r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8135
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 10:21:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3783
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:47 GMT
Last-Modified: Fri, 25 Nov 2022 09:18:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 10:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 261
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18797
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 10:21:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /m81I/z6vPSB/al8/RjuRWnqlpDL56otUvTVXdyiKPj5ikDyApf3zcASP3xj1xUsx1eger+2OQ8=
x-amz-request-id: S48EYA0HN79DF90X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 09:40:45 GMT
age: 2462
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 10:21:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 10:08:53 GMT
cache-control: public,max-age=3600
age: 775
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0754a39846284dd8d4fbfe285a83a6b0
d4deed21378a63659bb0bbf0ab636f838e2fe745
e0f3d9d5e8eef220c221b3002bbf14e86d56c841e9e5bfea2ed83a3b5fbb26cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2a03384abe9f9728677b1f7b876b4694
41c1c401e79ac5b6edc6fc3cce8b4d085c565ac1
744b3562ef1851ca3c0413020ef5c40e71af514e6ff8da065f6ea9f846e70717
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.105200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:12:52 GMT
expires: Wed, 22 Nov 2023 18:12:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: text/css
age: 230936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
content-type: image/gif
age: 243473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 25 Nov 2022 10:21:48 GMT
expires: Fri, 25 Nov 2022 10:21:48 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/1kt/watermark/body_background_birds.png
142.250.74.105200 OK 23 kB URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/body_background_birds.png
IP 142.250.74.105:0
File type PNG image data, 300 x 300, 2-bit colormap, non-interlaced\012- data
Hash 5cd8cda0e75b359eb8f15dc83b0c5c29
86c99fbb62aadacb3ebd3f948d345b917f65253f
0220dbf46954d4efe2e91d261dd3d40f06e6402c722cc5580129af64bddc58f9
GET /blogblog/data/1kt/watermark/body_background_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 22568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 23:49:59 GMT
expires: Tue, 29 Nov 2022 23:49:59 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 21:54:19 GMT
content-type: image/png
age: 210709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 174330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/1kt/watermark/body_overlay_birds.png
142.250.74.105200 OK 3.5 kB URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/body_overlay_birds.png
IP 142.250.74.105:0
File type PNG image data, 386 x 121, 8-bit colormap, non-interlaced\012- data
Hash 031c64f442b967c59b28cdc8b03ac349
59f743959d06ced56f36b5e262c76e6cbfef9720
4bff767832f0cae6ed521f2436871dba9c4e1d036efd4889457b9e797738154a
GET /blogblog/data/1kt/watermark/body_overlay_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 3523
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:34:36 GMT
expires: Tue, 29 Nov 2022 14:34:36 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: image/png
age: 244032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5800
Cache-Control: max-age=87701
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:43:29 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
216.58.211.2200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 216.58.211.2:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:47:10 GMT
Expires: Thu, 08 Dec 2022 22:47:10 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 41678
www.blogger.com/dyn-css/authorization.css?targetBlogID=2497565198146934945&zx=6c58d6b7-6909-4a20-90c0-645e0fb86334
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=2497565198146934945&zx=6c58d6b7-6909-4a20-90c0-645e0fb86334
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=2497565198146934945&zx=6c58d6b7-6909-4a20-90c0-645e0fb86334 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:21:48 GMT
last-modified: Fri, 25 Nov 2022 10:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sci-q.blogspot.com/
142.250.74.161200 OK 185 kB IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (30685)
Size 185 kB (185112 bytes)
Hash e0db3e8b9d7a32438677f720125b67fc
20f16c8614a7a4b31e62da816d2abd3486998ddc
68e9fa1455db3981ba535f59963532d35ce42bf239a5f6159a7462b6f46cf146
GET / HTTP/1.1
Host: sci-q.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 25 Nov 2022 10:21:48 GMT
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 23 Nov 2022 00:41:55 GMT
ETag: W/"234c99ec0e33719d5fa6e78d75217db8d4bb01a2316e47029f5601d47606f4c2"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 185112
Server: GSE
www.widgeo.net/img/logopm.png
172.67.69.193200 OK 714 B URL HTTP/1.1 www.widgeo.net/img/logopm.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3832d6b8d8c47a5cefe6561297b514f6
f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
GET /img/logopm.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:21:48 GMT
Content-Type: image/webp
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:43:44 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 830284
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34H9K1d2tju7c8jyzMw7gi%2BuITg1rG4JO%2FK4qHSJUhZwCF4VDVWtYbIpmyXYxcqANL6gNfhLv8jAqbJCw%2FYd%2FqSNGxC8AizpVPTLRZV0JJ1n5dcJ67%2BlDKJ%2BIrJ3EKBY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9a8dbbf2ab4e8-OSL
alt-svc: h2=":443"; ma=60
sci-q.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 sci-q.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: sci-q.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 25 Nov 2022 10:21:48 GMT
Expires: Fri, 02 Dec 2022 10:21:48 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 25 Nov 2022 08:50:38 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
1.bp.blogspot.com/-wFHz9oOEvmw/TbC-Q_PHlKI/AAAAAAAAAi8/OKjdw1FcH_8/s80/IMG_0257.JPG
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 1.bp.blogspot.com/-wFHz9oOEvmw/TbC-Q_PHlKI/AAAAAAAAAi8/OKjdw1FcH_8/s80/IMG_0257.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x60, components 3\012- data
Hash 2982942fdc381a85aab072cbfdec11ef
bb0ad3eaae4907aa700d10f65814d93cf906f0b8
aee1a5e2f18bb4cb86ec8c1b71821949d77b20dcb5900921e62cf070d75d8417
GET /-wFHz9oOEvmw/TbC-Q_PHlKI/AAAAAAAAAi8/OKjdw1FcH_8/s80/IMG_0257.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v22f"
Expires: Sat, 26 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0257.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 10:21:48 GMT
Server: fife
Content-Length: 3260
X-XSS-Protection: 0
3.bp.blogspot.com/-tYYb_ztcD5w/VpkmGS9gRqI/AAAAAAAAA3E/JrixvT8rJY8/s400/catnap.jpg
142.250.74.161200 OK 72 kB URL HTTP/2 3.bp.blogspot.com/-tYYb_ztcD5w/VpkmGS9gRqI/AAAAAAAAA3E/JrixvT8rJY8/s400/catnap.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x400, components 3\012- data
Hash 7d906f298d24977f9a10f644958deee6
dba73f643541954bf3238606c13a4f7aaaa13921
c3a3f31c9b575ec198fc90cd4466208a66bd00ba0c7d242386d21f43a77fb52b
GET /-tYYb_ztcD5w/VpkmGS9gRqI/AAAAAAAAA3E/JrixvT8rJY8/s400/catnap.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v372"
expires: Sat, 26 Nov 2022 10:21:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="catnap.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:48 GMT
server: fife
content-length: 71835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.easycounter.com/counter.php?greeniris
52.1.22.171301 Moved Permanently 185 B URL HTTP/1.1 www.easycounter.com/counter.php?greeniris
IP 52.1.22.171:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4c555068310076e85908835c721911f5
9ec990aabb4391e139034f68e5e657e0f1d0b74d
568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
GET /counter.php?greeniris HTTP/1.1
Host: www.easycounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.2
Date: Fri, 25 Nov 2022 10:21:48 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.easycounter.com/counter.php?greeniris
4.bp.blogspot.com/-d6N-B2lcpsU/VqF7qAG5dRI/AAAAAAAAA3U/WW5BqPFIY_c/s400/cats%2Bn%2Bumbrella%2B1.jpg
142.250.74.161200 OK 33 kB URL HTTP/1.1 4.bp.blogspot.com/-d6N-B2lcpsU/VqF7qAG5dRI/AAAAAAAAA3U/WW5BqPFIY_c/s400/cats%2Bn%2Bumbrella%2B1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x300, components 3\012- data
Hash b51ed7150501f617b248c548f69ce9d9
e8067402e7fe161b5f9a9ff0d89aadd93668d7c6
0592288dd790e968b5b718f28400d52fae16ec71fb9bd356a5cdcab7db414395
GET /-d6N-B2lcpsU/VqF7qAG5dRI/AAAAAAAAA3U/WW5BqPFIY_c/s400/cats%2Bn%2Bumbrella%2B1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v376"
Expires: Sat, 26 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cats n umbrella 1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 10:21:48 GMT
Server: fife
Content-Length: 32692
X-XSS-Protection: 0
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2CBE0eiVDwI+TU154/fI3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: raE0aZt6/cMd1aTfMc7J441PSAI=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0754a39846284dd8d4fbfe285a83a6b0
d4deed21378a63659bb0bbf0ab636f838e2fe745
e0f3d9d5e8eef220c221b3002bbf14e86d56c841e9e5bfea2ed83a3b5fbb26cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gostats.com/js/counter.js
104.236.14.237200 OK 3.5 kB URL HTTP/1.1 gostats.com/js/counter.js
IP 104.236.14.237:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (685)
Hash a0ab976562999b9456c404a72cbac90c
9bf7dac6a2cf8cee41bc30e0afac035361f60872
65b77b3a21c4f25a41db0b9eccb1084082d8445114591a9adeaf0f5c519cfaac
GET /js/counter.js HTTP/1.1
Host: gostats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 10:21:48 GMT
Content-Type: application/javascript
Last-Modified: Tue, 09 Aug 2016 14:13:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"57a9e515-2f70"
Expires: Sun, 25 Dec 2022 10:21:48 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
www.widgeo.net/geocompteur/geocompteur.php?c=geocity_blue2&id=1203228&adult=0&cat=Sciences&fonce=0099ff&claire=0066ff
172.67.69.193200 OK 2.2 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocompteur.php?c=geocity_blue2&id=1203228&adult=0&cat=Sciences&fonce=0099ff&claire=0066ff
IP 172.67.69.193:0
File type ASCII text, with very long lines (2149)
Hash 63a51ee249659dfdb58a6dc1686df7f1
862a7cad2cbfb64f7351ff1228a485fefb029116
5c127d1b6b037858d366cd9a7686738ef9c0213886a64bd58f697b40e32fac7a
GET /geocompteur/geocompteur.php?c=geocity_blue2&id=1203228&adult=0&cat=Sciences&fonce=0099ff&claire=0066ff HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:21:48 GMT
Content-Type: application/javascript
Content-Length: 2197
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Thu, 01-Dec-2022 10:21:47 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 10:21:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFnWhU8MJ2aHHWF3NnREHpaTde2LNaNJfqi5rvhub0QLvFi0Jrv1UK2npFnM1hAgZ2sk2qzyUuwz9NB3Dtd4JGS96NxHExQe60Kqc8u7oIKr87Aq8om%2F0QPGVIlL%2BiC7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9a8dbbf29b4e8-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4867
Cache-Control: max-age=87131
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 10:34:00 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa3ba88f6bee30e5a57694e5f49faa65
821c8f9f416c2a69457195026a3e029644ec2c82
b470eddfdeb6599c26456b93b717aa08f71dd73a6882f497a39bcddcdb6f770c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2280
Cache-Control: max-age=116223
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 18:38:52 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8bea6ec91c7e5b24e9ce8c90462e6132
6539ad1ef12c90068a6f64e4b3041d599c8f5a01
4314bfd6d623f4aba2f9fca87c8efc703102bdfd25773589340e9acc2022cd92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3192
Cache-Control: max-age=171866
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "6380871f-117"
Expires: Sun, 27 Nov 2022 10:06:15 GMT
Last-Modified: Fri, 25 Nov 2022 09:13:03 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3899
Cache-Control: max-age=86163
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 10:17:52 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 280
www.blogger.com/img/logo-16.png
142.250.74.105200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 142.250.74.105:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 04:27:52 GMT
Expires: Wed, 30 Nov 2022 04:27:52 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 07:51:00 GMT
Content-Type: image/png
Age: 194037
3.bp.blogspot.com/-kItT0QM__1Y/UDXRNsYxQSI/AAAAAAAAAu8/c0oVWpb75us/s300/SMART%2BTIGER.jpg
142.250.74.161200 OK 37 kB URL HTTP/1.1 3.bp.blogspot.com/-kItT0QM__1Y/UDXRNsYxQSI/AAAAAAAAAu8/c0oVWpb75us/s300/SMART%2BTIGER.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x225, components 3\012- data
Hash 69296319fab920b3fe4b35c835e3b5cf
b482b3f10fa627122fe158180e3c939796403766
22dc93c2ccff1e4692d433cdc373b361e7d8e98b88a89965766eb847fa2c6dd6
GET /-kItT0QM__1Y/UDXRNsYxQSI/AAAAAAAAAu8/c0oVWpb75us/s300/SMART%2BTIGER.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v2ef"
Expires: Sat, 26 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="SMART TIGER.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 10:21:49 GMT
Server: fife
Content-Length: 37342
X-XSS-Protection: 0
www.4shared.com/affiliate/images/b4.gif
74.117.178.90200 OK 5.9 kB URL HTTP/1.1 www.4shared.com/affiliate/images/b4.gif
IP 74.117.178.90:0
File type GIF image data, version 89a, 125 x 125\012- data
Hash be617fb930d4b9df15d6916b09fc4259
93ff130a7c29b6a88fc327ac57c3b0e57fcd7d43
704e4baed08f889533b842f62755e87c6f00b3742c18cfc42fc1ca929507b2fd
GET /affiliate/images/b4.gif HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Server: 558
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 26-Nov-2022 10:21:49 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 30 Nov 2022 10:21:49 GMT
Accept-Ranges: bytes
ETag: W/"5933-1493818900000"
Last-Modified: Wed, 03 May 2017 13:41:40 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 5933
Date: Fri, 25 Nov 2022 10:21:48 GMT
www.widgeo.net/tcm_t_u.js
172.67.69.193200 OK 0 B URL HTTP/2 www.widgeo.net/tcm_t_u.js
IP 172.67.69.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcm_t_u.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: application/javascript
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 02:34:50 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 28018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0HPzxBda6j1OZ7Y1CUGBX1Cr%2FJMmSqh9rWTUP2FIXpHxacjrUnMCvTqxKvdPbFVdV%2BOI0GCvHfdQMXj29oTw6%2BMzbgzStaoP0pc1RBF3qnu8m7gtLP6oPEpW1AMO78s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8ddfa4f0afa-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa3ba88f6bee30e5a57694e5f49faa65
821c8f9f416c2a69457195026a3e029644ec2c82
b470eddfdeb6599c26456b93b717aa08f71dd73a6882f497a39bcddcdb6f770c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6508
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Last-Modified: Fri, 25 Nov 2022 08:33:21 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 61524709714103dda82e52cfb0749ca4
8bfbecf08620f12d19b35fa02cf3a96bd1df029e
056533a6a5261fdfef878c46797f71332fb3c358e18526626f80ab2013cdf676
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "056533A6A5261FDFEF878C46797F71332FB3C358E18526626F80AB2013CDF676"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9912
Expires: Fri, 25 Nov 2022 13:07:01 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Connection: keep-alive
www.myekamus.com/images/ekamus125.gif
104.165.143.153200 OK 549 B URL HTTP/1.1 www.myekamus.com/images/ekamus125.gif
IP 104.165.143.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (625), with CRLF line terminators
Hash 6abe882925fbdd53b966c53126f60d1b
c226f5d08edc82ff2e57f611844c26904be7e4c9
037140e952698597f301beec899e4910ac725c6ed90fcbbd9f0358aa345b2380
GET /images/ekamus125.gif HTTP/1.1
Host: www.myekamus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 10:21:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7e384eaa090f122cf927d92a5d1921a
411069e75b2df97065c4c0f49bda456ca123ec2d
b9c0ec9f6959080bfc3340d0c591283004d8c53f512a84d3a4954430d9aec775
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9C0EC9F6959080BFC3340D0C591283004D8C53F512A84D3A4954430D9AEC775"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5895
Expires: Fri, 25 Nov 2022 12:00:04 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e61028bc752671cea11924bc1a42a422
b2555d630c063dda53f0e5a84324759e42b48352
23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 465 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (509)
Hash 4eed623e948af900e0aca623e9b30222
d33fbb1d6c43259f23edde6e6c8cd0614102402f
591a780370af4904d345562fafb400d7bdea40ab8bc5a0f378d4fa912cb1e76d
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2497565198146934945%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://sci-q.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:21:49 GMT
location: https://www.blogger.com/followers.g?blogID=2497565198146934945&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByNjYzMzMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMzMzMzMzQgcjY2MzMzAwSgcjNzc3Nzc3UgcjY2MzMzAwWgt0cmFuc3BhcmVudA%3D%3D&pageSize=21&origin=http%3A%2F%2Fsci-q.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-ca86zMS4EuLtFc1VUo4wIA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 465
server: GSE
set-cookie: __Host-GAPS=1:kuRPvS7Kc_WRe9CVggtQWiwgcR8KsQ:TO9Zpb4qyGx-Bb0a;Path=/;Expires=Sun, 24-Nov-2024 10:21:49 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www6.cbox.ws/box/?boxid=662860&boxtag=40fag7&sec=form
104.149.151.166204 No Content 0 B URL HTTP/1.1 www6.cbox.ws/box/?boxid=662860&boxtag=40fag7&sec=form
IP 104.149.151.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /box/?boxid=662860&boxtag=40fag7&sec=form HTTP/1.1
Host: www6.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Sat, 25 Nov 2023 10:21:49 GMT
Cache-Control: public, max-age=31536000
X-Cache: MISS
www6.cbox.ws/box/?boxid=662860&boxtag=40fag7&sec=main
104.149.151.166200 OK 653 B URL HTTP/1.1 www6.cbox.ws/box/?boxid=662860&boxtag=40fag7&sec=main
IP 104.149.151.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d0d05a23cb23fe35908361694e15b565
d14818ca4dc04d998081b92c3975ff6e9f6dcdea
1fe598dd28104053751c17c7371ef1e42ec25c08b513993cbc93a4f6b4b9c716
GET /box/?boxid=662860&boxtag=40fag7&sec=main HTTP/1.1
Host: www6.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Wed, 17 Nov 2004 05:00:00 GMT
Last-Modified: Thu, 25 Nov 2021 10:21:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Cache: MISS
Content-Encoding: gzip
flagcounter.com/count/N7QE/bg=FAE3F2/txt=000000/border=FA195C/columns=2/maxflags=50/viewers=0/labels=1/pageviews=1/
66.154.110.210200 OK 32 kB URL HTTP/1.1 flagcounter.com/count/N7QE/bg=FAE3F2/txt=000000/border=FA195C/columns=2/maxflags=50/viewers=0/labels=1/pageviews=1/
IP 66.154.110.210:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 186 x 412, 8-bit/color RGB, non-interlaced\012- data
Hash ce833810247805e11d7d27d3a860de51
60f62732dce7f8c7bf2a7c1a5b2a61b732121aa6
c4871d16678c091b26ed02ce3fdb88374eb1746834d3ceca387524a67cda7d43
GET /count/N7QE/bg=FAE3F2/txt=000000/border=FA195C/columns=2/maxflags=50/viewers=0/labels=1/pageviews=1/ HTTP/1.1
Host: flagcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:21:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
shashinki.com/shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13
14.102.151.186301 Moved Permanently 295 B URL HTTP/1.1 shashinki.com/shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13
IP 14.102.151.186:0
ASN #45352 IP ServerOne Solutions Sdn Bhd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9769f74e79441c4e1879c262bcdc182e
d02298df51d73884ed666f1ea0127e32ef004c0f
a18daee2303c6a257800f4d1279103e6b92fab416f17714ad84ea9ac5cff5a58
GET /shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13 HTTP/1.1
Host: shashinki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 10:14:27 GMT
Server: Apache/2
X-Frame-Options: SAMEORIGIN
Location: https://shashinki.com/shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13
Cache-Control: max-age=31536000
Expires: Sat, 25 Nov 2023 10:14:27 GMT
Content-Length: 295
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.easycounter.com/counter.php?greeniris
52.1.22.171200 OK 1.8 kB URL HTTP/1.1 www.easycounter.com/counter.php?greeniris
IP 52.1.22.171:0
File type PNG image data, 96 x 19, 8-bit colormap, non-interlaced\012- data
Hash 5a11120dbe8754f3e2095481088351be
52b9dea36bea947c214e2acaaaa6ebefbdf76f50
551e9f1d9fdd2998e435b81b5b1700b38f324863ef34dc6184578a69ff343516
GET /counter.php?greeniris HTTP/1.1
Host: www.easycounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 10:21:49 +0000
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
www.widgeo.net/geocompteur/geocity_html.php?id=1203228&c=geocity_blue2&size=&nostats=&title=Sci-Q&ref=sci-q.blogspot.com&fullurl=http%3A%2F%2Fsci-q.blogspot.com%2F
172.67.69.193200 OK 1.9 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity_html.php?id=1203228&c=geocity_blue2&size=&nostats=&title=Sci-Q&ref=sci-q.blogspot.com&fullurl=http%3A%2F%2Fsci-q.blogspot.com%2F
IP 172.67.69.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8b79660211c5009b92e6f3cddfeb944c
7a5c74df8f307493a64fe04c89d5af851546b1e9
e1106335fbf0e11234a199e008eaed04ddbc5dc3469e5447c683ac923cea3496
GET /geocompteur/geocity_html.php?id=1203228&c=geocity_blue2&size=&nostats=&title=Sci-Q&ref=sci-q.blogspot.com&fullurl=http%3A%2F%2Fsci-q.blogspot.com%2F HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Thu, 23-Feb-2023 10:21:47 GMT; Max-Age=7776000; path=/
pays=Norway; expires=Thu, 23-Feb-2023 10:21:47 GMT; Max-Age=7776000; path=/
ville=Oslo; expires=Thu, 23-Feb-2023 10:21:47 GMT; Max-Age=7776000; path=/
idcompteurcc_1203228=done; expires=Sat, 26-Nov-2022 10:21:47 GMT; Max-Age=86400; path=/
online_idcompteurcc_1203228=done; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/
originecc_1203228=United%2BStates%2523United%2BStates%2BCity%2523167%257CMalaysia%2523Kuala%2BLumpur%2523146%257CUnited%2BStates%2523Chicago%2523134%257CUnited%2BStates%2523Boardman%252361%257CMalaysia%2523Petaling%2BJaya%252342%257CCanada%2523Canada%2BCity%252336%257CMalaysia%2523Malaysia%2BCity%252327%257CGermany%2523Germany%2BCity%252327%257CMalaysia%2523Shah%2BAlam%252322%257CGermany%2523Nurnberg%252320%257CMalaysia%2523Johor%2BBahru%252317%257CUnited%2BStates%2523Ashburn%252315%257CMalaysia%2523Ipoh%252315%257CMalaysia%2523Kuching%252314%257CRussian%2BFederation%2523Moscow%252313%257CCanada%2523Burnaby%252311%257CMalaysia%2523Kajang%252311%257CMalaysia%2523Seremban%252310%257CMalaysia%2523Cheras%25239%257CMalaysia%2523Penang%25238%257CMalaysia%2523Seri%2BKembangan%25238%257CRussian%2BFederation%2523Saint%2BPetersburg%25238%257CMalaysia%2523Klang%25238%257CUnited%2BStates%2523Duluth%25237%257CRussian%2BFederation%2523Kazan%25236%257CUnited%2BStates%2523Columbus%25236%257CMalaysia%2523Kota%2BKinabalu%25236%257CMalaysia%2523Subang%2BJaya%25236%257CUnited%2BStates%2523Dallas%25236%257C; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/
online_1203228=1; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/
jour_1203228=1; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/
total_1203228=1354; expires=Fri, 25-Nov-2022 10:24:47 GMT; Max-Age=180; path=/
bonus_1203228=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
bonus_j_1203228=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
cache-control: public, max-age=180
expires: Fri, 25 Nov 2022 10:24:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv97p99UyAjUz3tOG5m3Zk27Qe2YQhib0cVxQAQ3SEl7epL0Q1ulf3w0M7zaBNYNoOFfqCCXCmKntzybDZK1QLajmUT2rem9isCtedbHbKszeQVZ8RGIxXUWM6vMABJ%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9a8dd698eb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.pelaburanemas.com/images/banner01.gif
103.6.198.168301 Moved Permanently 707 B URL HTTP/1.1 www.pelaburanemas.com/images/banner01.gif
IP 103.6.198.168:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /images/banner01.gif HTTP/1.1
Host: www.pelaburanemas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 25 Nov 2022 10:21:49 GMT
server: LiteSpeed
location: https://www.pelaburanemas.com/images/banner01.gif
www.pelaburanemas.com/images//banner03.gif
103.6.198.168301 Moved Permanently 707 B URL HTTP/1.1 www.pelaburanemas.com/images//banner03.gif
IP 103.6.198.168:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /images//banner03.gif HTTP/1.1
Host: www.pelaburanemas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 25 Nov 2022 10:21:49 GMT
server: LiteSpeed
location: https://www.pelaburanemas.com/images//banner03.gif
www.widgeo.net/geocompteur/shadow/flag_malaysia.png
172.67.69.193200 OK 990 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_malaysia.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b69697ab6effe9c72ebc0d4768d9f8bc
806c9c63795f99ce88b81475741fe06b1346a94d
1a473a4d01199896dd76d0882be0aa5e3a9ada7201e4d21f61c74ec3ee5463da
GET /geocompteur/shadow/flag_malaysia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: image/webp
content-length: 990
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1216
content-disposition: inline; filename="flag_malaysia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 22 Dec 2022 22:04:40 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 217028
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbtkW9ym4NwXpGxSRxqKasYuv64759c729ALQYneme%2Fsw%2F8TfSB3Mx8UR%2FLfmLNL1oYdLlnUUJAwxftp%2FD93QipBoONCWk4woYtbklEqTxFcXokLESLV4T81boSBEv5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfccb20afa-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.69.193200 OK 3.9 kB URL HTTP/1.1 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.69.193:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=1203228&c=geocity_blue2&size=&nostats=&title=Sci-Q&ref=sci-q.blogspot.com&fullurl=http%3A%2F%2Fsci-q.blogspot.com%2F
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9nrD15cajfzVdyNmAdLc7A%2Bp6FGYTqNXCYLUyj9nky%2F%2B1e7%2BRZGAQtSwGhwZjAqOH%2Bz9pGu2R7gvKDEERr6u3tlZtluN8RzzxTbgUv6hUG31rmeh38J1HobvRo2VvfK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9a8dfdcbbb4e8-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 27 Nov 2022 10:21:49 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.widgeo.net/geocompteur/shadow/flag_canada.png
172.67.69.193200 OK 886 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_canada.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dfda6415875b226812181f7ea64fcc8
6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
GET /geocompteur/shadow/flag_canada.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: image/webp
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 07:00:43 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 98464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkuaNjRh%2FkFTWHgqaAwp8%2FZJpsmYmyy4F056jyuRUBLhiEylBfRxkwxMyYF1rIeE%2Fm7cvsXBKL7qQV21%2BxEeWgWk7WeQ6HIknn9L9J6J8thMtjgrF4uoqqswM0EZN08Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfdcb70afa-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_germany.png
172.67.69.193200 OK 686 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_germany.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c667705cee250254b246ed54d521b22
ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
GET /geocompteur/shadow/flag_germany.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: image/webp
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 26 Nov 2022 19:27:53 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2472836
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BnPt8yPLtpf4Yfqlq6uS1soMzLP54kwk0CR8eYR1sIt4FZUYXBUvT6P%2FIsREN5Uwo8wuiE6lJqPyVN8VnD6fNjPVK4%2F6nq44uQcQC9xKGhHWy4ETsf5JtDJxYofIQa6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfdcb80afa-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
172.67.69.193200 OK 680 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 852881aef6d6a8bca3123c3201f64c74
0e5ef2c61383bb79c8a6ea068d9a688631d844fa
41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: image/webp
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:43:35 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2367493
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE7HwW1yYeKhM8S%2BfHl40c3E5S%2FmY7jMmnYdAgCVpADk%2BBrnoIF9rDfHSvucd4gnDcnAftSdAYPX0pAKMXY96HmXViVIB8TurQtI%2BGslo0tcBzElGavUMtSO51bMWyP5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfdcb90afa-OSL
X-Firefox-Spdy: h2
www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
172.67.69.193200 OK 1.8 kB URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
IP 172.67.69.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 78a2c72a358c0107b7254554132c289a
1ecdcb58d5e76a522e046898d7e4881f13c88ddf
e650280fefe7feaf5873b511635f4885036b551257433bafd17b7466b4ff7a93
GET /hitparade.php?pagexiti=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Fri, 25 Nov 2022 10:24:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj1jYz9qXQFqRe%2Bqa3LqsFJf8SdX2cBs%2BiSC86x7ks0Iyu1qQ0AfxMeNR2U524YeExTRMyYaa6MOYIMFnB3FRjfWZjFCsw6vtiV2xzYrc7V%2FI%2Bto36gKzxuWLTVy41lR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8ddfa560afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sci-q.blogspot.com/?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY4R30aUL0o76M9LViCsZEkP9zljjQ%3A1669371707853
142.250.74.161200 OK 754 B URL HTTP/1.1 sci-q.blogspot.com/?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY4R30aUL0o76M9LViCsZEkP9zljjQ%3A1669371707853
IP 142.250.74.161:0
File type ASCII text, with very long lines (1436)
Hash 619bcb9d5259b2443c29e6752d481361
d3053bfc7466621cfd88e3bbea5ae69ae045b8e1
1d93d467596298cca22dd6a5c46f7ba2b757fbbff0cb2b57b3848922140dda2e
GET /?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY4R30aUL0o76M9LViCsZEkP9zljjQ%3A1669371707853 HTTP/1.1
Host: sci-q.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Cookie: ck_TCM_pop=1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Expires: Fri, 25 Nov 2022 10:21:49 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 23 Nov 2022 00:41:55 GMT
ETag: "6c58d6b7-6909-4a20-90c0-645e0fb86334"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 754
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ziddu.com/banners/images/120x90.gif
51.81.174.128301 Moved Permanently 0 B URL HTTP/1.1 www.ziddu.com/banners/images/120x90.gif
IP 51.81.174.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banners/images/120x90.gif HTTP/1.1
Host: www.ziddu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.ziddu.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://www.ziddu.com/what-happened-to-the-old-ziddu-blockchain-and-file-hosting-website/
x-litespeed-cache: hit
content-length: 0
date: Fri, 25 Nov 2022 10:21:49 GMT
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bc8d456542f88a5e3712f8679104234f
a4bc16d08d7a947bbe90d88dc91bb62e84e53897
eb150b7f1125829f285ce9921321db482eb89099687d14f9f80796a60052f6b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 517
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Last-Modified: Fri, 25 Nov 2022 10:13:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.69.193200 OK 80 kB URL HTTP/2 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.69.193:0
Hash 9ba1369166bb3262e7cde826323843d6
cf30db4254943a5fcd53dc1062e087a7e2fcc036
bdba736f89241bd502232cf174049f97328053105b60cdf879b5e9b5a43c051c
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZYvEErO43N9GqovQdzBShu37hTDDp5M0vDayan%2FLjLHaAbQbm9D0td3vKIDSlzHTF9ftkXbR3jjoWmWM7znKFhsMNpDbQHgbgX6CuA0JpH4521tX5DkcEMN4nM8HuVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9a8df8c660afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 27 Nov 2022 10:21:49 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bc8d456542f88a5e3712f8679104234f
a4bc16d08d7a947bbe90d88dc91bb62e84e53897
eb150b7f1125829f285ce9921321db482eb89099687d14f9f80796a60052f6b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 517
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Last-Modified: Fri, 25 Nov 2022 10:13:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15319
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 10:21:49 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/
143.204.46.236302 Found 145 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/
IP 143.204.46.236:0
File type HTML document, ASCII text
Hash 6904eccbcfc47024c1abf34de413183e
dfa8a3df544c0928d21f82141bc3361bcecd0ca3
e0797fda28da6dbe1bdf6f257f2e4293bc404d3bb06cdc88f56967007dd40065
GET /hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/ HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 145
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=3279DEDB-4924-404D-98B0-7F8B4B129F76; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 10:21:49 GMT; HttpOnly
atidx=3279DEDB-4924-404D-98B0-7F8B4B129F76; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 10:21:49 GMT; HttpOnly; Secure
atid=3279DEDB-4924-404D-98B0-7F8B4B129F76; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 10:21:49 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DqOj4jRQA6WJE_sh1RIiv_Vifv5-Qz69vAQGcCDg4lQsG4f4O_u93w==
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/earth_blue2.png
172.67.69.193200 OK 2.6 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/earth_blue2.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 35ef26dc64d2a2d57e62bef7f3c6f8c3
d8bd4c88f74912e188cb4e2ccc5ed53ecd36591c
2ab4d3f5ec0ee2c160aab1838975a7c7cd89e6adee9d7af72fc5f2f9d898317a
GET /geocompteur/img/tmp/earth_blue2.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: image/webp
content-length: 2596
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3258
content-disposition: inline; filename="earth_blue2.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:15:30 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 43578
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCwF14k0380G4CNc0s5LtSr4EeAkbB4xIsBVAPGCsyFT0KaDidvxzQXMFEbYQzVQPd44Zhfl%2BLup%2BYYq0NaGqnoTliGVCSlgkwqou1UhngqyUnxxA3NbLQIxnd5xdGeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8e0edd30afa-OSL
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=5d712796cf184c678416cebd088575ee
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=5d712796cf184c678416cebd088575ee
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1cd06d5e7380bec310d26d81dfa196ba
3b7fa3f01fb75665a785a2b36aa232b7e37b45d3
cd62845fc3960383d4bf52838da2a2a3c42337b5d0c42c711b32060817c7706d
GET /gid.js?userId=5d712796cf184c678416cebd088575ee HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sci-q.blogspot.com
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://sci-q.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5d712796cf184c678416cebd088575ee; expires=Sat, 25 Nov 2023 10:21:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/geocity_blue2.png
172.67.69.193200 OK 15 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/geocity_blue2.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 59b23ddb52cc3a1e4525fe6d301681bc
7f0d9f6047fc5d0f500015bff34721c6f77b65a5
b45192dcf53a4869f0cb13fb3de155d0ce2710d6a60304ffdb3d6fc493083bdf
GET /geocompteur/img/tmp/geocity_blue2.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: image/webp
content-length: 14728
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16354
content-disposition: inline; filename="geocity_blue2.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:49:25 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 41542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RQuZG2PiOwK5mXhZaxamCpWltOjPkLsPsRKjYQbNmwMhr5%2B1yrL7rcAz4XXS7L%2BxtBTd%2BoI%2B%2BomsE4H0x4OHpAuHZFUZLTvJwdYWEdEm9%2BtKxdgVNAHoc2nPvSS1nwU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8e0fddf0afa-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.10:0
Hash 93ebe6d71b9ab7ce89a68a060d15521e
f56f3f26799cbe03a3b605084b6326df9a9c1836
38c15e3f05fba0ea20f8d5c123f0739a3f7a278fc59ebd77ec672993b03fe27b
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 10:21:49 GMT
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.widgeo.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 103138
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
216.58.207.202200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:33:40 GMT
expires: Sun, 19 Nov 2023 12:33:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 510489
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
172.67.69.193200 OK 2.2 kB URL HTTP/2 www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
IP 172.67.69.193:0
Hash 1fe2c2e718f377ae851c98e997431a9d
dac8d4390132d74cebfbd0f4f1fd5ee49173a977
43566742c9a1a6e671763e95e405431defb2a20e3ff57cf72a9a9f118d158709
GET /geocompteur/css/city_css.php?c=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 10:21:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zat7IwFbdrCiu6f%2FF7jvVJAxl0QLM3Hi93NM1hCJLfSS6OLcI1NI3ogFoVmzebkUVLFvL76sVHAvDutBq7HbQHdbuZgyihc9w1CR%2FDxhxFPi5C16Fm%2FDVO9CrJAq%2BXxT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8dfccad0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/&Rdt=On
143.204.46.236200 OK 373 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/&Rdt=On
IP 143.204.46.236:0
File type GIF image data, version 89a, 39 x 25\012- data
Hash 29cb2a1e585dff1f4282449fdbbab2d7
075d147195f9dba1862a6f3990d219d7c4389225
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
GET /hit.xiti?s=281802&p=geocity_blue2&hl=10x21x48&r=1280x1024x24x24&ref=http://sci-q.blogspot.com/&Rdt=On HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 373
date: Fri, 25 Nov 2022 10:21:49 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: grsZvTnb3NwRHmil-yhWJF9z4mTyTg__XKibfZsjq0BlaiuY2Zbkug==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 15a4667a0029dd8b422fa069a6ddc52e
7d88a48ba6146ba3749a6cebf5c84c5aa89579bc
d5d6d1cfc9d451a55076fd287496df6353e33ec9a60ca4bad055275d31073272
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 10:09:32 GMT
Expires: Thu, 01 Dec 2022 10:09:31 GMT
Etag: "7d88a48ba6146ba3749a6cebf5c84c5aa89579bc"
Cache-Control: max-age=517061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f9a8e2386bb4fa-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba98650cceb17a47ac0f34de3c3c2574
78e21c7a408c8ef34065defa22dbcb926f562d9b
8a311b1ba0b977b6b27fd02043471f29e6608bbe3c2cabe904b09f5f04510d98
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=313285,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f9a8e20af30b02-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 889
Origin: http://sci-q.blogspot.com
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 10:21:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://sci-q.blogspot.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
www.ziddu.com/what-happened-to-the-old-ziddu-blockchain-and-file-hosting-website/
51.81.174.128200 OK 10 kB URL HTTP/2 www.ziddu.com/what-happened-to-the-old-ziddu-blockchain-and-file-hosting-website/
IP 51.81.174.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10637)
Hash 22ba5fb52daf0ef168ea44729327d787
d22baf6b473859ee10b6607a2b7574c161230048
6653ec3db0e6a3f878401c107ae0dcbbaaa3bf5b00f43ef1a79cd087c622803a
Analyzer Verdict Alert fortinet Malware
GET /what-happened-to-the-old-ziddu-blockchain-and-file-hosting-website/ HTTP/1.1
Host: www.ziddu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
link: <https://www.ziddu.com/wp-json/>; rel="https://api.w.org/", <https://www.ziddu.com/wp-json/wp/v2/pages/6364>; rel="alternate"; type="application/json", <https://www.ziddu.com/?p=6364>; rel=shortlink
etag: "7574-1669293824;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10305
date: Fri, 25 Nov 2022 10:21:49 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16210
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 29662
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4abf25d4a15ce58edadd54994b3434a2
18800e21d05596f7b64213072dee7dda5c1faf61
633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e4ptr__XHPd9Qsf8lEDqiZGKptuB9en72UAucNWxlGG_mEbhpFgdA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:43:51 GMT
age: 9479
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:37:15 GMT
age: 6275
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
shashinki.com/shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13
14.102.151.186302 Found 0 B URL HTTP/1.1 shashinki.com/shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13
IP 14.102.151.186:0
ASN #45352 IP ServerOne Solutions Sdn Bhd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /shop/affiliate_show_banner.php?ref=498&affiliate_banner_id=13 HTTP/1.1
Host: shashinki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 25 Nov 2022 10:14:27 GMT
Server: Apache/2
X-Powered-By: PHP/7.2.21
Set-Cookie: osCsid=oc5o0lirvlc2oqfiash9fkvhv7; path=/; domain=shashinki.com
X-Frame-Options: SAMEORIGIN
Location: https://shashinki.com/shop/404.php
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 44825
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:22:46 GMT
age: 10744
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 46002
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/photos/public/AIbEiAIAAABECMXFysugrMr4nAEiC3ZjYXJkX3Bob3RvKihiZTQ0YWVhNzhlN2ExZmIwYTdjMjAyNjUyNWI1NDBhYzBiYjRmNDE4MAH90Etz9dRscfYib-ATOZSQoLEEhg
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECMXFysugrMr4nAEiC3ZjYXJkX3Bob3RvKihiZTQ0YWVhNzhlN2ExZmIwYTdjMjAyNjUyNWI1NDBhYzBiYjRmNDE4MAH90Etz9dRscfYib-ATOZSQoLEEhg
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECMXFysugrMr4nAEiC3ZjYXJkX3Bob3RvKihiZTQ0YWVhNzhlN2ExZmIwYTdjMjAyNjUyNWI1NDBhYzBiYjRmNDE4MAH90Etz9dRscfYib-ATOZSQoLEEhg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:21:50 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu95-fDHsSUzOm_grXjn5y3VozkafRmdLI8SzC6zDA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-9tcJIwUTyehw4EhdmKp3Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=UyrQcS13fcR_el9jGGxY6BO6qVv6kRew7WU71nZVnhNxMYi8XytCyVo1pXRwRiwQkd4vN2wUs7oxp_nlltVIjW_YUmFSVqD74X_PGkfEZEw_jKxMKc41dmY5UGO5HtmrWPHvzJrq0z5ZoZV9jWgbX7unMGLXpjBmMiXQMU2pSMs; expires=Sat, 27-May-2023 10:21:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu95-fDHsSUzOm_grXjn5y3VozkafRmdLI8SzC6zDA=s96-p
142.250.74.33200 OK 5.0 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu95-fDHsSUzOm_grXjn5y3VozkafRmdLI8SzC6zDA=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash ad11c17253b66288252c2016ca842542
ba39eb4907483cafc28ac1435b6c7382f8731fa0
88f50865147c9731532c333041f035c3606aed000a4d502b197008cef5a55670
GET /a-/ACNPEu95-fDHsSUzOm_grXjn5y3VozkafRmdLI8SzC6zDA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v18cd"
expires: Sat, 26 Nov 2022 10:21:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:50 GMT
server: fife
content-length: 5041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
monster.gostats.com/bin/count?0.5010662030409503&a=430788&t=2&i=2&r=&p=http%3A%2F%2Fsci-q.blogspot.com%2F&c=y&j=n&w=1280&h=1024&d=24&js=1.5
104.236.14.237200 OK 95 B URL HTTP/1.1 monster.gostats.com/bin/count?0.5010662030409503&a=430788&t=2&i=2&r=&p=http%3A%2F%2Fsci-q.blogspot.com%2F&c=y&j=n&w=1280&h=1024&d=24&js=1.5
IP 104.236.14.237:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 60b2f914842e8b09024754e8a6493b36
119a32ce54609f5e3deefe01ac54582d9fac8eba
172e4e1fca052a61b5d95ba3b321c1f748fbd0aa08ec5914391abef89ee9f3cd
GET /bin/count?0.5010662030409503&a=430788&t=2&i=2&r=&p=http%3A%2F%2Fsci-q.blogspot.com%2F&c=y&j=n&w=1280&h=1024&d=24&js=1.5 HTTP/1.1
Host: monster.gostats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 10:21:50 GMT
Content-Type: image/png
Content-Length: 95
Last-Modified: Wed, 27 Feb 2008 08:20:02 GMT
Connection: keep-alive
Cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Expires: Thu, 01 Jan 1970 00:00:01 GMT
ETag: "47c51d32-5f"
P3P: policyref="/w3c/p3p.xml", CP="NOI PSA ADM OUR IND ONL UNI COM NAV INT DEM PRE LOC"
Accept-Ranges: bytes
sci-q.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 sci-q.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: sci-q.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Cookie: ck_TCM_pop=1
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 25 Nov 2022 10:21:50 GMT
Date: Fri, 25 Nov 2022 10:21:50 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 23 Nov 2022 00:41:55 GMT
ETag: W/"234c99ec0e33719d5fa6e78d75217db8d4bb01a2316e47029f5601d47606f4c2"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
lh3.googleusercontent.com/p/AF1QipM1CswQFybRK1AKMs4BWdS6Qj1ml8xV7URNvgmj=s45-c?key=CJqzjMu_9JLvkAE
142.250.74.33200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipM1CswQFybRK1AKMs4BWdS6Qj1ml8xV7URNvgmj=s45-c?key=CJqzjMu_9JLvkAE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 4c589bae02a70088b9dc70f34dcc9dbc
79b1176613399d7ef52ba2d3a22ced70558bfb56
a0f65bd04dcb3f1f5a82a683099a6484c0ad4df0922ae2ce9277cff89b929756
GET /p/AF1QipM1CswQFybRK1AKMs4BWdS6Qj1ml8xV7URNvgmj=s45-c?key=CJqzjMu_9JLvkAE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v634"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:50 GMT
server: fife
content-length: 4271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNAZXFaLYfEvjwdMeXzDh1LEplw8lqM-meolsC-=s45-c?key=CKCPp9nS7tfHeA
142.250.74.33200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNAZXFaLYfEvjwdMeXzDh1LEplw8lqM-meolsC-=s45-c?key=CKCPp9nS7tfHeA
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 181de6dfdab4ce7e82d56dd8b61bdc2d
6d7a6e989f45c400941f740eae6af77505b27982
3cb88332346e329051872224027fb543639c6d09a1a714bebaed465c763b9898
GET /p/AF1QipNAZXFaLYfEvjwdMeXzDh1LEplw8lqM-meolsC-=s45-c?key=CKCPp9nS7tfHeA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1ee"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:51 GMT
server: fife
content-length: 4810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOcm2mZkkmAORJXfpyC1SsjrF2fEynkWYzzB3us=s45-c?key=CLPX48uH6u2K9gE
142.250.74.33200 OK 4.0 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOcm2mZkkmAORJXfpyC1SsjrF2fEynkWYzzB3us=s45-c?key=CLPX48uH6u2K9gE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash c461a5a189d093ed0c0e6c97e5a915d3
3710e0b5e6dbb2724dabfca74a6f8e7880c78c3a
0fdbe01daa7492df5884bed6f83b87a9d38d3046bd5c44bdce02d002232f8008
GET /p/AF1QipOcm2mZkkmAORJXfpyC1SsjrF2fEynkWYzzB3us=s45-c?key=CLPX48uH6u2K9gE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v27d"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:51 GMT
server: fife
content-length: 3997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh5.googleusercontent.com/-mL0QR4fmVII/AAAAAAAAAAI/AAAAAAAACC8/DD2r1vCgzv4/s45-c/photo.jpg
142.250.74.33200 OK 2.2 kB URL HTTP/2 lh5.googleusercontent.com/-mL0QR4fmVII/AAAAAAAAAAI/AAAAAAAACC8/DD2r1vCgzv4/s45-c/photo.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash de94706c7aba2fe170c62c71f9b6a467
5d3f65893d47d841c02f080e94f410e825eed765
79680a1b765b87a8ed4a984f217807ec669787c9a3b8b355241e8abc5472e79f
GET /-mL0QR4fmVII/AAAAAAAAAAI/AAAAAAAACC8/DD2r1vCgzv4/s45-c/photo.jpg HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2a6fd"
expires: Sat, 26 Nov 2022 10:21:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:21:51 GMT
server: fife
content-length: 2176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.pelaburanemas.com/images/banner01.gif
103.6.198.168301 Moved Permanently 0 B URL HTTP/2 www.pelaburanemas.com/images/banner01.gif
IP 103.6.198.168:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/banner01.gif HTTP/1.1
Host: www.pelaburanemas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://pelaburanemas.com/images/banner01.gif
content-length: 0
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.pelaburanemas.com/images//banner03.gif
103.6.198.168301 Moved Permanently 0 B URL HTTP/2 www.pelaburanemas.com/images//banner03.gif
IP 103.6.198.168:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images//banner03.gif HTTP/1.1
Host: www.pelaburanemas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://pelaburanemas.com/images/banner03.gif
content-length: 0
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
pelaburanemas.com/images/banner03.gif
103.6.198.168404 Not Found 123 kB URL HTTP/2 pelaburanemas.com/images/banner03.gif
IP 103.6.198.168:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
Size 123 kB (123359 bytes)
Hash 8282cd1a7752fac2af14cd45f59abd68
9a2ca5361d085f92887958a7c859770507fdab21
5e65710d624feb7c848a12b95333e27a50f8edf9ad0eab86f7d17a3d6ce02ad7
GET /images/banner03.gif HTTP/1.1
Host: pelaburanemas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://pelaburanemas.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geowidget_js.js
172.67.69.193200 OK 0 B URL HTTP/2 www.widgeo.net/geocompteur/geowidget_js.js
IP 172.67.69.193:0
GET /geocompteur/geowidget_js.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2217
cache-control: public, max-age=604800
expires: Tue, 29 Nov 2022 12:50:42 GMT
last-modified: Thu, 13 Feb 2020 12:35:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 250266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Tunx%2FEckkn4PLduxAKsRzAoqVqwvmEh0GIS0AV68mMwRKDHejOUcp%2BRMduie1t4frUuOlb0mCnAdJyHlhTQeM%2FtbwyGuDqLB5WgWGiofK4PyBIFxCcQ3brtomcE8Nep"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8e0fe150afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.widgeo.net/tcm.js
172.67.69.193200 OK 0 B IP 172.67.69.193:0
GET /tcm.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 04:47:23 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 538465
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teR6ni7A0TObFvoKKEV1nYXTp2870b7Ex%2FDzRkwY3Zi19%2BZv0Jz4P9eYQ%2BF33LHndOu0hBaYQdtn8UG862rhPUHksyDGy4G1xBe3BcrAFYuVNfCkyGrNHVJPXUEu1f9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9a8ddca2e0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
104.21.91.63200 OK 0 B IP 104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 9341be6cc56fb787867ab28ce5ddc748
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:05:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 26 Nov 2022 09:37:49 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cqed4VN9yxwYoe58TCAkxW8%2FYlZCklZ9X5o4KbEfkZyNi4h9tJxGYCErMHDB6hkA91TM%2FmBaT8tk3L0IJ3KVGpyRXLNPMJzRxDyQQpJm4G1ruSqkbds9QVeZXSt9v4Hz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9a8dddc6e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shashinki.com/shop/404.php
14.102.151.186404 Not Found 0 B URL HTTP/1.1 shashinki.com/shop/404.php
IP 14.102.151.186:0
ASN #45352 IP ServerOne Solutions Sdn Bhd
GET /shop/404.php HTTP/1.1
Host: shashinki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 10:14:28 GMT
Server: Apache/2
X-Powered-By: PHP/7.2.21
Set-Cookie: osCsid=t4snams2atbg08eeobh3b1qe9e; path=/; domain=shashinki.com
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache, no-cache
Expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sci-q.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:21:49 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPjey73ZfSZMCw18COxatarWm8Fr0l4kaCrqtheCFE7LsIiuL%2F8lZejNIDSkC2Hf3gUNbECtNFG0rbUKq7YnmHOMJ74NIp%2Bt0jf7EoiKcQZTpuyUKs1acPCJysrjHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9a8e04caeb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pelaburanemas.com/images/banner01.gif
103.6.198.168404 Not Found 0 B URL HTTP/2 pelaburanemas.com/images/banner01.gif
IP 103.6.198.168:0
ASN #46015 Exa Bytes Network Sdn.Bhd.
GET /images/banner01.gif HTTP/1.1
Host: pelaburanemas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sci-q.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://pelaburanemas.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 10:21:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2