2Ftcd4UnYiFwg9opx%2FQwA%2B7cHyKN0KWjsDVCNzsIjW72JIjGPcz7GYJKzzYrCLeJ7vIRYkiIigsQUEJCklQZARFXh4IZRu2vCuUdSw4y42z3CzHOhvs0QOdDaKE7KWn5KXZXp7%2Bvo6t6KTGOi3RbraDXkRD2he80WWUddqi22%2FzRjtksLKEtOdmo%2B7Iirxy%2B0%2BksiILv5Rg9AhWHYHLBVD3Omgx7jR80M1xq%2BtjJ3mQUHGD5lJQVWdKD2yqszrXMYQukWaLyLa9PXVKXp0hNa%2B%2FiYgfX%2FySrVd%2F3fsb3JRITYkb8hHBQN0ZX9UF2b%2BqC0t%2B2EgzGcsdOn3GaxnNooVvPo62C23E6rId3XufT4Vpef%2FTyGZrNBEyGVjy7SUpRGRWtOER%2BWnVfh6xK85uXnImcenalQ9WVuPURNZKnUxAZUXI42NwWZEXfjyY%2FdDXbt2CNBMYVyJ2x%2BQsIPUReLoLm875rV6AUXMPSz0UrhybBptfKkmgonlPWQn7n57N6z17BwPzBmh2E0lcIjclclWCqhGsWxhnqTm%2B%2BFtzFmDKGzNlvH2mjPr6%2BXKtPKl1mk2fhr120OnQqMNajW4%2FDASljVbYCEPaRGYr%2Fh598A8AAAD%2F%2FwEAAP%2F%2Fv3nFgGwEAAA%3D HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Cookie: u_pl=15981389; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb74d53519ea6afdc28bab75d8f5c256b=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 16:39:19 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de65670f63af3389144da11e67e108cb
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10366
Expires: Tue, 04 Oct 2022 19:32:05 GMT
Date: Tue, 04 Oct 2022 16:39:19 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10366
Expires: Tue, 04 Oct 2022 19:32:05 GMT
Date: Tue, 04 Oct 2022 16:39:19 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png
172.64.200.2200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png
IP 172.64.200.2:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5380479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wPB3zedceDKFc%2FooqCjIAHaQHQaYWRzfsXoOQaxzpUW8j55HLhxDdpwZ7leD%2B%2BiBD62DQ3xI5SzPFtRw%2Bp5hlqk5YaEQ9D2NOAWyzUbb6t4QcAa96MAMtPpbeaBm2Zar4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5b2e91889b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png
172.64.200.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png
IP 172.64.200.2:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5380479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEtqCejfC0mcQ6FDbJchQ3RQrp00z4VCSqWDMZ4K5%2F7Yx8AeeiGD5xYUX7pKX7armTtBxeJUyRJsIyInbiu979MqCZpnaNa1KteXttAqBoiNNUnoCHeNEWWTVNtmaZC1cLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5b2e94889b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png
172.64.200.2200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png
IP 172.64.200.2:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5380479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8ZJM3fyeDtzrFKd3F0TDWqfjkDXhB%2Fv3xYtzQ2%2FPO%2BAt0DJMT%2B4uu%2BF5I1tUJOaawHmLenUtKMiejdg99uoufjOo73DICJIgFpGGE58bVU9Daiuy5MCK3SKbN9i%2FR0%2B1VQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5b1e8d889b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html
104.26.7.19200 OK 578 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html
IP 104.26.7.19:0
File type HTML document, ASCII text
Hash 4c33e96989c1969776c40baf1190b457
37362ad5e72ebc679e5c8297bd0f8a28cb61df07
5c79d095180cbb7946b770a60baab467ed944808712bef702062f6258451d5dc
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:15:28 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 15214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wc%2B2TZpco7gLWMrlvbmXVHwX6LBEjeYIeGFanWKxJNPCfJ9MJzC%2FJ%2F6MwkJPwAAxKGJVU7zh8lyY9drdxubhacMNGRvOwTaVktHFVDDO9AZ6rt0zFKW9FJpSGV8aW%2B9vdwqMj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5a1c8d1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10366
Expires: Tue, 04 Oct 2022 19:32:05 GMT
Date: Tue, 04 Oct 2022 16:39:19 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png
172.64.200.2200 OK 107 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png
IP 172.64.200.2:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 107 kB (106874 bytes)
Hash c1f6eb397e4025eb9b9f152caf975d28
0fef898a70d937ab0982906947fcb2826a7fde3c
be6b906095a91adeb37fdb83b3567252be9406419a8c7a65e9d62332a3415e99
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: image/png
content-length: 106874
last-modified: Tue, 08 Feb 2022 14:16:16 GMT
etag: "62027b30-1a17a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5380479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91fmpHaIXnntqC7iED9wzP5S8%2FdwQLeTMrAeLZC19dmBDuimEH4o30mKAH%2BBaAnlHCLRBxS6HbA7whiGA3Hhv%2BeBdPhYuSxI6NMIBmn86%2Ffk1indfHzPTMvlZdqb7zQ2Ikw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5b2e98889b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7395fbf71381e7b99a8f2dc723aeca6
1c17cde68b62dde4c2871178e45274c60f666d16
b3df570e2fbb53547e0b3722e77b0f31e6abbf27b9c27834411e6bd70884e067
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3DF570E2FBB53547E0B3722E77B0F31E6ABBF27B9C27834411E6BD70884E067"
Last-Modified: Mon, 03 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10637
Expires: Tue, 04 Oct 2022 19:36:36 GMT
Date: Tue, 04 Oct 2022 16:39:19 GMT
Connection: keep-alive
knockoutantipathy.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fanimate.css&l=79249&fd=107
192.243.61.227200 OK 0 B URL HTTP/1.1 knockoutantipathy.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fanimate.css&l=79249&fd=107
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fanimate.css&l=79249&fd=107 HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Cookie: u_pl=15981389; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb74d53519ea6afdc28bab75d8f5c256b=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 16:39:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
knockoutantipathy.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=108
192.243.61.227200 OK 0 B URL HTTP/1.1 knockoutantipathy.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=108
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=108 HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Cookie: u_pl=15981389; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb74d53519ea6afdc28bab75d8f5c256b=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 16:39:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js
172.64.200.2200 OK 32 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js
IP 172.64.200.2:0
File type ASCII text, with very long lines (65451)
Hash c1fcfdd480feeb47a41cfc787b7346e4
e5fd5e809695ffc4c9ba9ac6fbc5a8bd79483e11
fb47644686a2ccbd35fd6316eabfff765993e80a872c3a16da6268c0cc36a879
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5380479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSvLAg1vjSOYWsfrat%2FJtYVNUtzb%2BgQfyfmFqeCJOIZ%2FcVnJig9A4WWEURFRf5mREgYHQ5QJbxQwfFCVekszylHZ0iUG4H89gloBZoLFUsiHh4loV3uiIjl6wmUah1rmGks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5b2e99889b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=bdbde4ae-6c59-46f8-8653-0615eaaafc69&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=b74d53519ea6afdc28bab75d8f5c256b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=bdbde4ae-6c59-46f8-8653-0615eaaafc69&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=b74d53519ea6afdc28bab75d8f5c256b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=bdbde4ae-6c59-46f8-8653-0615eaaafc69&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=b74d53519ea6afdc28bab75d8f5c256b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 16:39:19 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f2410c905a354aad6b1c91159354aad1
Strict-Transport-Security: max-age=0; includeSubdomains
knockoutantipathy.com/pixel/sbs?c=1
192.243.61.227200 OK 660 B URL HTTP/1.1 knockoutantipathy.com/pixel/sbs?c=1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, max compression\012- data
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Cookie: u_pl=15981389; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb74d53519ea6afdc28bab75d8f5c256b=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 16:39:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
knockoutantipathy.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tcVRTH72uyEFwpdaGgzEZQkMl78ztWKNYYCSZNbRW70%2FvrTW5z37uPe9%2BPSVbB0tLl%2BB%2B8fCdpqBZRELqyyKRQISD0uQpiVv4DUujKhcx0cPTA5Zxzv9%2FF55x7b%2B9nZ8RHRk9XNsyu0poutet%2B7a3rQXChtq7ibFAb9DpfdFoXajZ%2Fd7lT99%2BufST5tllq%2BIHvB35QW1VWhmawNBGhkvvLQX3Zr7ca9aDdwsD%2Bv3eZB0c9iPyMvAwlqsVH3nkoPkYcfb8i3XZqknc%2BjDJNU2ORi6PP4u3YFDGieRlaD2F8NHPDuCerD2HiwykuTP6vkamKeI8fgsVHM0iw%2FGDKyTRkDCZeRJGPIfUYio7BzU0o8YQAXODyJuLo7mVjC7rzXKUTtSKLz55CFRVZ%2FOM84ui7S1oNateMzlJlYodBWEINxlD9MZLsGOnuOajiGDz9Ckr8SpaerSOODjadNlCinM6u1BgqHEPLIajzkE2O8pCFHrLEQyROazwIgq4vOPV7y5w3RVeyjvAD2g0DGvidHjI%2BwRsiTYbgeghu95DYPWyrIWz2M9xWCSc8uLQi3id7yEWJQhIUjqCgBIUiKFKCIi8PhXYNV94V2mUsmOXGLDfLkUn7%2B%2FTQpH0Zk%2F3kjLw03cvT3zewLU9rrNsS7WY7WJa0Q0PBGz1GWbctemGbN9odBqdKKHduOuquqsgrt%2F9Eoiqy8EsJRo%2Fh9DG4WgDNXgctRt2GD7o1avV87MYPYipu0FwJqutMm75LTFrnJoIwJZJ0EemOt6%2FPyKtTpOb1NyH5ycUv2Ub1172%2FwW2JxJa4oR4R9PWd0VVTkIOrpnDkh80kVZHapZNnvJbSVC5887HcKYwVaytueO99PhEm5f1PpUvXaSxU3Hfk20tKCGlXjeWS%2FLTmPpfsSua2LmU2zpL1Kx%2BsrkWJlc4pE49BVUXI4xNwVZEXfjyc%2FtDXbt2CsmPYrESUnZBZQJlj8GQPLpnzO7MAq%2BcelngosnJkG2x%2BqRWBlvOeshLuPz2b1%2FvuDvr2DdD0JuKoRG5L5LoE1UO4bGGUJvbk4m%2FNaYBpb8S09Q6Ytvrr58t16rTW9EWXyVB2mWy1W6HkgrXbzOchZ03R63GkruLv0Qf%2FAAAA%2F%2F8BAAD%2F%2Fz%2BtEGhsBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 knockoutantipathy.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tcVRTH72uyEFwpdaGgzEZQkMl78ztWKNYYCSZNbRW70%2FvrTW5z37uPe9%2BPSVbB0tLl%2BB%2B8fCdpqBZRELqyyKRQISD0uQpiVv4DUujKhcx0cPTA5Zxzv9%2FF55x7b%2B9nZ8RHRk9XNsyu0poutet%2B7a3rQXChtq7ibFAb9DpfdFoXajZ%2Fd7lT99%2BufST5tllq%2BIHvB35QW1VWhmawNBGhkvvLQX3Zr7ca9aDdwsD%2Bv3eZB0c9iPyMvAwlqsVH3nkoPkYcfb8i3XZqknc%2BjDJNU2ORi6PP4u3YFDGieRlaD2F8NHPDuCerD2HiwykuTP6vkamKeI8fgsVHM0iw%2FGDKyTRkDCZeRJGPIfUYio7BzU0o8YQAXODyJuLo7mVjC7rzXKUTtSKLz55CFRVZ%2FOM84ui7S1oNateMzlJlYodBWEINxlD9MZLsGOnuOajiGDz9Ckr8SpaerSOODjadNlCinM6u1BgqHEPLIajzkE2O8pCFHrLEQyROazwIgq4vOPV7y5w3RVeyjvAD2g0DGvidHjI%2BwRsiTYbgeghu95DYPWyrIWz2M9xWCSc8uLQi3id7yEWJQhIUjqCgBIUiKFKCIi8PhXYNV94V2mUsmOXGLDfLkUn7%2B%2FTQpH0Zk%2F3kjLw03cvT3zewLU9rrNsS7WY7WJa0Q0PBGz1GWbctemGbN9odBqdKKHduOuquqsgrt%2F9Eoiqy8EsJRo%2Fh9DG4WgDNXgctRt2GD7o1avV87MYPYipu0FwJqutMm75LTFrnJoIwJZJ0EemOt6%2FPyKtTpOb1NyH5ycUv2Ub1172%2FwW2JxJa4oR4R9PWd0VVTkIOrpnDkh80kVZHapZNnvJbSVC5887HcKYwVaytueO99PhEm5f1PpUvXaSxU3Hfk20tKCGlXjeWS%2FLTmPpfsSua2LmU2zpL1Kx%2BsrkWJlc4pE49BVUXI4xNwVZEXfjyc%2FtDXbt2CsmPYrESUnZBZQJlj8GQPLpnzO7MAq%2BcelngosnJkG2x%2BqRWBlvOeshLuPz2b1%2FvuDvr2DdD0JuKoRG5L5LoE1UO4bGGUJvbk4m%2FNaYBpb8S09Q6Ytvrr58t16rTW9EWXyVB2mWy1W6HkgrXbzOchZ03R63GkruLv0Qf%2FAAAA%2F%2F8BAAD%2F%2Fz%2BtEGhsBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tcVRTH72uyEFwpdaGgzEZQkMl78ztWKNYYCSZNbRW70%2FvrTW5z37uPe9%2BPSVbB0tLl%2BB%2B8fCdpqBZRELqyyKRQISD0uQpiVv4DUujKhcx0cPTA5Zxzv9%2FF55x7b%2B9nZ8RHRk9XNsyu0poutet%2B7a3rQXChtq7ibFAb9DpfdFoXajZ%2Fd7lT99%2BufST5tllq%2BIHvB35QW1VWhmawNBGhkvvLQX3Zr7ca9aDdwsD%2Bv3eZB0c9iPyMvAwlqsVH3nkoPkYcfb8i3XZqknc%2BjDJNU2ORi6PP4u3YFDGieRlaD2F8NHPDuCerD2HiwykuTP6vkamKeI8fgsVHM0iw%2FGDKyTRkDCZeRJGPIfUYio7BzU0o8YQAXODyJuLo7mVjC7rzXKUTtSKLz55CFRVZ%2FOM84ui7S1oNateMzlJlYodBWEINxlD9MZLsGOnuOajiGDz9Ckr8SpaerSOODjadNlCinM6u1BgqHEPLIajzkE2O8pCFHrLEQyROazwIgq4vOPV7y5w3RVeyjvAD2g0DGvidHjI%2BwRsiTYbgeghu95DYPWyrIWz2M9xWCSc8uLQi3id7yEWJQhIUjqCgBIUiKFKCIi8PhXYNV94V2mUsmOXGLDfLkUn7%2B%2FTQpH0Zk%2F3kjLw03cvT3zewLU9rrNsS7WY7WJa0Q0PBGz1GWbctemGbN9odBqdKKHduOuquqsgrt%2F9Eoiqy8EsJRo%2Fh9DG4WgDNXgctRt2GD7o1avV87MYPYipu0FwJqutMm75LTFrnJoIwJZJ0EemOt6%2FPyKtTpOb1NyH5ycUv2Ub1172%2FwW2JxJa4oR4R9PWd0VVTkIOrpnDkh80kVZHapZNnvJbSVC5887HcKYwVaytueO99PhEm5f1PpUvXaSxU3Hfk20tKCGlXjeWS%2FLTmPpfsSua2LmU2zpL1Kx%2BsrkWJlc4pE49BVUXI4xNwVZEXfjyc%2FtDXbt2CsmPYrESUnZBZQJlj8GQPLpnzO7MAq%2BcelngosnJkG2x%2BqRWBlvOeshLuPz2b1%2FvuDvr2DdD0JuKoRG5L5LoE1UO4bGGUJvbk4m%2FNaYBpb8S09Q6Ytvrr58t16rTW9EWXyVB2mWy1W6HkgrXbzOchZ03R63GkruLv0Qf%2FAAAA%2F%2F8BAAD%2F%2Fz%2BtEGhsBAAA HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Cookie: u_pl=15981389; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb74d53519ea6afdc28bab75d8f5c256b=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 16:39:19 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e31aee00b65947417bd32d86bbea9732
Strict-Transport-Security: max-age=0; includeSubdomains
free-cosmetics-online.com/favicon.ico
104.21.23.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 104.21.23.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 87
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRFrAVaJjz5GqWbY5GSQYXOb4DJfeh144nWK2M8ovjTTNyIiWpUQNo1Ppl5nw68JyV5uXlLemxFU7JmRUi8VqAVJpVyzsKvOtjsYHOKlbBz%2BjRH7vEhIu%2BjV62fqS4Iwl4xPwuCHowdoCXPL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754f5a57ddafb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
IP 142.250.74.10:0
GET /css?lang=no&family=Product+Sans|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 16:39:18 GMT
date: Tue, 04 Oct 2022 16:39:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 15214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6sY3CczuyD7qgUAARlUd%2Fm3NDqmMYH1uuKWlBUVNM4jo2dLYmZ274rzWjCZms5FAoc5mzV1m80OZxlNkGpC2X3aVA8N0Bf2wgNAKRVOFrELLqhH6W4osQeOPQS6NS96gGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5bcfa9889b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.intellipopup.com/simple-gallery.min.js
185.76.9.26200 OK 0 B URL HTTP/2 www.intellipopup.com/simple-gallery.min.js
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
GET /simple-gallery.min.js HTTP/1.1
Host: www.intellipopup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:17 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Tue, 04 Oct 2022 20:43:29 GMT
access-control-allow-origin: *
link: <https://intellipopup.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1664916209
server: CDN77-Turbo
x-77-nzt: AblMCRQfi/H/RAEJAA
x-77-nzt-ray: LMBj2CLl8bY
x-cache: HIT
x-age: 590148
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:17 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 04 Nov 2022 16:39:17 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 1622069
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a4cdb190b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/style.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/style.css
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 15214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B263kJkabbkDTgHTdK0C%2B600cvYazmadMhUBRtSKKIwlRNqyWso0AiE9RX41d03uO48EYNMx0nMNbltrm8B%2FL6suu%2F6dnDypLMd%2BzRANhh%2BfhD0K680bD8MI%2FetY9TCrHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5abde7889b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadjavidal.blogspot.com
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:19 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 15214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHWIRnEB3b62lD4fzMGUhrYU48J%2F9BXR2ShD%2FoOOY0hzoIQ9SIGUS%2F97RNdJQA101itQq%2FMf77aI5iADLFuiLjNVa0bAeI3bow68JTvaoQgiD6LOBCg1gAwFzfoYXcZcq3E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a5acdea889b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.198.30200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.198.30:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nadjavidal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 16:39:18 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6db52391df7f2ac36a6cb17c04cf8786
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 16:39:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEkFx3u%2BQrqFH95VU7bgu4X1CJ1qxHyXBu5K4A%2FZgp4zqpHRHYcr5L0q%2F%2FfvLWQXzB0ZSjXbGo0UFH8lsdfZDP9vQUzIOsYPA%2BeuDyKE0Wd35MtIu5L4g3ykvssEjxz9Usf%2F938%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f5a513e3d775b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2