Overview

URLsci-q.blogspot.com/
IP 142.250.74.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 10:22:01 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (41)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.myekamus.com (1) 0 2015-01-15 03:15:42 UTC 2019-04-26 04:40:44 UTC 104.165.143.153 Unknown ranking
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-25 06:26:28 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
lh5.googleusercontent.com (1) 157 2012-05-30 06:59:05 UTC 2020-02-03 19:12:52 UTC 142.250.74.33
ocsp.pki.goog (19) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
gostats.com (1) 448224 2012-05-21 11:08:51 UTC 2022-11-25 04:03:13 UTC 104.236.14.237
apis.google.com (2) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 142.250.74.174
pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-11-25 06:54:40 UTC 216.58.211.2
www.widgeo.net (16) 774083 2015-01-20 22:41:32 UTC 2022-11-24 20:25:08 UTC 172.67.69.193
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.69.31
www.pelaburanemas.com (4) 0 2014-12-23 14:00:24 UTC 2021-09-30 11:26:58 UTC 103.6.198.168 Unknown ranking
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-11-25 06:19:41 UTC 139.45.195.253
r3.o.lencr.org (10) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-11-25 08:24:51 UTC 172.67.194.45 Unknown ranking
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-11-25 07:48:21 UTC 139.45.195.8
lh3.googleusercontent.com (4) 66 2013-05-30 23:27:19 UTC 2020-05-01 19:11:58 UTC 142.250.74.33
www.ziddu.com (2) 0 2014-01-19 02:46:51 UTC 2020-08-04 13:37:01 UTC 51.81.174.128 Domain (ziddu.com) ranked at: 27088
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
sci-q.blogspot.com (4) 0 2015-02-18 08:26:20 UTC 2015-04-01 02:42:03 UTC 142.250.74.161 Unknown ranking
accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-11-25 06:26:27 UTC 216.58.207.237
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-25 05:53:13 UTC 142.250.74.10
ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
www.blogger.com (3) 8975 2012-05-22 07:35:03 UTC 2020-05-05 09:48:25 UTC 142.250.74.105
www6.cbox.ws (2) 276639 2014-05-20 07:31:25 UTC 2022-11-25 06:01:27 UTC 104.149.151.166
flagcounter.com (1) 47157 2012-07-15 16:19:59 UTC 2022-11-25 02:44:09 UTC 66.154.110.210
shashinki.com (3) 0 2017-02-02 10:28:11 UTC 2022-10-30 09:46:52 UTC 14.102.151.186 Unknown ranking
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-25 07:04:10 UTC 216.58.207.202
pelaburanemas.com (2) 0 2014-12-23 14:00:24 UTC 2022-11-15 18:08:42 UTC 103.6.198.168 Unknown ranking
www.easycounter.com (2) 371991 2012-05-23 07:16:16 UTC 2020-05-05 10:33:45 UTC 52.1.22.171
www.4shared.com (1) 144818 2015-07-08 11:17:43 UTC 2022-11-24 16:38:20 UTC 74.117.178.90
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
monster.gostats.com (1) 0 2012-05-21 11:08:52 UTC 2020-03-31 12:01:09 UTC 104.236.14.237 Domain (gostats.com) ranked at: 448224
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
1.bp.blogspot.com (1) 8403 2013-05-06 20:18:52 UTC 2020-05-14 01:22:22 UTC 142.250.74.161
4.bp.blogspot.com (1) 11215 2013-05-06 20:18:52 UTC 2020-05-06 03:21:52 UTC 142.250.74.161
logv33.xiti.com (2) 776887 2012-11-23 19:03:55 UTC 2022-11-24 22:48:32 UTC 143.204.46.236
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-25 05:54:26 UTC 142.250.74.164
inklinkor.com (1) 0 2022-04-01 11:44:00 UTC 2022-11-25 08:24:50 UTC 104.21.91.63 Unknown ranking
resources.blogblog.com (3) 13274 2018-07-01 19:33:30 UTC 2020-04-09 16:15:03 UTC 142.250.74.105
3.bp.blogspot.com (2) 11048 2013-07-04 04:18:40 UTC 2020-05-14 03:02:58 UTC 142.250.74.161

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 www.ziddu.com/what-happened-to-the-old-ziddu-blockchain-and-file-hosting-we (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-25 2 datatechonert.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161
Date UQ / IDS / BL URL IP
2023-01-21 16:46:31 +0000 0 - 0 - 1 wytike.page.link/pQhBiPQ2o7GVemxA8 142.250.74.161
2023-01-21 16:46:26 +0000 0 - 0 - 1 defewyr.page.link/JoAeTra1xCczHZfv7 142.250.74.161
2023-01-21 16:46:19 +0000 0 - 0 - 1 dymuder.page.link/kvtDZbqxU8AkQ2dV7 142.250.74.161
2023-01-21 13:31:38 +0000 0 - 0 - 1 feqesi.page.link/365pd6duvijVApZL9 142.250.74.161
2023-01-21 13:31:24 +0000 0 - 0 - 1 raliwobe.page.link/BCJyT76QUmkH92Uy7 142.250.74.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-30 11:01:04 +0000 0 - 0 - 3 cvbncvbndfghdfghdfghdfghcvbnvcbn.blogspot.rs/ 172.217.21.161
2023-01-30 10:58:41 +0000 0 - 3 - 0 www.megaslot.to/ 35.197.227.153
2023-01-30 10:58:16 +0000 0 - 0 - 3 wwwrobloxpromocodes.blogspot.pe/ 216.58.207.193
2023-01-30 10:53:33 +0000 0 - 2 - 0 crd-devices.co.uk/products/linear-actuators/ 35.214.11.4
2023-01-30 10:53:26 +0000 0 - 0 - 4 expertessaywriting.co.uk/default/GER/DOC/Rech (...) 34.102.136.180


Last 1 reports on domain: sci-q.blogspot.com
Date UQ / IDS / BL URL IP
2022-11-25 10:22:01 +0000 0 - 0 - 2 sci-q.blogspot.com/ 142.250.74.161


No other reports with similar screenshot

JavaScript

Executed Scripts (43)

Executed Evals (1)
#1 JavaScript::Eval (size: 1546) - SHA256: d980a377170f7653bab54f4bcb88e567af7bc4ba3110cfd37638f49d71569c0f
try {
    _WidgetManager._HandleControllerResult('Feed1', 'getFeed', {
        'status': 'ok',
        'feed': {
            'entries': [{
                'title': 'China and HK may be barred from Asia Team meet',
                'link': 'https://www.thestar.com.my/sport/badminton/2020/02/08/china-and-hk-may-be-barred-from-asia-team-meet',
                'publishedDate': '2020-02-07T15:00:00.000-08:00',
                'author': ''
            }, {
                'title': 'A US$453b bond manager shifting bets from India to China',
                'link': 'https://www.thestar.com.my/business/business-news/2020/01/15/a-us453b-bond-manager-shifting-bets-from-india-to-china',
                'publishedDate': '2020-01-14T22:49:00.000-08:00',
                'author': ''
            }, {
                'title': 'Taliban denounce Afghan election, warn that rallies face attack',
                'link': 'https://www.thestar.com.my/news/world/2019/08/06/taliban-denounce-afghan-election-warn-that-rallies-face-attack',
                'publishedDate': '2019-08-06T00:41:00.000-07:00',
                'author': ''
            }, {
                'title': 'Muhyiddin: No such thing as \x26#39;back door\x26#39; citizenship applications',
                'link': 'https://www.thestar.com.my/news/2019/07/29/muhyiddin-no-such-thing-as-039back-door039-citizenship-applications',
                'publishedDate': '2019-07-28T20:23:54.000-07:00',
                'author': ''
            }, {
                'title': 'Warisan veep Peter Anthony taken to hospital for medical exam',
                'link': 'http://www.thestar.com.my/news/nation/2017/10/11/warisan-veep-peter-anthony-taken-to-hospital-for-medical-exam/',
                'publishedDate': '2017-10-10T21:20:57.000-07:00',
                'author': 'By MUGUNTAN VANAR'
            }],
            'title': ''
        }
    });
} catch (e) {
    if (typeof log != 'undefined') {
        log('HandleControllerResult failed: ' + e);
    }
}

Executed Writes (6)
#1 JavaScript::Write (size: 24) - SHA256: a3ba8250ebf2c8e28e99b0cbcb48488777fa3f512e83a7a56930803eb5d35e05
< xmp style = display: none >
#2 JavaScript::Write (size: 28) - SHA256: 02a30378b586dc03985957f9e19c893c277976dd109c5deb1c14ce4efa3a970f
< div id = 'nuffnang_lb' > < /div>
#3 JavaScript::Write (size: 245) - SHA256: 8dfd8de69c21e3120471f12fa0ee38c1e15244459651c92b3e87d7e7999621d7
< iframe src = "//www.widgeo.net/geocompteur/geocity_html.php?id=1203228&c=geocity_blue2&size=&nostats=&title=Sci-Q&ref=sci-q.blogspot.com&fullurl=http%3A%2F%2Fsci-q.blogspot.com%2F"
width = "164"
height = "314"
scrolling = "no"
frameborder = "0" > < /iframe>
#4 JavaScript::Write (size: 120) - SHA256: 0b0b7a5faa23468c077c4c25d00ff7afad3821ad3fa45ffef96813bc6d652988
< iframe src = "https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2"
width = "0"
height = "0"
frameborder = "0" > < /iframe>
#5 JavaScript::Write (size: 590) - SHA256: e4718789d3903a6e801912d847f0326188875aa41a2454197192aa399701fa81
< script language = "javascript" >
    var _go_js = "1.0"; < /script><script language="javascript1.1">_go_js="1.1";</script > < script language = "javascript1.2" > _go_js = "1.2"; < /script><script language="javascript1.3">_go_js="1.3";</script > < script language = "javascript1.4" > _go_js = "1.4"; < /script><script language="javascript1.5">_go_js="1.5";</script > < script language = "javascript1.6" > _go_js = "1.6"; < /script><script language="javascript1.7">_go_js="1.7";</script > < script language = "javascript1.8" > _go_js = "1.8"; < /script><script language="javascript1.9">_go_js="1.9";</script > < script language = "javascript" > < /script>
#6 JavaScript::Write (size: 239) - SHA256: 15b51ef81fb92c0bd54dd709f75f3824be37697d94a6e854e9ae1aa5c6901b57
< a target = "_blank"
href = "http://gostats.com"
title = "web traffic stats" > < img id = "_go_render_43078831"
alt = "web traffic stats"
title = "web traffic stats"
border = "0"
style = "border-width:0px;width:88px;height:31px"
width = "88"
height = "31" / > < /a>


HTTP Transactions (120)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8135
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 10:21:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3783
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 10:21:47 GMT
Last-Modified: Fri, 25 Nov 2022 09:18:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 10:17:26 GMT
cache-control: public,max-age=3600
age: 261
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18797
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 10:21:47 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: /m81I/z6vPSB/al8/RjuRWnqlpDL56otUvTVXdyiKPj5ikDyApf3zcASP3xj1xUsx1eger+2OQ8=
x-amz-request-id: S48EYA0HN79DF90X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 09:40:45 GMT
age: 2462
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:21:48 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 10:08:53 GMT
cache-control: public,max-age=3600
age: 775
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:12:52 GMT
expires: Wed, 22 Nov 2023 18:12:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
age: 230936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35959)
Size:   7776
Md5:    5aa2d3297bdc86bc81322aedecbb5e79
Sha1:   1c0a3c007e41726e167e79b70ddea76198650884
Sha256: feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
age: 243473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18\012- data
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 25 Nov 2022 10:21:48 GMT
expires: Fri, 25 Nov 2022 10:21:48 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1279)
Size:   20984
Md5:    7ac44ef24e267df17ff72f195b252806
Sha1:   62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
                                        
                                            GET /blogblog/data/1kt/watermark/body_background_birds.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 22568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 23:49:59 GMT
expires: Tue, 29 Nov 2022 23:49:59 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 21:54:19 GMT
age: 210709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 2-bit colormap, non-interlaced\012- data
Size:   22568
Md5:    5cd8cda0e75b359eb8f15dc83b0c5c29
Sha1:   86c99fbb62aadacb3ebd3f948d345b917f65253f
Sha256: 0220dbf46954d4efe2e91d261dd3d40f06e6402c722cc5580129af64bddc58f9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
age: 174330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   57794
Md5:    813b15c3004464f6bd39fd0773b04757
Sha1:   bd2218fe1e647f61132aad70d29cd91fd0416f26
Sha256: 446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
                                        
                                            GET /blogblog/data/1kt/watermark/body_overlay_birds.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 3523
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:34:36 GMT
expires: Tue, 29 Nov 2022 14:34:36 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
age: 244032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 386 x 121, 8-bit colormap, non-interlaced\012- data
Size:   3523
Md5:    031c64f442b967c59b28cdc8b03ac349
Sha1:   59f743959d06ced56f36b5e262c76e6cbfef9720
Sha256: 4bff767832f0cae6ed521f2436871dba9c4e1d036efd4889457b9e797738154a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5800
Cache-Control: max-age=87701
Date: Fri, 25 Nov 2022 10:21:48 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:43:29 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         216.58.211.2
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:47:10 GMT
Expires: Thu, 08 Dec 2022 22:47:10 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 41678


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=2497565198146934945&zx=6c58d6b7-6909-4a20-90c0-645e0fb86334 HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:21:48 GMT
last-modified: Fri, 25 Nov 2022 10:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   21
Md5:    a62e4d501434033d5d177e67d3aafdd0
Sha1:   34f7300c9ed47334cf10826d57af785321e3138b
Sha256: b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
                                        
                                            GET / HTTP/1.1 
Host: sci-q.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Fri, 25 Nov 2022 10:21:48 GMT
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 23 Nov 2022 00:41:55 GMT
ETag: W/"234c99ec0e33719d5fa6e78d75217db8d4bb01a2316e47029f5601d47606f4c2"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 185112
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (30685)
Size:   185112
Md5:    e0db3e8b9d7a32438677f720125b67fc
Sha1:   20f16c8614a7a4b31e62da816d2abd3486998ddc
Sha256: 68e9fa1455db3981ba535f59963532d35ce42bf239a5f6159a7462b6f46cf146
                                        
                                            GET /img/logopm.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         172.67.69.193
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:43:44 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 830284
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34H9K1d2tju7c8jyzMw7gi%2BuITg1rG4JO%2FK4qHSJUhZwCF4VDVWtYbIpmyXYxcqANL6gNfhLv8jAqbJCw%2FYd%2FqSNGxC8AizpVPTLRZV0JJ1n5dcJ67%2BlDKJ%2BIrJ3EKBY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9a8dbbf2ab4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   714
Md5:    3832d6b8d8c47a5cefe6561297b514f6
Sha1:   f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
Sha256: c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: sci-q.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 25 Nov 2022 10:21:48 GMT
Expires: Fri, 02 Dec 2022 10:21:48 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 25 Nov 2022 08:50:38 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
                                        
                                            GET /-wFHz9oOEvmw/TbC-Q_PHlKI/AAAAAAAAAi8/OKjdw1FcH_8/s80/IMG_0257.JPG HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v22f"
Expires: Sat, 26 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0257.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 10:21:48 GMT
Server: fife
Content-Length: 3260
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x60, components 3\012- data
Size:   3260
Md5:    2982942fdc381a85aab072cbfdec11ef
Sha1:   bb0ad3eaae4907aa700d10f65814d93cf906f0b8
Sha256: aee1a5e2f18bb4cb86ec8c1b71821949d77b20dcb5900921e62cf070d75d8417
                                        
                                            GET /-tYYb_ztcD5w/VpkmGS9gRqI/AAAAAAAAA3E/JrixvT8rJY8/s400/catnap.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
etag: "v372"
expires: Sat, 26 Nov 2022 10:21:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="catnap.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:48 GMT
server: fife
content-length: 71835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x400, components 3\012- data
Size:   71835
Md5:    7d906f298d24977f9a10f644958deee6
Sha1:   dba73f643541954bf3238606c13a4f7aaaa13921
Sha256: c3a3f31c9b575ec198fc90cd4466208a66bd00ba0c7d242386d21f43a77fb52b
                                        
                                            GET /counter.php?greeniris HTTP/1.1 
Host: www.easycounter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         52.1.22.171
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.14.2
Date: Fri, 25 Nov 2022 10:21:48 GMT
Content-Length: 185
Connection: keep-alive
Location: https://www.easycounter.com/counter.php?greeniris


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   185
Md5:    4c555068310076e85908835c721911f5
Sha1:   9ec990aabb4391e139034f68e5e657e0f1d0b74d
Sha256: 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
                                        
                                            GET /-d6N-B2lcpsU/VqF7qAG5dRI/AAAAAAAAA3U/WW5BqPFIY_c/s400/cats%2Bn%2Bumbrella%2B1.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v376"
Expires: Sat, 26 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cats n umbrella 1.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 10:21:48 GMT
Server: fife
Content-Length: 32692
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x300, components 3\012- data
Size:   32692
Md5:    b51ed7150501f617b248c548f69ce9d9
Sha1:   e8067402e7fe161b5f9a9ff0d89aadd93668d7c6
Sha256: 0592288dd790e968b5b718f28400d52fae16ec71fb9bd356a5cdcab7db414395
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2CBE0eiVDwI+TU154/fI3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.69.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: raE0aZt6/cMd1aTfMc7J441PSAI=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/counter.js HTTP/1.1 
Host: gostats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         104.236.14.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:21:48 GMT
Last-Modified: Tue, 09 Aug 2016 14:13:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"57a9e515-2f70"
Expires: Sun, 25 Dec 2022 10:21:48 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (685)
Size:   3546
Md5:    a0ab976562999b9456c404a72cbac90c
Sha1:   9bf7dac6a2cf8cee41bc30e0afac035361f60872
Sha256: 65b77b3a21c4f25a41db0b9eccb1084082d8445114591a9adeaf0f5c519cfaac
                                        
                                            GET /geocompteur/geocompteur.php?c=geocity_blue2&id=1203228&adult=0&cat=Sciences&fonce=0099ff&claire=0066ff HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         172.67.69.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 10:21:48 GMT
Content-Length: 2197
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Thu, 01-Dec-2022 10:21:47 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 10:21:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFnWhU8MJ2aHHWF3NnREHpaTde2LNaNJfqi5rvhub0QLvFi0Jrv1UK2npFnM1hAgZ2sk2qzyUuwz9NB3Dtd4JGS96NxHExQe60Kqc8u7oIKr87Aq8om%2F0QPGVIlL%2BiC7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9a8dbbf29b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (2149)
Size:   2197
Md5:    63a51ee249659dfdb58a6dc1686df7f1
Sha1:   862a7cad2cbfb64f7351ff1228a485fefb029116
Sha256: 5c127d1b6b037858d366cd9a7686738ef9c0213886a64bd58f697b40e32fac7a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4867
Cache-Control: max-age=87131
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 10:34:00 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2280
Cache-Control: max-age=116223
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 18:38:52 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3192
Cache-Control: max-age=171866
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "6380871f-117"
Expires: Sun, 27 Nov 2022 10:06:15 GMT
Last-Modified: Fri, 25 Nov 2022 09:13:03 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3899
Cache-Control: max-age=86163
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 10:17:52 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /img/logo-16.png HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         142.250.74.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 04:27:52 GMT
Expires: Wed, 30 Nov 2022 04:27:52 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 07:51:00 GMT
Age: 194037


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   279
Md5:    5ffecab6c722bb0adc3fce8d83b27993
Sha1:   0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
Sha256: cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
                                        
                                            GET /-kItT0QM__1Y/UDXRNsYxQSI/AAAAAAAAAu8/c0oVWpb75us/s300/SMART%2BTIGER.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v2ef"
Expires: Sat, 26 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="SMART TIGER.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 10:21:49 GMT
Server: fife
Content-Length: 37342
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x225, components 3\012- data
Size:   37342
Md5:    69296319fab920b3fe4b35c835e3b5cf
Sha1:   b482b3f10fa627122fe158180e3c939796403766
Sha256: 22dc93c2ccff1e4692d433cdc373b361e7d8e98b88a89965766eb847fa2c6dd6
                                        
                                            GET /affiliate/images/b4.gif HTTP/1.1 
Host: www.4shared.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         74.117.178.90
HTTP/1.1 200 OK
Content-Type: image/gif;charset=UTF-8
                                        
Server: 558
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 26-Nov-2022 10:21:49 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 30 Nov 2022 10:21:49 GMT
Accept-Ranges: bytes
ETag: W/"5933-1493818900000"
Last-Modified: Wed, 03 May 2017 13:41:40 GMT
Content-Length: 5933
Date: Fri, 25 Nov 2022 10:21:48 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 125 x 125\012- data
Size:   5933
Md5:    be617fb930d4b9df15d6916b09fc4259
Sha1:   93ff130a7c29b6a88fc327ac57c3b0e57fcd7d43
Sha256: 704e4baed08f889533b842f62755e87c6f00b3742c18cfc42fc1ca929507b2fd
                                        
                                            GET /tcm_t_u.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 02:34:50 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 28018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0HPzxBda6j1OZ7Y1CUGBX1Cr%2FJMmSqh9rWTUP2FIXpHxacjrUnMCvTqxKvdPbFVdV%2BOI0GCvHfdQMXj29oTw6%2BMzbgzStaoP0pc1RBF3qnu8m7gtLP6oPEpW1AMO78s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8ddfa4f0afa-OSL
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6508
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 10:21:49 GMT
Last-Modified: Fri, 25 Nov 2022 08:33:21 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "056533A6A5261FDFEF878C46797F71332FB3C358E18526626F80AB2013CDF676"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9912
Expires: Fri, 25 Nov 2022 13:07:01 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Connection: keep-alive

                                        
                                            GET /images/ekamus125.gif HTTP/1.1 
Host: www.myekamus.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         104.165.143.153
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (625), with CRLF line terminators
Size:   549
Md5:    6abe882925fbdd53b966c53126f60d1b
Sha1:   c226f5d08edc82ff2e57f611844c26904be7e4c9
Sha256: 037140e952698597f301beec899e4910ac725c6ed90fcbbd9f0358aa345b2380
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B9C0EC9F6959080BFC3340D0C591283004D8C53F512A84D3A4954430D9AEC775"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5895
Expires: Fri, 25 Nov 2022 12:00:04 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:21:49 GMT
location: https://www.blogger.com/followers.g?blogID=2497565198146934945&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%3D%3D&pageSize=21&origin=http%3A%2F%2Fsci-q.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-ca86zMS4EuLtFc1VUo4wIA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 465
server: GSE
set-cookie: __Host-GAPS=1:kuRPvS7Kc_WRe9CVggtQWiwgcR8KsQ:TO9Zpb4qyGx-Bb0a;Path=/;Expires=Sun, 24-Nov-2024 10:21:49 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (509)
Size:   465
Md5:    4eed623e948af900e0aca623e9b30222
Sha1:   d33fbb1d6c43259f23edde6e6c8cd0614102402f
Sha256: 591a780370af4904d345562fafb400d7bdea40ab8bc5a0f378d4fa912cb1e76d
                                        
                                            GET /box/?boxid=662860&boxtag=40fag7&sec=form HTTP/1.1 
Host: www6.cbox.ws
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         104.149.151.166
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:21:49 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Sat, 25 Nov 2023 10:21:49 GMT
Cache-Control: public, max-age=31536000
X-Cache: MISS

                                        
                                            GET /box/?boxid=662860&boxtag=40fag7&sec=main HTTP/1.1 
Host: www6.cbox.ws
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         104.149.151.166
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Wed, 17 Nov 2004 05:00:00 GMT
Last-Modified: Thu, 25 Nov 2021 10:21:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Cache: MISS
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   653
Md5:    d0d05a23cb23fe35908361694e15b565
Sha1:   d14818ca4dc04d998081b92c3975ff6e9f6dcdea
Sha256: 1fe598dd28104053751c17c7371ef1e42ec25c08b513993cbc93a4f6b4b9c716
                                        
                                            GET /count/N7QE/bg=FAE3F2/txt=000000/border=FA195C/columns=2/maxflags=50/viewers=0/labels=1/pageviews=1/ HTTP/1.1 
Host: flagcounter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         66.154.110.210
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 25 Nov 2022 10:21:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image data, 186 x 412, 8-bit/color RGB, non-interlaced\012- data
Size:   32311
Md5:    ce833810247805e11d7d27d3a860de51
Sha1:   60f62732dce7f8c7bf2a7c1a5b2a61b732121aa6
Sha256: c4871d16678c091b26ed02ce3fdb88374eb1746834d3ceca387524a67cda7d43
                                        
                                            GET /shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13 HTTP/1.1 
Host: shashinki.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         14.102.151.186
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 10:14:27 GMT
Server: Apache/2
X-Frame-Options: SAMEORIGIN
Location: https://shashinki.com/shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13
Cache-Control: max-age=31536000
Expires: Sat, 25 Nov 2023 10:14:27 GMT
Content-Length: 295
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   295
Md5:    9769f74e79441c4e1879c262bcdc182e
Sha1:   d02298df51d73884ed666f1ea0127e32ef004c0f
Sha256: a18daee2303c6a257800f4d1279103e6b92fab416f17714ad84ea9ac5cff5a58
                                        
                                            GET /counter.php?greeniris HTTP/1.1 
Host: www.easycounter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.1.22.171
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.2
Date: Fri, 25 Nov 2022 10:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 10:21:49 +0000
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate


--- Additional Info ---
Magic:  PNG image data, 96 x 19, 8-bit colormap, non-interlaced\012- data
Size:   1772
Md5:    5a11120dbe8754f3e2095481088351be
Sha1:   52b9dea36bea947c214e2acaaaa6ebefbdf76f50
Sha256: 551e9f1d9fdd2998e435b81b5b1700b38f324863ef34dc6184578a69ff343516
                                        
                                            GET /geocompteur/geocity_html.php?id=1203228&c=geocity_blue2&size=&nostats=&title=Sci-Q&ref=sci-q.blogspot.com&fullurl=http%3A%2F%2Fsci-q.blogspot.com%2F HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         172.67.69.193
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Thu, 23-Feb-2023 10:21:47 GMT; Max-Age=7776000; path=/ pays=Norway; expires=Thu, 23-Feb-2023 10:21:47 GMT; Max-Age=7776000; path=/ ville=Oslo; expires=Thu, 23-Feb-2023 10:21:47 GMT; Max-Age=7776000; path=/ idcompteurcc_1203228=done; expires=Sat, 26-Nov-2022 10:21:47 GMT; Max-Age=86400; path=/ online_idcompteurcc_1203228=done; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/ originecc_1203228=United%2BStates%2523United%2BStates%2BCity%2523167%257CMalaysia%2523Kuala%2BLumpur%2523146%257CUnited%2BStates%2523Chicago%2523134%257CUnited%2BStates%2523Boardman%252361%257CMalaysia%2523Petaling%2BJaya%252342%257CCanada%2523Canada%2BCity%252336%257CMalaysia%2523Malaysia%2BCity%252327%257CGermany%2523Germany%2BCity%252327%257CMalaysia%2523Shah%2BAlam%252322%257CGermany%2523Nurnberg%252320%257CMalaysia%2523Johor%2BBahru%252317%257CUnited%2BStates%2523Ashburn%252315%257CMalaysia%2523Ipoh%252315%257CMalaysia%2523Kuching%252314%257CRussian%2BFederation%2523Moscow%252313%257CCanada%2523Burnaby%252311%257CMalaysia%2523Kajang%252311%257CMalaysia%2523Seremban%252310%257CMalaysia%2523Cheras%25239%257CMalaysia%2523Penang%25238%257CMalaysia%2523Seri%2BKembangan%25238%257CRussian%2BFederation%2523Saint%2BPetersburg%25238%257CMalaysia%2523Klang%25238%257CUnited%2BStates%2523Duluth%25237%257CRussian%2BFederation%2523Kazan%25236%257CUnited%2BStates%2523Columbus%25236%257CMalaysia%2523Kota%2BKinabalu%25236%257CMalaysia%2523Subang%2BJaya%25236%257CUnited%2BStates%2523Dallas%25236%257C; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/ online_1203228=1; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/ jour_1203228=1; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/ total_1203228=1354; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/ bonus_1203228=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ bonus_j_1203228=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
cache-control: public, max-age=180
expires: Fri, 25 Nov 2022 10:24:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv97p99UyAjUz3tOG5m3Zk27Qe2YQhib0cVxQAQ3SEl7epL0Q1ulf3w0M7zaBNYNoOFfqCCXCmKntzybDZK1QLajmUT2rem9isCtedbHbKszeQVZ8RGIxXUWM6vMABJ%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9a8dd698eb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1922
Md5:    8b79660211c5009b92e6f3cddfeb944c
Sha1:   7a5c74df8f307493a64fe04c89d5af851546b1e9
Sha256: e1106335fbf0e11234a199e008eaed04ddbc5dc3469e5447c683ac923cea3496
                                        
                                            GET /images/banner01.gif HTTP/1.1 
Host: www.pelaburanemas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         103.6.198.168
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 25 Nov 2022 10:21:49 GMT
server: LiteSpeed
location: https://www.pelaburanemas.com/images/banner01.gif


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
                                        
                                            GET /images//banner03.gif HTTP/1.1 
Host: www.pelaburanemas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         103.6.198.168
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 25 Nov 2022 10:21:49 GMT
server: LiteSpeed
location: https://www.pelaburanemas.com/images//banner03.gif


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
                                        
                                            GET /geocompteur/shadow/flag_malaysia.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 990
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1216
content-disposition: inline; filename="flag_malaysia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 22 Dec 2022 22:04:40 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 217028
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbtkW9ym4NwXpGxSRxqKasYuv64759c729ALQYneme%2Fsw%2F8TfSB3Mx8UR%2FLfmLNL1oYdLlnUUJAwxftp%2FD93QipBoONCWk4woYtbklEqTxFcXokLESLV4T81boSBEv5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfccb20afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   990
Md5:    b69697ab6effe9c72ebc0d4768d9f8bc
Sha1:   806c9c63795f99ce88b81475741fe06b1346a94d
Sha256: 1a473a4d01199896dd76d0882be0aa5e3a9ada7201e4d21f61c74ec3ee5463da
                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=1203228&c=geocity_blue2&size=&nostats=&title=Sci-Q&ref=sci-q.blogspot.com&fullurl=http%3A%2F%2Fsci-q.blogspot.com%2F

search
                                         172.67.69.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9nrD15cajfzVdyNmAdLc7A%2Bp6FGYTqNXCYLUyj9nky%2F%2B1e7%2BRZGAQtSwGhwZjAqOH%2Bz9pGu2R7gvKDEERr6u3tlZtluN8RzzxTbgUv6hUG31rmeh38J1HobvRo2VvfK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9a8dfdcbbb4e8-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 27 Nov 2022 10:21:49 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (12331)
Size:   3886
Md5:    54c87b7a9007d256c837e382cab4170d
Sha1:   6c8f44204021f68596af9ae5a742c3ad1b76a6ec
Sha256: 3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
                                        
                                            GET /geocompteur/shadow/flag_canada.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 07:00:43 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 98464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkuaNjRh%2FkFTWHgqaAwp8%2FZJpsmYmyy4F056jyuRUBLhiEylBfRxkwxMyYF1rIeE%2Fm7cvsXBKL7qQV21%2BxEeWgWk7WeQ6HIknn9L9J6J8thMtjgrF4uoqqswM0EZN08Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfdcb70afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   886
Md5:    9dfda6415875b226812181f7ea64fcc8
Sha1:   6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
Sha256: b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
                                        
                                            GET /geocompteur/shadow/flag_germany.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 26 Nov 2022 19:27:53 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2472836
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BnPt8yPLtpf4Yfqlq6uS1soMzLP54kwk0CR8eYR1sIt4FZUYXBUvT6P%2FIsREN5Uwo8wuiE6lJqPyVN8VnD6fNjPVK4%2F6nq44uQcQC9xKGhHWy4ETsf5JtDJxYofIQa6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfdcb80afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   686
Md5:    1c667705cee250254b246ed54d521b22
Sha1:   ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
Sha256: 1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
                                        
                                            GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:43:35 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2367493
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE7HwW1yYeKhM8S%2BfHl40c3E5S%2FmY7jMmnYdAgCVpADk%2BBrnoIF9rDfHSvucd4gnDcnAftSdAYPX0pAKMXY96HmXViVIB8TurQtI%2BGslo0tcBzElGavUMtSO51bMWyP5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfdcb90afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   680
Md5:    852881aef6d6a8bca3123c3201f64c74
Sha1:   0e5ef2c61383bb79c8a6ea068d9a688631d844fa
Sha256: 41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
                                        
                                            GET /hitparade.php?pagexiti=geocity_blue2 HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: public, max-age=180
expires: Fri, 25 Nov 2022 10:24:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj1jYz9qXQFqRe%2Bqa3LqsFJf8SdX2cBs%2BiSC86x7ks0Iyu1qQ0AfxMeNR2U524YeExTRMyYaa6MOYIMFnB3FRjfWZjFCsw6vtiV2xzYrc7V%2FI%2Bto36gKzxuWLTVy41lR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8ddfa560afa-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1785
Md5:    78a2c72a358c0107b7254554132c289a
Sha1:   1ecdcb58d5e76a522e046898d7e4881f13c88ddf
Sha256: e650280fefe7feaf5873b511635f4885036b551257433bafd17b7466b4ff7a93
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY4R30aUL0o76M9LViCsZEkP9zljjQ%3A1669371707853 HTTP/1.1 
Host: sci-q.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Cookie: ck_TCM_pop=1

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Expires: Fri, 25 Nov 2022 10:21:49 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 23 Nov 2022 00:41:55 GMT
ETag: "6c58d6b7-6909-4a20-90c0-645e0fb86334"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 754
Server: GSE


--- Additional Info ---
Magic:  ASCII text, with very long lines (1436)
Size:   754
Md5:    619bcb9d5259b2443c29e6752d481361
Sha1:   d3053bfc7466621cfd88e3bbea5ae69ae045b8e1
Sha256: 1d93d467596298cca22dd6a5c46f7ba2b757fbbff0cb2b57b3848922140dda2e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /banners/images/120x90.gif HTTP/1.1 
Host: www.ziddu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         51.81.174.128
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ziddu.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://www.ziddu.com/what-happened-to-the-old-ziddu-blockchain-and-file-hosting-website/
x-litespeed-cache: hit
content-length: 0
date: Fri, 25 Nov 2022 10:21:49 GMT

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 517
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 10:21:49 GMT
Last-Modified: Fri, 25 Nov 2022 10:13:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZYvEErO43N9GqovQdzBShu37hTDDp5M0vDayan%2FLjLHaAbQbm9D0td3vKIDSlzHTF9ftkXbR3jjoWmWM7znKFhsMNpDbQHgbgX6CuA0JpH4521tX5DkcEMN4nM8HuVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9a8df8c660afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 27 Nov 2022 10:21:49 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   79871
Md5:    9ba1369166bb3262e7cde826323843d6
Sha1:   cf30db4254943a5fcd53dc1062e087a7e2fcc036
Sha256: bdba736f89241bd502232cf174049f97328053105b60cdf879b5e9b5a43c051c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 517
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 10:21:49 GMT
Last-Modified: Fri, 25 Nov 2022 10:13:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15319
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/ HTTP/1.1 
Host: logv33.xiti.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.46.236
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
content-length: 145
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=3279DEDB-4924-404D-98B0-7F8B4B129F76; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 10:21:49 GMT; HttpOnly atidx=3279DEDB-4924-404D-98B0-7F8B4B129F76; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 10:21:49 GMT; HttpOnly; Secure atid=3279DEDB-4924-404D-98B0-7F8B4B129F76; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 10:21:49 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DqOj4jRQA6WJE_sh1RIiv_Vifv5-Qz69vAQGcCDg4lQsG4f4O_u93w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   145
Md5:    6904eccbcfc47024c1abf34de413183e
Sha1:   dfa8a3df544c0928d21f82141bc3361bcecd0ca3
Sha256: e0797fda28da6dbe1bdf6f257f2e4293bc404d3bb06cdc88f56967007dd40065
                                        
                                            GET /geocompteur/img/tmp/earth_blue2.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 2596
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3258
content-disposition: inline; filename="earth_blue2.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:15:30 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 43578
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCwF14k0380G4CNc0s5LtSr4EeAkbB4xIsBVAPGCsyFT0KaDidvxzQXMFEbYQzVQPd44Zhfl%2BLup%2BYYq0NaGqnoTliGVCSlgkwqou1UhngqyUnxxA3NbLQIxnd5xdGeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8e0edd30afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2596
Md5:    35ef26dc64d2a2d57e62bef7f3c6f8c3
Sha1:   d8bd4c88f74912e188cb4e2ccc5ed53ecd36591c
Sha256: 2ab4d3f5ec0ee2c160aab1838975a7c7cd89e6adee9d7af72fc5f2f9d898317a
                                        
                                            GET /gid.js?userId=5d712796cf184c678416cebd088575ee HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sci-q.blogspot.com
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 65
access-control-allow-origin: http://sci-q.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5d712796cf184c678416cebd088575ee; expires=Sat, 25 Nov 2023 10:21:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    1cd06d5e7380bec310d26d81dfa196ba
Sha1:   3b7fa3f01fb75665a785a2b36aa232b7e37b45d3
Sha256: cd62845fc3960383d4bf52838da2a2a3c42337b5d0c42c711b32060817c7706d
                                        
                                            GET /geocompteur/img/tmp/geocity_blue2.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
content-length: 14728
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16354
content-disposition: inline; filename="geocity_blue2.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:49:25 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 41542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RQuZG2PiOwK5mXhZaxamCpWltOjPkLsPsRKjYQbNmwMhr5%2B1yrL7rcAz4XXS7L%2BxtBTd%2BoI%2B%2BomsE4H0x4OHpAuHZFUZLTvJwdYWEdEm9%2BtKxdgVNAHoc2nPvSS1nwU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8e0fddf0afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   14728
Md5:    59b23ddb52cc3a1e4525fe6d301681bc
Sha1:   7f0d9f6047fc5d0f500015bff34721c6f77b65a5
Sha256: b45192dcf53a4869f0cb13fb3de155d0ce2710d6a60304ffdb3d6fc493083bdf
                                        
                                            GET /css?family=Open+Sans:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 10:21:49 GMT
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1111
Md5:    93ebe6d71b9ab7ce89a68a060d15521e
Sha1:   f56f3f26799cbe03a3b605084b6326df9a9c1836
Sha256: 38c15e3f05fba0ea20f8d5c123f0739a3f7a278fc59ebd77ec672993b03fe27b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.widgeo.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 103138
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:33:40 GMT
expires: Sun, 19 Nov 2023 12:33:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 510489
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (820)
Size:   24715
Md5:    cc24419c482370498f3c227ac73d666b
Sha1:   37fc103ace873f47102e0ca88eb4735bc6806750
Sha256: 152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
                                        
                                            GET /geocompteur/css/city_css.php?c=geocity_blue2 HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 10:21:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zat7IwFbdrCiu6f%2FF7jvVJAxl0QLM3Hi93NM1hCJLfSS6OLcI1NI3ogFoVmzebkUVLFvL76sVHAvDutBq7HbQHdbuZgyihc9w1CR%2FDxhxFPi5C16Fm%2FDVO9CrJAq%2BXxT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfccad0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2173
Md5:    1fe2c2e718f377ae851c98e997431a9d
Sha1:   dac8d4390132d74cebfbd0f4f1fd5ee49173a977
Sha256: 43566742c9a1a6e671763e95e405431defb2a20e3ff57cf72a9a9f118d158709
                                        
                                            GET /hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/&Rdt=On HTTP/1.1 
Host: logv33.xiti.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.46.236
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 373
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: grsZvTnb3NwRHmil-yhWJF9z4mTyTg__XKibfZsjq0BlaiuY2Zbkug==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 39 x 25\012- data
Size:   373
Md5:    29cb2a1e585dff1f4282449fdbbab2d7
Sha1:   075d147195f9dba1862a6f3990d219d7c4389225
Sha256: 86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 10:09:32 GMT
Expires: Thu, 01 Dec 2022 10:09:31 GMT
Etag: "7d88a48ba6146ba3749a6cebf5c84c5aa89579bc"
Cache-Control: max-age=517061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f9a8e2386bb4fa-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=313285,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f9a8e20af30b02-OSL

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 889
Origin: http://sci-q.blogspot.com
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.253
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://sci-q.blogspot.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /what-happened-to-the-old-ziddu-blockchain-and-file-hosting-website/ HTTP/1.1 
Host: www.ziddu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         51.81.174.128
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-dns-prefetch-control: on
link: <https://www.ziddu.com/wp-json/>; rel="https://api.w.org/", <https://www.ziddu.com/wp-json/wp/v2/pages/6364>; rel="alternate"; type="application/json", <https://www.ziddu.com/?p=6364>; rel=shortlink
etag: "7574-1669293824;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10305
date: Fri, 25 Nov 2022 10:21:49 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10637)
Size:   10305
Md5:    22ba5fb52daf0ef168ea44729327d787
Sha1:   d22baf6b473859ee10b6607a2b7574c161230048
Sha256: 6653ec3db0e6a3f878401c107ae0dcbbaaa3bf5b00f43ef1a79cd087c622803a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 29662
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e4ptr__XHPd9Qsf8lEDqiZGKptuB9en72UAucNWxlGG_mEbhpFgdA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:43:51 GMT
age: 9479
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:37:15 GMT
age: 6275
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11249
Md5:    481c033b9ffd030ff0de6e35cf788b47
Sha1:   85d3baad9217af2b5d75c019d2ef95dbb919a788
Sha256: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
                                        
                                            GET /shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13 HTTP/1.1 
Host: shashinki.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         14.102.151.186
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 25 Nov 2022 10:14:27 GMT
Server: Apache/2
X-Powered-By: PHP/7.2.21
Set-Cookie: osCsid=oc5o0lirvlc2oqfiash9fkvhv7; path=/; domain=shashinki.com
X-Frame-Options: SAMEORIGIN
Location: https://shashinki.com/shop/404.php
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 44825
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11743
Md5:    8784bb7a8b88736a6016f712e3183bf3
Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07
Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:22:46 GMT
age: 10744
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6385
Md5:    f6292a2988fb4505d0098553b8e99ddc
Sha1:   9b8aafcda0e22edcc16d3048f4b88659d3b42419
Sha256: 16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
age: 46002
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8006
Md5:    8b6ee13d43732f7c764a49500d092865
Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075
Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s2/photos/public/AIbEiAIAAABECMXFysugrMr4nAEiC3ZjYXJkX3Bob3RvKihiZTQ0YWVhNzhlN2ExZmIwYTdjMjAyNjUyNWI1NDBhYzBiYjRmNDE4MAH90Etz9dRscfYib-ATOZSQoLEEhg HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 302 Found
content-type: application/binary
                                        
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:21:50 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu95-fDHsSUzOm_grXjn5y3VozkafRmdLI8SzC6zDA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-9tcJIwUTyehw4EhdmKp3Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=UyrQcS13fcR_el9jGGxY6BO6qVv6kRew7WU71nZVnhNxMYi8XytCyVo1pXRwRiwQkd4vN2wUs7oxp_nlltVIjW_YUmFSVqD74X_PGkfEZEw_jKxMKc41dmY5UGO5HtmrWPHvzJrq0z5ZoZV9jWgbX7unMGLXpjBmMiXQMU2pSMs; expires=Sat, 27-May-2023 10:21:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /a-/ACNPEu95-fDHsSUzOm_grXjn5y3VozkafRmdLI8SzC6zDA=s96-p HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
etag: "v18cd"
expires: Sat, 26 Nov 2022 10:21:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:50 GMT
server: fife
content-length: 5041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Size:   5041
Md5:    ad11c17253b66288252c2016ca842542
Sha1:   ba39eb4907483cafc28ac1435b6c7382f8731fa0
Sha256: 88f50865147c9731532c333041f035c3606aed000a4d502b197008cef5a55670
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bin/count?0.5010662030409503&a=430788&t=2&i=2&r=&p=http%3A%2F%2Fsci-q.blogspot.com%2F&c=y&j=n&w=1280&h=1024&d=24&js=1.5 HTTP/1.1 
Host: monster.gostats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/

search
                                         104.236.14.237
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:21:50 GMT
Content-Length: 95
Last-Modified: Wed, 27 Feb 2008 08:20:02 GMT
Connection: keep-alive
Cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Expires: Thu, 01 Jan 1970 00:00:01 GMT
ETag: "47c51d32-5f"
P3P: policyref="/w3c/p3p.xml", CP="NOI PSA ADM OUR IND ONL UNI COM NAV INT DEM PRE LOC"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size:   95
Md5:    60b2f914842e8b09024754e8a6493b36
Sha1:   119a32ce54609f5e3deefe01ac54582d9fac8eba
Sha256: 172e4e1fca052a61b5d95ba3b321c1f748fbd0aa08ec5914391abef89ee9f3cd
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: sci-q.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Cookie: ck_TCM_pop=1

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
                                        
Expires: Fri, 25 Nov 2022 10:21:50 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 23 Nov 2022 00:41:55 GMT
ETag: W/"234c99ec0e33719d5fa6e78d75217db8d4bb01a2316e47029f5601d47606f4c2"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size:   412
Md5:    501c61a70f5c41181aa050d9110909ca
Sha1:   5b985d5671a7caf686fdfb1df13488c4407f6c9f
Sha256: c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
                                        
                                            GET /p/AF1QipM1CswQFybRK1AKMs4BWdS6Qj1ml8xV7URNvgmj=s45-c?key=CJqzjMu_9JLvkAE HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v634"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:50 GMT
server: fife
content-length: 4271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Size:   4271
Md5:    4c589bae02a70088b9dc70f34dcc9dbc
Sha1:   79b1176613399d7ef52ba2d3a22ced70558bfb56
Sha256: a0f65bd04dcb3f1f5a82a683099a6484c0ad4df0922ae2ce9277cff89b929756
                                        
                                            GET /p/AF1QipNAZXFaLYfEvjwdMeXzDh1LEplw8lqM-meolsC-=s45-c?key=CKCPp9nS7tfHeA HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1ee"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:51 GMT
server: fife
content-length: 4810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Size:   4810
Md5:    181de6dfdab4ce7e82d56dd8b61bdc2d
Sha1:   6d7a6e989f45c400941f740eae6af77505b27982
Sha256: 3cb88332346e329051872224027fb543639c6d09a1a714bebaed465c763b9898
                                        
                                            GET /p/AF1QipOcm2mZkkmAORJXfpyC1SsjrF2fEynkWYzzB3us=s45-c?key=CLPX48uH6u2K9gE HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v27d"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:51 GMT
server: fife
content-length: 3997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Size:   3997
Md5:    c461a5a189d093ed0c0e6c97e5a915d3
Sha1:   3710e0b5e6dbb2724dabfca74a6f8e7880c78c3a
Sha256: 0fdbe01daa7492df5884bed6f83b87a9d38d3046bd5c44bdce02d002232f8008
                                        
                                            GET /-mL0QR4fmVII/AAAAAAAAAAI/AAAAAAAACC8/DD2r1vCgzv4/s45-c/photo.jpg HTTP/1.1 
Host: lh5.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
etag: "v2a6fd"
expires: Sat, 26 Nov 2022 10:21:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:51 GMT
server: fife
content-length: 2176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Size:   2176
Md5:    de94706c7aba2fe170c62c71f9b6a467
Sha1:   5d3f65893d47d841c02f080e94f410e825eed765
Sha256: 79680a1b765b87a8ed4a984f217807ec669787c9a3b8b355241e8abc5472e79f
                                        
                                            GET /images/banner01.gif HTTP/1.1 
Host: www.pelaburanemas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.6.198.168
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://pelaburanemas.com/images/banner01.gif
content-length: 0
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

                                        
                                            GET /images//banner03.gif HTTP/1.1 
Host: www.pelaburanemas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.6.198.168
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://pelaburanemas.com/images/banner03.gif
content-length: 0
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

                                        
                                            GET /images/banner03.gif HTTP/1.1 
Host: pelaburanemas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         103.6.198.168
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://pelaburanemas.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   123359
Md5:    8282cd1a7752fac2af14cd45f59abd68
Sha1:   9a2ca5361d085f92887958a7c859770507fdab21
Sha256: 5e65710d624feb7c848a12b95333e27a50f8edf9ad0eab86f7d17a3d6ce02ad7
                                        
                                            GET /geocompteur/geowidget_js.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
cf-bgj: minify
cf-polished: origSize=2217
cache-control: public, max-age=604800
expires: Tue, 29 Nov 2022 12:50:42 GMT
last-modified: Thu, 13 Feb 2020 12:35:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 250266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Tunx%2FEckkn4PLduxAKsRzAoqVqwvmEh0GIS0AV68mMwRKDHejOUcp%2BRMduie1t4frUuOlb0mCnAdJyHlhTQeM%2FtbwyGuDqLB5WgWGiofK4PyBIFxCcQ3brtomcE8Nep"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8e0fe150afa-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tcm.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.69.193
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 04:47:23 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 538465
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teR6ni7A0TObFvoKKEV1nYXTp2870b7Ex%2FDzRkwY3Zi19%2BZv0Jz4P9eYQ%2BF33LHndOu0hBaYQdtn8UG862rhPUHksyDGy4G1xBe3BcrAFYuVNfCkyGrNHVJPXUEu1f9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8ddca2e0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: inklinkor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.91.63
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
x-trace-id: 9341be6cc56fb787867ab28ce5ddc748
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:05:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 26 Nov 2022 09:37:49 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cqed4VN9yxwYoe58TCAkxW8%2FYlZCklZ9X5o4KbEfkZyNi4h9tJxGYCErMHDB6hkA91TM%2FmBaT8tk3L0IJ3KVGpyRXLNPMJzRxDyQQpJm4G1ruSqkbds9QVeZXSt9v4Hz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9a8dddc6e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /shop/404.php HTTP/1.1 
Host: shashinki.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         14.102.151.186
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 25 Nov 2022 10:14:28 GMT
Server: Apache/2
X-Powered-By: PHP/7.2.21
Set-Cookie: osCsid=t4snams2atbg08eeobh3b1qe9e; path=/; domain=shashinki.com
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 10:21:49 GMT
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPjey73ZfSZMCw18COxatarWm8Fr0l4kaCrqtheCFE7LsIiuL%2F8lZejNIDSkC2Hf3gUNbECtNFG0rbUKq7YnmHOMJ74NIp%2Bt0jf7EoiKcQZTpuyUKs1acPCJysrjHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9a8e04caeb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/banner01.gif HTTP/1.1 
Host: pelaburanemas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         103.6.198.168
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://pelaburanemas.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---