indahjiwadanrupa.blogspot.de/search/label/Adidas
142.250.74.161302 Moved Temporarily 196 B URL HTTP/1.1 indahjiwadanrupa.blogspot.de/search/label/Adidas
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3ff13a70df663b28f7e87d74e39f8ef0
20c563ffe525015f44cf8cc10c6fe5d3ce9a86cb
6fec71b0d2efe97efbbcae76a62bd77af173ffd44d93e6d7e309827efeb64fed
Analyzer Verdict Alert fortinet Malware
GET /search/label/Adidas HTTP/1.1
Host: indahjiwadanrupa.blogspot.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://indahjiwadanrupa.blogspot.com/search/label/Adidas
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 24 Nov 2022 22:49:24 GMT
Expires: Thu, 24 Nov 2022 22:49:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 196
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4721
Expires: Fri, 25 Nov 2022 00:08:06 GMT
Date: Thu, 24 Nov 2022 22:49:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5722
Cache-Control: max-age=134228
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:25 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:06:33 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 22:17:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1925
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2300
Expires: Thu, 24 Nov 2022 23:27:45 GMT
Date: Thu, 24 Nov 2022 22:49:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: K9fPuJv4EVqhNlEY0O0Kcm1gnKKazOHDnzpSf8bBGbW2QNDwE1jU8ErHfMRJhBUrORKfhjHD78Q=
x-amz-request-id: Y4RB32TGXC6RZQ36
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 22:43:35 GMT
age: 350
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 22:49:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
indahjiwadanrupa.blogspot.com/search/label/Adidas
142.250.74.161200 OK 25 kB URL HTTP/1.1 indahjiwadanrupa.blogspot.com/search/label/Adidas
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1495)
Hash bdc4eca54d9a901f6dea46be1c97150f
40580b9d68ff6e89313934989c125d617186ea09
b2eced9c421250420fcf4789b52c881aafbadd61f2be299fd240c75a89e07523
Analyzer Verdict Alert fortinet Malware
GET /search/label/Adidas HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 24 Nov 2022 22:49:25 GMT
Date: Thu, 24 Nov 2022 22:49:25 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 22 Nov 2022 15:14:41 GMT
ETag: W/"ecbad70b21d766f29b6cf283af936d9cabbba864bb23876d2055a88b5952c74b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 25145
Server: GSE
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 216.58.207.234:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:52:18 GMT
Expires: Fri, 24 Nov 2023 05:52:18 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 61027
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 22:11:11 GMT
cache-control: public,max-age=3600
age: 2294
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
172.67.131.238403 Forbidden 4.2 kB URL HTTP/1.1 www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
IP 172.67.131.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1049)
Hash a4f458b03f6e0511d9648e63cb3a5885
ff95418a107ff09fb21381398216a91aee292026
39e0b92d64a3c521bcc0a7c4e76391d1be7ac2cb7e53784c1029d61ddb24924d
GET /widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3 HTTP/1.1
Host: www.apesal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Thu, 24 Nov 2022 22:49:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePKp0dYi2xWLZkBVpCjgWvzys8VnbTqkSB0kUgNIBaKZOZY42z%2F3SwqGhitxRZ9ssZYPf1Nrpa1zPgpY%2F96GJChPOls4FtqZ43jvRBcwvdGpp0w0iUBiKBhWwx3cEvDZFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f5b29f89f8b4f7-OSL
Content-Encoding: gzip
indahjiwadanrupa.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 indahjiwadanrupa.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/search/label/Adidas
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 12:20:15 GMT
Expires: Tue, 29 Nov 2022 12:20:15 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 11:51:12 GMT
Content-Type: text/javascript
Age: 210550
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 186f5295f578dc81663537fd23a898a8
212cd5caaa9d44817996854d067e7a4eae843a56
01a37259454aef3bf6436eeac239313c9bb17f58337ad0070c7784f154069e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
18.202.12.61404 Not Found 0 B URL HTTP/1.1 lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
IP 18.202.12.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1
Host: lazada.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 24 Nov 2022 22:49:25 GMT
Content-Length: 0
Connection: keep-alive
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.105200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:12:52 GMT
expires: Wed, 22 Nov 2023 18:12:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: text/css
age: 189393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 24 Nov 2022 22:49:25 GMT
expires: Thu, 24 Nov 2022 22:49:25 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.226200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.226:0
File type ASCII text, with very long lines (4885)
Hash 1ca32a3bcab0e786cb15a11857f8e01c
f648334540923fef172b08565f87f2ee81fab6d5
feb7e06bc33ecf9180e6472b44ad259770d53af04780c6d97580262d15794cbe
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 24 Nov 2022 22:49:25 GMT
Expires: Thu, 24 Nov 2022 22:49:25 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 14834276517685487010
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 51714
X-XSS-Protection: 0
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
content-type: image/gif
age: 201930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 283642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1
Host: i3.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 24 Nov 2022 22:49:25 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
X-Cache: Redirect from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KFx4dO__8VYlbl5e3WZkd_QHNm0Mq2WtTAdcjyhP6yCoB4pTN0A9NA==
Vary: Origin
www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
93.115.28.104200 OK 476 B URL HTTP/1.1 www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
IP 93.115.28.104:0
ASN #16125 UAB Cherry Servers
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (476), with no line terminators
Hash a3dc3645b8d80b9c3c9f5a237f25ee0c
4f98a773b0a59fddf0c9efc88d057c7ca83ec3dc
197dca098480d669d4b8ea2f5a2c82c17fa623b8055d9c2caa16275f0dc51353
GET /widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3 HTTP/1.1
Host: www.guablog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 476
content-type: text/html; charset=utf-8
date: Thu, 24 Nov 2022 22:49:25 GMT
server: nginx
set-cookie: sid=3ef54db0-6c4a-11ed-a990-ed747df30d2e; path=/; domain=.guablog.com; expires=Wed, 13 Dec 2090 02:03:32 GMT; max-age=2147483647; HttpOnly
www.widgeo.net/img/logopm.png
172.67.69.193200 OK 714 B URL HTTP/1.1 www.widgeo.net/img/logopm.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3832d6b8d8c47a5cefe6561297b514f6
f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
GET /img/logopm.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:25 GMT
Content-Type: image/webp
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:43:44 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 788741
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bg%2BAX%2FTVj6bOFvuxD1vPCL3uppPzoA5YYj2O5NEHpfEL6Tzj3VAq1O8sKJXusWcaEn9sLwYKcoAy3IrsRmR8EdaW8zI6v9fGibrwG9uab4c%2BLVfa4h5pGst%2FV8TteFDS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f5b2a05ecbfab4-OSL
alt-svc: h2=":443"; ma=60
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
216.58.207.226200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 216.58.207.226:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:47:10 GMT
Expires: Thu, 08 Dec 2022 22:47:10 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 135
www.blogger.com/img/share_buttons_20_3.png
142.250.74.105200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 142.250.74.105:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 19:10:58 GMT
expires: Tue, 29 Nov 2022 19:10:58 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 03:55:22 GMT
content-type: image/png
age: 185907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 132787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante
172.67.69.193200 OK 2.0 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante
IP 172.67.69.193:0
File type ASCII text, with very long lines (2149)
Hash f7c32e2c664ff6371ccc9917bf3e7968
0fcd41e0e3804df85c24da21a360ab63a3aaa6d7
26b569269368a09e9cb7e1f3948b059e83aeb9405becc0195ffa249a20176c88
GET /geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:25 GMT
Content-Type: application/javascript
Content-Length: 2036
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Wed, 30-Nov-2022 22:49:24 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 22:49:24 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQEwJC7z%2FDpRU7WgL5GGLRE7MNXfonsw3%2BxqiFANFkDMiJ7%2FQMZHbA8q2eXpCVLNdGorx1ZpNosljBJRZ91Ocr3m%2BAn%2BcD%2BhxyDVmkUPeonb1oKTpt4wzJbx8fqGd%2Be3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f5b29f3fa5b512-OSL
alt-svc: h2=":443"; ma=60
lh3.googleusercontent.com/blogger_img_proxy/ANbyha25peex6On1waSkLor3VThnKqBrVwbAJUr_pkc9YGbBIBIfpcgP0HDHoqz7Fzbr-r-8x4_Tz5azZHsosCTMbUIidFqIHijacxybNIZaOJ5LHLqTEe9qgO5T1fs3uZybFqSGFiwjRdBzHEWDOcxdfas=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha25peex6On1waSkLor3VThnKqBrVwbAJUr_pkc9YGbBIBIfpcgP0HDHoqz7Fzbr-r-8x4_Tz5azZHsosCTMbUIidFqIHijacxybNIZaOJ5LHLqTEe9qgO5T1fs3uZybFqSGFiwjRdBzHEWDOcxdfas=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e2e92d0ad78d841f7bb409a93a476276
9681c8acab26ad6be07da3c556a420ef07095774
c15471ed6faf6c40d4f9998513adb53b53c86da9d9d9a5a0d362f689716ac813
GET /blogger_img_proxy/ANbyha25peex6On1waSkLor3VThnKqBrVwbAJUr_pkc9YGbBIBIfpcgP0HDHoqz7Fzbr-r-8x4_Tz5azZHsosCTMbUIidFqIHijacxybNIZaOJ5LHLqTEe9qgO5T1fs3uZybFqSGFiwjRdBzHEWDOcxdfas=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 22:49:25 GMT
server: fife
content-length: 1752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
babab.net/banner.jpg
104.21.18.241301 Moved Permanently 0 B IP 104.21.18.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner.jpg HTTP/1.1
Host: babab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 22:49:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 24 Nov 2022 23:49:25 GMT
Location: https://babab.net/banner.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFk4RXyo5hBHsBicjMOqEB7E8z8GpNKB39AS7ZMulMn2kRl2bv%2FSkejfzVZUxEZjRTsoUwZxyWDdd8AlxLaH1KCuYo6S79qJd0qiPZYgoSsrr%2FI0XQWXleGJ6%2F0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f5b2a0e81ab4ed-OSL
alt-svc: h2=":443"; ma=60
2.bp.blogspot.com/-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg
142.250.74.161200 OK 9.7 kB URL HTTP/1.1 2.bp.blogspot.com/-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 284x177, components 3\012- data
Hash a4f70db5d17a415d936729a57c35fc8c
71cd207a6cffcfabfac4244f792b36fbe4f1d03e
f95ee4f7906c6bae688b0dd2857f1fa35eecfff4fd28bfc48fa0cf2da9200404
GET /-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="download.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9735
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:25 GMT
Expires: Wed, 23 Nov 2022 12:20:14 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v374"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 2.bp.blogspot.com/_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 519483ab971efd4913cb2731c732e3c6
f23b4e7698deefe74bf5eb4416d4f95151242cc6
80cea1fb00e70b100b87963109749614a7513670855e97c20e306d85d2e6515a
GET /_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="DSC01782.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4003
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:25 GMT
Expires: Fri, 25 Nov 2022 10:15:10 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v361"
Content-Type: image/jpeg
Age: 0
lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
18.202.12.61404 Not Found 0 B URL HTTP/1.1 lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
IP 18.202.12.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1
Host: lazada.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 24 Nov 2022 22:49:25 GMT
Content-Length: 0
Connection: keep-alive
www.blogger.com/dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Nov 2022 22:49:25 GMT
last-modified: Thu, 24 Nov 2022 22:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.exactseek.com/images/exactbutton1.gif
70.35.204.181301 Moved Permanently 257 B URL HTTP/1.1 www.exactseek.com/images/exactbutton1.gif
IP 70.35.204.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48c98997d6fa28d700b855f077bce633
21b78f14da526ba1f9884d0e8ce3466d7be19e98
30a024c030c55b3d900f54cf963d1832bfd536f5aa7b3be9c72010804e7f7371
GET /images/exactbutton1.gif HTTP/1.1
Host: www.exactseek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 22:49:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Location: https://www.exactseek.com/images/exactbutton1.gif
Content-Length: 257
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img1.blogblog.com/img/icon18_email.gif
142.250.74.105200 OK 164 B URL HTTP/1.1 img1.blogblog.com/img/icon18_email.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 164
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 14:03:04 GMT
Expires: Tue, 29 Nov 2022 14:03:04 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 21 Nov 2022 13:51:27 GMT
Content-Type: image/gif
Age: 204382
i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
143.204.55.79301 Moved Permanently 167 B URL HTTP/1.1 i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
IP 143.204.55.79:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 24 Nov 2022 22:49:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RAPxrAE7aFa3gqJuQUJIQKvQoGGSDc2cI-7uoCcvheTOPB5jmgwfMQ==
Vary: Origin
checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
96.30.9.108301 Moved Permanently 265 B URL HTTP/1.1 checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
IP 96.30.9.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0073ca79e85d68cb2fab8e7e5c4a480d
f642f89381d48bdaad1ce223a8e703e016135a20
568581d906f2f2bb96004e47003bb48e46ff0d0f075b3bb3920f2fbe5e03b62b
GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1
Host: checkpagerank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: Apache
Location: https://checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
Cache-Control: max-age=2592000
Expires: Sat, 24 Dec 2022 22:49:26 GMT
Content-Length: 265
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
freewebsubmission.com/images/fwsbutton10.gif
74.208.47.213301 Moved Permanently 264 B URL HTTP/1.1 freewebsubmission.com/images/fwsbutton10.gif
IP 74.208.47.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7221f96d857c7b9834679c5b1e9506a5
7db481e963cbeb932e52542a507c18064a3c52e8
a63b8e8095f8993b68e0996813cc5e9a672ae063b25adaffc106b97ec6215262
GET /images/fwsbutton10.gif HTTP/1.1
Host: freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://www.freewebsubmission.com/images/fwsbutton10.gif
Content-Length: 264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
lh6.googleusercontent.com/-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png
142.250.74.33200 OK 2.2 kB URL HTTP/2 lh6.googleusercontent.com/-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png
IP 142.250.74.33:0
File type PNG image data, 80 x 17, 8-bit/color RGB, non-interlaced\012- data
Hash bb0651bbbfd9c2e79199ca92ec68d70c
33d6ae10e2e42ed379492e0c39c7404052ab1bdd
325dabd04cf57c8027e711e5c667284c7f11412e6c1543269757c5b50196c2b1
GET /-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="pingje.org1.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2166
x-xss-protection: 0
date: Thu, 24 Nov 2022 19:11:19 GMT
expires: Thu, 17 Nov 2022 00:52:15 GMT
cache-control: public, max-age=86400, no-transform
age: 13087
etag: "v3aec"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha25peex6On1waSkLor3VThnKqBrVwbAJUr_pkc9YGbBIBIfpcgP0HDHoqz7Fzbr-r-8x4_Tz5azZHsosCTMbUIidFqIHijacxybNIZaOJ5LHLqTEe9qgO5T1fs3uZybFqSGFiwjRdBzHEWDOcxdfas=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha25peex6On1waSkLor3VThnKqBrVwbAJUr_pkc9YGbBIBIfpcgP0HDHoqz7Fzbr-r-8x4_Tz5azZHsosCTMbUIidFqIHijacxybNIZaOJ5LHLqTEe9qgO5T1fs3uZybFqSGFiwjRdBzHEWDOcxdfas=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e2e92d0ad78d841f7bb409a93a476276
9681c8acab26ad6be07da3c556a420ef07095774
c15471ed6faf6c40d4f9998513adb53b53c86da9d9d9a5a0d362f689716ac813
GET /blogger_img_proxy/ANbyha25peex6On1waSkLor3VThnKqBrVwbAJUr_pkc9YGbBIBIfpcgP0HDHoqz7Fzbr-r-8x4_Tz5azZHsosCTMbUIidFqIHijacxybNIZaOJ5LHLqTEe9qgO5T1fs3uZybFqSGFiwjRdBzHEWDOcxdfas=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 22:49:26 GMT
server: fife
content-length: 1752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-vwvg9FtCbME/UjcFYRxsEAI/AAAAAAAA0dM/h6TQPKgexJc/s400/2013-09-16_211807.png
142.250.74.161200 OK 179 kB URL HTTP/1.1 2.bp.blogspot.com/-vwvg9FtCbME/UjcFYRxsEAI/AAAAAAAA0dM/h6TQPKgexJc/s400/2013-09-16_211807.png
IP 142.250.74.161:0
File type PNG image data, 400 x 275, 8-bit/color RGB, non-interlaced\012- data
Size 179 kB (179181 bytes)
Hash a89532bc2fcd4becdf8a1c2d327c85cc
5dcff136498868c6ef38dd3490f6d6903088543b
8089a036460539fa4da0d86d1ed336134b4662a7bc6e458c91795b77f130ba28
GET /-vwvg9FtCbME/UjcFYRxsEAI/AAAAAAAA0dM/h6TQPKgexJc/s400/2013-09-16_211807.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1d4"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211807.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 179181
X-XSS-Protection: 0
2.bp.blogspot.com/-bUXYUlMxb-8/UjcFLsL5P5I/AAAAAAAA0bI/PgxW7WH7_rU/s400/2013-09-16_211441.png
142.250.74.161200 OK 77 kB URL HTTP/1.1 2.bp.blogspot.com/-bUXYUlMxb-8/UjcFLsL5P5I/AAAAAAAA0bI/PgxW7WH7_rU/s400/2013-09-16_211441.png
IP 142.250.74.161:0
File type PNG image data, 400 x 207, 8-bit/color RGB, non-interlaced\012- data
Hash 11ad575016a9bd15e9971b322f94be1c
3159bba84d9a2819d09718a1b81148171efe7c83
a9d430c25258119d42562abb857d0bc9be6ed96fbff8f9a1a07b67c564ae2ae4
GET /-bUXYUlMxb-8/UjcFLsL5P5I/AAAAAAAA0bI/PgxW7WH7_rU/s400/2013-09-16_211441.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1b7"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211441.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 76952
X-XSS-Protection: 0
3.bp.blogspot.com/_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 3.bp.blogspot.com/_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3d42f7f33e453573f41f6cc2c6eda1b8
eafc5470ca0afaef11e69fa85a11c2d4fedfec75
a7086bee3ff1c2dce04fd97ff379dd1804a877d2d34108745bd4e8b27d8f8824
GET /_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="DSC01119.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3179
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:26 GMT
Expires: Wed, 23 Nov 2022 12:20:15 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v366"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-pRK-7uL0Mj4/UjcFXENyp5I/AAAAAAAA0co/5pnR8CaR5jI/s400/2013-09-16_211731.png
142.250.74.161200 OK 73 kB URL HTTP/1.1 2.bp.blogspot.com/-pRK-7uL0Mj4/UjcFXENyp5I/AAAAAAAA0co/5pnR8CaR5jI/s400/2013-09-16_211731.png
IP 142.250.74.161:0
File type PNG image data, 400 x 141, 8-bit/color RGB, non-interlaced\012- data
Hash aa18ded915ace3467eef3013c5b7606a
771874384fe84a3cb5e56c7547ca6f6a0934571e
75a653e63295278f542ac290fc7818558c5faae2513725ed499fb0c749b818ca
GET /-pRK-7uL0Mj4/UjcFXENyp5I/AAAAAAAA0co/5pnR8CaR5jI/s400/2013-09-16_211731.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1cd"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211731.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 72826
X-XSS-Protection: 0
hosting.tinjau.net/aff-banner/aff_hosting.gif
162.215.231.71301 Moved Permanently 0 B URL HTTP/1.1 hosting.tinjau.net/aff-banner/aff_hosting.gif
IP 162.215.231.71:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff-banner/aff_hosting.gif HTTP/1.1
Host: hosting.tinjau.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://hosting.tinjau.net/aff-banner/aff_hosting.gif
magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
103.224.212.222404 Not Found 196 B URL HTTP/1.1 magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
IP 103.224.212.222:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Malware
GET /FCUCOMMUNITY/fcuwidget.js HTTP/1.1
Host: magazine.sepakuhosting.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
1.bp.blogspot.com/-euRVYxeJqAI/UjcFX__dVaI/AAAAAAAA0c8/4RutDOP_1TM/s400/2013-09-16_211753.png
142.250.74.161200 OK 107 kB URL HTTP/1.1 1.bp.blogspot.com/-euRVYxeJqAI/UjcFX__dVaI/AAAAAAAA0c8/4RutDOP_1TM/s400/2013-09-16_211753.png
IP 142.250.74.161:0
File type PNG image data, 400 x 252, 8-bit/color RGB, non-interlaced\012- data
Size 107 kB (107291 bytes)
Hash df71d3e3b2e0a125ef1b4f178f89e44e
b520a956c87becb4e3edfa95a99c81753580e094
46fa3c7977b334ef6cc106cab3a42ab8c5d4da4667512b7282b2104fedd2fae7
GET /-euRVYxeJqAI/UjcFX__dVaI/AAAAAAAA0c8/4RutDOP_1TM/s400/2013-09-16_211753.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1d2"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211753.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 107291
X-XSS-Protection: 0
1.bp.blogspot.com/-gT6AJkTIDCo/UjcFTardDoI/AAAAAAAA0cM/ZxGZvhIGIGE/s400/2013-09-16_211621.png
142.250.74.161200 OK 111 kB URL HTTP/1.1 1.bp.blogspot.com/-gT6AJkTIDCo/UjcFTardDoI/AAAAAAAA0cM/ZxGZvhIGIGE/s400/2013-09-16_211621.png
IP 142.250.74.161:0
File type PNG image data, 400 x 260, 8-bit/color RGB, non-interlaced\012- data
Size 111 kB (110728 bytes)
Hash 11b090c949dcac66808e408130aa8994
08a96824f985f3f0c55fcdccf17dcbc521d2a497
b1c386b16cc90872e3d338621828a55e328d01acc230a750634a73e05eaa3124
GET /-gT6AJkTIDCo/UjcFTardDoI/AAAAAAAA0cM/ZxGZvhIGIGE/s400/2013-09-16_211621.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1c5"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211621.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 110728
X-XSS-Protection: 0
4.bp.blogspot.com/-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 4.bp.blogspot.com/-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0b48f23c4ecd71b36abac5e8a55a2c91
9491834eb4194daf80830d6f14541ce6fe3b6806
39f008537ec28d821a52f106849448623c1ea6424648ce0bc801d2f43b223fd3
GET /-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3226
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:26 GMT
Expires: Wed, 23 Nov 2022 12:20:14 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3fce"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif
142.250.74.161200 OK 1.3 kB URL HTTP/1.1 1.bp.blogspot.com/-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 80 x 15\012- data
Hash d1ee1ccdf97f9a91080d32c8c8593cd6
41deb789d73a2151e534c7256c23ee829f445119
00f9b7d4e1ff1f577ae24bd150629fbb15fcc15b0f418e5c4bed0907bcc5dd4c
GET /-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kedai_backlink.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1265
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 18:51:38 GMT
Expires: Thu, 17 Nov 2022 00:54:10 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 14268
ETag: "v110b"
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6281
Cache-Control: max-age=129724
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:51:30 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-va4IQ-Rs5Qw/UjcFMyt8aHI/AAAAAAAA0bY/HDzDun3nKIo/s400/2013-09-16_211458.png
142.250.74.161200 OK 78 kB URL HTTP/1.1 3.bp.blogspot.com/-va4IQ-Rs5Qw/UjcFMyt8aHI/AAAAAAAA0bY/HDzDun3nKIo/s400/2013-09-16_211458.png
IP 142.250.74.161:0
File type PNG image data, 400 x 214, 8-bit/color RGB, non-interlaced\012- data
Hash 9f0c54c1b8ae2d9f263cbe9b234aa1c3
cc8fca7a01f647310af587d8bd2068e19982a223
04a94a3e4cc5c25787b3b674fff3229c42fe8dd53fb1378ca2750dcc978f1e7c
GET /-va4IQ-Rs5Qw/UjcFMyt8aHI/AAAAAAAA0bY/HDzDun3nKIo/s400/2013-09-16_211458.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1b8"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211458.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 77899
X-XSS-Protection: 0
1.bp.blogspot.com/-w3TdmPofak4/UjcFNcTtudI/AAAAAAAA0bo/UlRvaNDOKfM/s400/2013-09-16_211508.png
142.250.74.161200 OK 70 kB URL HTTP/1.1 1.bp.blogspot.com/-w3TdmPofak4/UjcFNcTtudI/AAAAAAAA0bo/UlRvaNDOKfM/s400/2013-09-16_211508.png
IP 142.250.74.161:0
File type PNG image data, 400 x 167, 8-bit/color RGB, non-interlaced\012- data
Hash 79f9e52e19fb12cc70b54cbdb36d1b08
b8c15b8d661ade42c0e2328328a5fe539e5bee24
124345a36d45b40d0e19d39770609450545ae2ed6df066dc9363f6c763959123
GET /-w3TdmPofak4/UjcFNcTtudI/AAAAAAAA0bo/UlRvaNDOKfM/s400/2013-09-16_211508.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1bf"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211508.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 70445
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
onlinelinkscan.com/files/images/threat_free.gif
172.67.217.203200 OK 259 B URL HTTP/1.1 onlinelinkscan.com/files/images/threat_free.gif
IP 172.67.217.203:0
File type GIF image data, version 87a, 73 x 15\012- data
Hash 082d6d408eed111f03feb4d9f0b03dd7
f5a6a105f52a02f0d3f5363877697ed64e2b232b
754f6a7442e7ddea1af649b273dc228b77c221ab9ca8b1857b6911451675bd91
GET /files/images/threat_free.gif HTTP/1.1
Host: onlinelinkscan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:26 GMT
Content-Type: image/gif
Content-Length: 259
Connection: keep-alive
Last-Modified: Wed, 29 May 2013 03:03:31 GMT
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 22:49:26 GMT
Vary: User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJeoRH86W6A50pi2ecMfG6HXCg%2BoY1X2U%2Blmfa18ZsD3kEYW6%2FhGaJVmokc%2B8%2BqeCxJVulTCGzNqRish5aiKEY6U%2FtKqYaKpwGZNCykh5IlbP3o9qoCxlsYn7pgfUt3IZVi3nmA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f5b2a1b870b50b-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5534
Cache-Control: max-age=129341
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 10:45:07 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
4.bp.blogspot.com/-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg
142.250.74.161200 OK 1.8 kB URL HTTP/1.1 4.bp.blogspot.com/-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d9ed42e49fc7117ef9148e059c33c3d0
d227b1a97f8e0a73320922de002c9d52d0bc0792
d5fb13a526c7c1bfb45ee4f177ddc33b71f0f7b461a722af45ffdc18aaf08d27
GET /-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1777
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:26 GMT
Expires: Wed, 23 Nov 2022 12:20:15 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v6a1"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg
142.250.74.161404 Not Found 1.7 kB URL HTTP/1.1 2.bp.blogspot.com/-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
GET /-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 1742
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa3ba88f6bee30e5a57694e5f49faa65
821c8f9f416c2a69457195026a3e029644ec2c82
b470eddfdeb6599c26456b93b717aa08f71dd73a6882f497a39bcddcdb6f770c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4639
Cache-Control: max-age=160125
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 19:18:11 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
www.widgeo.net/tcm_t_u.js
172.67.69.193200 OK 0 B URL HTTP/2 www.widgeo.net/tcm_t_u.js
IP 172.67.69.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcm_t_u.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: application/javascript
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Thu, 24 Nov 2022 23:55:53 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 600811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZkib6ijpz01jwOlmg4g1FrE%2FxHnrxEI3MAx5hqE5Wkqa3bGU0i0HSBcDx8BHEyWtmh%2BUVk4FQ5N14hD%2B8Q9oI%2FEFqHvz3w3i%2Br2Ius1nwC2r%2Bkrd1mSTfIOR56UMPvW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a37afab529-OSL
X-Firefox-Spdy: h2
tinjau.net/banner.gif
162.215.231.71301 Moved Permanently 0 B IP 162.215.231.71:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner.gif HTTP/1.1
Host: tinjau.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://tinjau.net/banner.gif
4.bp.blogspot.com/-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 4.bp.blogspot.com/-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 22b94b698a7b8c15dc27c6fdc891e8de
40c89ab1626d971fc168d3c9d931966eb6d4dcab
344d177cb9bbe859df6d0927396df711de8193753cbd44b31002c547513f6546
GET /-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="cium.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3961
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:26 GMT
Expires: Wed, 23 Nov 2022 12:20:15 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v639"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/-TBdX0XV8lA0/UjcFQ0Yb_fI/AAAAAAAA0b0/D2BXDYN0jHA/s400/2013-09-16_211548.png
142.250.74.161200 OK 85 kB URL HTTP/1.1 3.bp.blogspot.com/-TBdX0XV8lA0/UjcFQ0Yb_fI/AAAAAAAA0b0/D2BXDYN0jHA/s400/2013-09-16_211548.png
IP 142.250.74.161:0
File type PNG image data, 400 x 185, 8-bit/color RGB, non-interlaced\012- data
Hash bbeb12ea138a85c2afd018e259eb0ecf
9357f04c96ad3ef1d3a9bd5b7d63f04cd3f58130
b9feb94c174d8d0a3357a99efce0431d9b36fe8da650234e8d423317f6a02488
GET /-TBdX0XV8lA0/UjcFQ0Yb_fI/AAAAAAAA0b0/D2BXDYN0jHA/s400/2013-09-16_211548.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1c2"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211548.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 85125
X-XSS-Protection: 0
googleping.com/wp-content/uploads/2011/04/logo.png
104.219.251.211200 OK 4.7 kB URL HTTP/1.1 googleping.com/wp-content/uploads/2011/04/logo.png
IP 104.219.251.211:0
File type PNG image data, 214 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash bcb4a47cb86d2a1911360d037df41533
140477c387e054d860e1c89945abad7d05403b91
0529dbd436a56c0dfed63a6d2907edbc3f06d98568de4eadaa19220b792f369a
GET /wp-content/uploads/2011/04/logo.png HTTP/1.1
Host: googleping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:25 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2016 17:23:25 GMT
Accept-Ranges: bytes
Content-Length: 4749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
3.bp.blogspot.com/-X4zG2059VzE/UjcFR6qwWrI/AAAAAAAA0b4/7dE9x76AyTM/s400/2013-09-16_211556.png
142.250.74.161200 OK 88 kB URL HTTP/1.1 3.bp.blogspot.com/-X4zG2059VzE/UjcFR6qwWrI/AAAAAAAA0b4/7dE9x76AyTM/s400/2013-09-16_211556.png
IP 142.250.74.161:0
File type PNG image data, 400 x 186, 8-bit/color RGB, non-interlaced\012- data
Hash 36260f54de194ca92934cb45ccde0d0f
6698bc353ba63754d2e65bd52d59d9eef0419dfe
6934e70e54c94ed626eaeb4761f4e4d578ed6d4d47741d5d82d9dbd012dc5969
GET /-X4zG2059VzE/UjcFR6qwWrI/AAAAAAAA0b4/7dE9x76AyTM/s400/2013-09-16_211556.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1c1"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211556.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 88090
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
142.250.74.33301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
IP 142.250.74.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 24 Nov 2022 22:49:26 GMT
Location: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
1.bp.blogspot.com/-Diz96kAyrAw/UjcFSNGMviI/AAAAAAAA0cg/mLGwI_U1TVI/s400/2013-09-16_211604.png
142.250.74.161200 OK 107 kB URL HTTP/1.1 1.bp.blogspot.com/-Diz96kAyrAw/UjcFSNGMviI/AAAAAAAA0cg/mLGwI_U1TVI/s400/2013-09-16_211604.png
IP 142.250.74.161:0
File type PNG image data, 400 x 211, 8-bit/color RGB, non-interlaced\012- data
Size 107 kB (107009 bytes)
Hash fa633bb935805f45beeaed2b1a665e9e
d164f642b518d7c8bdfd4242effb1e673cad7673
76804cb5d9fcf5a69a79ec314ac57ebd7c0f83a41e0fae69406a2e7f0b34ac5f
GET /-Diz96kAyrAw/UjcFSNGMviI/AAAAAAAA0cg/mLGwI_U1TVI/s400/2013-09-16_211604.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1cc"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211604.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 107009
X-XSS-Protection: 0
1.bp.blogspot.com/-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg
142.250.74.161200 OK 2.4 kB URL HTTP/1.1 1.bp.blogspot.com/-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 878056a4a5598f49e66c126eb4e492f3
53d9105ef859a54a868c98309f67ad64e4c43091
9ddafdc2ce783f420e97f41407f7f3b5eb328751e563cf311f2e2ae104edf712
GET /-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kamas.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2372
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:26 GMT
Expires: Fri, 25 Nov 2022 10:15:10 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v35a"
Content-Type: image/jpeg
Age: 0
www.blogblog.com/1kt/travel/bg_container.png
142.250.74.105200 OK 250 kB URL HTTP/1.1 www.blogblog.com/1kt/travel/bg_container.png
IP 142.250.74.105:0
File type PNG image data, 860 x 460, 8-bit/color RGBA, interlaced\012- data
Size 250 kB (249501 bytes)
Hash 016de5d2fb137736ea0d36709f5031cb
67c199e0bc1ea199e91645dc31391d8ccd49c997
2c77b04f02316141ac67884a7708912b4d1e0313dd9e6a4e86f2f5cee551652b
GET /1kt/travel/bg_container.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 249501
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 04:14:03 GMT
Expires: Wed, 30 Nov 2022 04:14:03 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 23 Nov 2022 02:52:49 GMT
Content-Type: image/png
Age: 153323
lh3.googleusercontent.com/blogger_img_proxy/ANbyha11Ue1rnvk2klEk2TlMgB3jRMq4ZR9uIVuEA-4DRDXPYBXS12K82Rwk0Om2iWxOh3g0p-KuWU--tqSsmS0xiAbdHSRJsAojj1Vhd93y9RSDcM0xau2MqcQAivI=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha11Ue1rnvk2klEk2TlMgB3jRMq4ZR9uIVuEA-4DRDXPYBXS12K82Rwk0Om2iWxOh3g0p-KuWU--tqSsmS0xiAbdHSRJsAojj1Vhd93y9RSDcM0xau2MqcQAivI=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b28ffc1c57d91c15cb5a204cf2299a44
aeb41a864ead8479d4804c3d1d7f5d6d72d7a0f1
857ddb90cc7b2c743231c774265533db824aa96e8e30ff0593b7aaa32de78720
GET /blogger_img_proxy/ANbyha11Ue1rnvk2klEk2TlMgB3jRMq4ZR9uIVuEA-4DRDXPYBXS12K82Rwk0Om2iWxOh3g0p-KuWU--tqSsmS0xiAbdHSRJsAojj1Vhd93y9RSDcM0xau2MqcQAivI=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 22:49:26 GMT
server: fife
content-length: 1724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-yBHIHPyuV40/UjcFVPgg65I/AAAAAAAA0ck/d8DwRy5vXmY/s400/2013-09-16_211713.png
142.250.74.161200 OK 104 kB URL HTTP/1.1 3.bp.blogspot.com/-yBHIHPyuV40/UjcFVPgg65I/AAAAAAAA0ck/d8DwRy5vXmY/s400/2013-09-16_211713.png
IP 142.250.74.161:0
File type PNG image data, 400 x 212, 8-bit/color RGB, non-interlaced\012- data
Size 104 kB (104318 bytes)
Hash a4888dbfa24812a305baa905a34a2070
505575c97fd4185c62d83b5844b6d2355663a04e
f5101449e4e252e26770551de6257c234d78a21f91dd5266aec6a7bd655f81f1
GET /-yBHIHPyuV40/UjcFVPgg65I/AAAAAAAA0ck/d8DwRy5vXmY/s400/2013-09-16_211713.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1cb"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211713.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 104318
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa3ba88f6bee30e5a57694e5f49faa65
821c8f9f416c2a69457195026a3e029644ec2c82
b470eddfdeb6599c26456b93b717aa08f71dd73a6882f497a39bcddcdb6f770c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4639
Cache-Control: max-age=160125
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 19:18:11 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 685eburanZm7lN76vmTb9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ncoClEc5FfcciP27/KakytziLrc=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png
142.250.74.161200 OK 161 kB URL HTTP/1.1 2.bp.blogspot.com/-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png
IP 142.250.74.161:0
File type PNG image data, 946 x 289, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (160971 bytes)
Hash 0334769ec7546cd44c8d5df205a99bd4
20cc88def259ba1065d1f459f7d607e36c08f40a
de9caa4c132fe7d5716f2e6adb31cfef2cd66cd20b4b3af55dde3366cefd6bb8
GET /-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="WELCOME-BACKGROUND.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 160971
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 22:49:26 GMT
Expires: Fri, 25 Nov 2022 10:15:10 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2c4"
Content-Type: image/png
Age: 0
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 24 Nov 2022 10:25:42 GMT
expires: Thu, 08 Dec 2022 10:25:42 GMT
cache-control: public, max-age=1209600
age: 44624
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54f24adb80ed3e82590fae1e776d2df6
502bcc08679c733c00caab73fb2facaaa2f04fe7
581b3030b7c35b78f5537d3fffd0630add6c5e4b7873f7b97cb71fc0993a6fe6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "581B3030B7C35B78F5537D3FFFD0630ADD6C5E4B7873F7B97CB71FC0993A6FE6"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5279
Expires: Fri, 25 Nov 2022 00:17:25 GMT
Date: Thu, 24 Nov 2022 22:49:26 GMT
Connection: keep-alive
2.bp.blogspot.com/-FY1mYKegrUI/UjcFL_Z4-DI/AAAAAAAA0bM/lJUGMPqH2_A/s400/2013-09-16_211432.png
142.250.74.161200 OK 88 kB URL HTTP/1.1 2.bp.blogspot.com/-FY1mYKegrUI/UjcFL_Z4-DI/AAAAAAAA0bM/lJUGMPqH2_A/s400/2013-09-16_211432.png
IP 142.250.74.161:0
File type PNG image data, 400 x 247, 8-bit/color RGB, non-interlaced\012- data
Hash b0984e4549516ae5b802a0cf1e105585
a6b1180e3be247f0b7512dc10e134e94c153c28d
2a4717853264e64f92134b4365fc6f3b6592a053fb0744c430e6e9033d9d4cc3
GET /-FY1mYKegrUI/UjcFL_Z4-DI/AAAAAAAA0bM/lJUGMPqH2_A/s400/2013-09-16_211432.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1b5"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211432.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 88454
X-XSS-Protection: 0
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
142.250.74.33200 OK 143 kB URL HTTP/2 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1091, components 3\012- data
Size 143 kB (142821 bytes)
Hash 15b8c01b50ff9f8ff54aa69ccaabb864
ec9cc4339a62bd9be4accef1b8c1b25476c45ba5
4a183e57fcf4205d9d05b5b76ce7907b64d194def843598a4176ff55c36bfec9
GET /image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 25 Nov 2022 22:49:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 22:49:26 GMT
server: fife
content-length: 142821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com&bust=31070923
216.58.207.226200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com&bust=31070923
IP 216.58.207.226:0
File type ASCII text, with very long lines (6090)
Size 120 kB (119614 bytes)
Hash 7e3036581529e261c0a85e17c03fd711
be2ea41937f3c1c6d51ab5393bfa4f90b794642a
d96d6a018a6fbb96535310cb813e74492c2fa2e15c3d797ead5101202a43aa7e
GET /pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com&bust=31070923 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Nov 2022 22:49:26 GMT
expires: Thu, 24 Nov 2022 22:49:26 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16476422012915340693
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s05.flagcounter.com/count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/
66.154.110.218200 OK 79 kB URL HTTP/1.1 s05.flagcounter.com/count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/
IP 66.154.110.218:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 162 x 1376, 8-bit/color RGB, non-interlaced\012- data
Hash b31a3d91711dec4021e90d73237e64f7
a9aa513b1cf2d74686ab92ff62a0a30779c9ae92
d5685c1d9c817757741ef173d4d282d4878c93b14145aa7b646cab3e2e8adbd6
GET /count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/ HTTP/1.1
Host: s05.flagcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
2.bp.blogspot.com/-Y7Iit1OrVZ8/UjcFNzB21zI/AAAAAAAA0bs/p65cIdATVco/s400/2013-09-16_211520.png
142.250.74.161200 OK 89 kB URL HTTP/1.1 2.bp.blogspot.com/-Y7Iit1OrVZ8/UjcFNzB21zI/AAAAAAAA0bs/p65cIdATVco/s400/2013-09-16_211520.png
IP 142.250.74.161:0
File type PNG image data, 400 x 199, 8-bit/color RGB, non-interlaced\012- data
Hash bdfecccb4a65364e65ebbe1223b59715
bccfa08a2605f92f05c10d2cbbe56db42db25f82
4dec4b751b57fafd565316bda056be050825d9703ad20d0ddbfaddb6890eb05e
GET /-Y7Iit1OrVZ8/UjcFNzB21zI/AAAAAAAA0bs/p65cIdATVco/s400/2013-09-16_211520.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1c0"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211520.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 89071
X-XSS-Protection: 0
1.bp.blogspot.com/-XQB8aU0cIoY/UjcFL1XDiaI/AAAAAAAA0bE/KEo6aBCA3cE/s400/2013-09-16_211449.png
142.250.74.161200 OK 74 kB URL HTTP/1.1 1.bp.blogspot.com/-XQB8aU0cIoY/UjcFL1XDiaI/AAAAAAAA0bE/KEo6aBCA3cE/s400/2013-09-16_211449.png
IP 142.250.74.161:0
File type PNG image data, 400 x 158, 8-bit/color RGB, non-interlaced\012- data
Hash 47e7009f0e69c389fb06d2d1c3f078cb
69628fd5e3aa42141b0bc614a45f6991cc325c6d
bc0e744980b0a8c2f15a1825fb3eeb787def355f8038e71fae42fc285bf74a13
GET /-XQB8aU0cIoY/UjcFL1XDiaI/AAAAAAAA0bE/KEo6aBCA3cE/s400/2013-09-16_211449.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1b4"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211449.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 73842
X-XSS-Protection: 0
2.bp.blogspot.com/-vGLBrex_jyw/UjcFSsNxJAI/AAAAAAAA0cQ/3LEPEYcF6xQ/s400/2013-09-16_211612.png
142.250.74.161200 OK 111 kB URL HTTP/1.1 2.bp.blogspot.com/-vGLBrex_jyw/UjcFSsNxJAI/AAAAAAAA0cQ/3LEPEYcF6xQ/s400/2013-09-16_211612.png
IP 142.250.74.161:0
File type PNG image data, 400 x 247, 8-bit/color RGB, non-interlaced\012- data
Size 111 kB (111306 bytes)
Hash d9dfb62834bec9db2df90973de23254d
737dc919add4b86fd8c9ecc164f003a8ebd12034
2326257c140bf9167d80faee54928d77321d86032a49b45186accd9885b2b33e
GET /-vGLBrex_jyw/UjcFSsNxJAI/AAAAAAAA0cQ/3LEPEYcF6xQ/s400/2013-09-16_211612.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1c6"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211612.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 111306
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5534
Cache-Control: max-age=129341
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 10:45:07 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
2.bp.blogspot.com/-x8a4MHuYHWA/UjcFV7OxB8I/AAAAAAAA0cc/9QYx1gJKaa0/s400/2013-09-16_211721.png
142.250.74.161200 OK 78 kB URL HTTP/1.1 2.bp.blogspot.com/-x8a4MHuYHWA/UjcFV7OxB8I/AAAAAAAA0cc/9QYx1gJKaa0/s400/2013-09-16_211721.png
IP 142.250.74.161:0
File type PNG image data, 400 x 170, 8-bit/color RGB, non-interlaced\012- data
Hash 9352c31d4be432cbeb62386632a2d577
67d76a4f68dc0c5dcc445b42d4ce07fa317f8f5a
e72b2726e76abff90eca836f559c66a6787ca7f6cfc53b62327407a8b54e1a11
GET /-x8a4MHuYHWA/UjcFV7OxB8I/AAAAAAAA0cc/9QYx1gJKaa0/s400/2013-09-16_211721.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1d1"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211721.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 77828
X-XSS-Protection: 0
1.bp.blogspot.com/-t3-DtxOS6c0/UjcFPYRiHUI/AAAAAAAA0bk/Lx9OT9MBZdI/s400/2013-09-16_211538.png
142.250.74.161200 OK 88 kB URL HTTP/1.1 1.bp.blogspot.com/-t3-DtxOS6c0/UjcFPYRiHUI/AAAAAAAA0bk/Lx9OT9MBZdI/s400/2013-09-16_211538.png
IP 142.250.74.161:0
File type PNG image data, 400 x 214, 8-bit/color RGB, non-interlaced\012- data
Hash e39577f1c1a954907bf054688a503d9c
a68f1a072e99f547ba8fa0d19f41d5dd19c50fa5
b0bc3c12ca4bd31017de8c8ce2911d1527f31c35776070c9d4b0e05897632048
GET /-t3-DtxOS6c0/UjcFPYRiHUI/AAAAAAAA0bk/Lx9OT9MBZdI/s400/2013-09-16_211538.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1bc"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211538.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 88244
X-XSS-Protection: 0
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.69.193200 OK 4.4 kB URL HTTP/2 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.69.193:0
Hash ba20012d61df8ec69bb4e7629c6815f1
0d1fb4cbb926a9e875d19a53ea266a2bda56f4a0
ed5c36e486296a575b2aed9ce7926d3de07675b8d740a2d98ad648a43c91a1c3
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2T%2FeKSUnpsBbouklFTHaMGs7vLe3WM8aavzoyloWGameIlAg4LfNcwwyDnR0z3z2%2FgP44kHrK%2BtQhuV038SxDSrbKpIQ0A%2FjV6gUM1ITPkdkQ5LN6wi45nDgU08L8rR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5b2a45c1eb529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 26 Nov 2022 22:49:26 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
143.204.55.106200 OK 834 B URL HTTP/2 i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 576ebd4971b153fdc7099dc1258ceb33
a7c63a407b3cfe17c110fa62e36807dcf86114e5
3f56a5eb35a3b530c6d648f70be1bfaf8152fc95d18f1a87a712a19883678eac
GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1
Host: i3.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 834
date: Thu, 24 Nov 2022 22:49:26 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="bloggedmylink.webp"
expires: Fri, 24 Nov 2023 22:49:26 GMT
server: photobucket
x-amzn-trace-id: Root=1-637ff4f6-7b38bd3b53a6d89f71fa2322
x-request-id: 8nic5bOfBI52sVvfD-SEy
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T9L4GNABww-Yu5YgxsO5SalXI2qH9cJf-Oqk2kood7n83hgAgFwIbg==
vary: Accept, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Adidas&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FAdidas
172.67.69.193200 OK 2.1 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Adidas&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FAdidas
IP 172.67.69.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321)
Hash 0cc0f7989e7ad090bca5ac638ba551d4
e6e35867b1f2e94c70caf76697609e6c5fead89f
8ce5239c55782756b9898452d0cb59aee14993f6e77057b1fe6d40b0b89b4745
GET /geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Adidas&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FAdidas HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Wed, 22-Feb-2023 22:49:25 GMT; Max-Age=7776000; path=/
pays=Norway; expires=Wed, 22-Feb-2023 22:49:25 GMT; Max-Age=7776000; path=/
ville=Oslo; expires=Wed, 22-Feb-2023 22:49:25 GMT; Max-Age=7776000; path=/
idcompteurcc_1478332=done; expires=Fri, 25-Nov-2022 22:49:25 GMT; Max-Age=86400; path=/
online_idcompteurcc_1478332=done; expires=Thu, 24-Nov-2022 22:52:25 GMT; Max-Age=180; path=/
originecc_1478332=United%2BStates%2523United%2BStates%2BCity%25234639%257CCanada%2523Canada%2BCity%25231073%257CUnited%2BStates%2523Boardman%2523972%257CCanada%2523Burnaby%2523250%257CUnited%2BStates%2523Fort%2BLauderdale%2523186%257CUnited%2BStates%2523Raleigh%252381%257CNew%2BZealand%2523Auckland%252374%257CAustralia%2523Australia%2BCity%252352%257CRomania%2523Romania%2BCity%252351%257CGermany%2523Germany%2BCity%252344%257CNetherlands%2523Amsterdam%252336%257CUnited%2BStates%2523Los%2BAngeles%252336%257CFinland%2523Finland%2BCity%252331%257CUnited%2BStates%2523Dallas%252327%257CGermany%2523Nurnberg%252326%257CBangladesh%2523Bangladesh%2BCity%252324%257CNetherlands%2523Netherlands%2BCity%252323%257CUnited%2BStates%2523Duluth%252320%257CUnited%2BStates%2523Santa%2BClara%252319%257CUnited%2BStates%2523Mountain%2BView%252317%257CJordan%2523Jordan%2BCity%252317%257CUnited%2BStates%2523Washington%252316%257CUnited%2BStates%2523Dallax%252316%257CKorea%252C%2BRepublic%2Bof%2523Seongnam%252316%257CRussian%2BFederation%2523Russian%2BFederation%2BCity%252315%257CSlovakia%2523Slovakia%2BCity%252315%257CUnited%2BStates%2523New%2BYork%252314%257CUnited%2BStates%2523Herndon%252314%257CUnited%2BStates%2523Chicago%252313%257C; expires=Thu, 24-Nov-2022 22:52:25 GMT; Max-Age=180; path=/
online_1478332=2; expires=Thu, 24-Nov-2022 22:52:25 GMT; Max-Age=180; path=/
jour_1478332=8; expires=Thu, 24-Nov-2022 22:52:25 GMT; Max-Age=180; path=/
total_1478332=8225; expires=Thu, 24-Nov-2022 22:52:25 GMT; Max-Age=180; path=/
bonus_1478332=25390; expires=Fri, 25-Nov-2022 22:49:25 GMT; Max-Age=86400; path=/
bonus_j_1478332=1; expires=Thu, 24-Nov-2022 22:52:25 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Thu, 24 Nov 2022 22:52:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuPgUbB5gUToFUTG4lOppQoVrpZcCD%2F7yt6Vf93AlNhwtswSIoyoDKXhoCM9fBJOpERxIV0bqOruEuE9%2BusZZjcfWE9Ae5x7ms7B%2FkZiUdQRa4KKC%2Fp33%2Bs%2F8iMf2s0F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f5b2a43cd2b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&vt=-6544773174026890762&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.105200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&vt=-6544773174026890762&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3152)
Hash da78dabd4064124abb7a43b5b3fae935
6d33cec52cdbf2e2bd4b073680244522cd7c9cce
6ce96babdbcc6c1e232904085efe3a163d8f66eacf29a0a6a433e4239773468f
GET /navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&vt=-6544773174026890762&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Nov 2022 22:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2598
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-zVmETs3dqJI/UjcFX3tqXmI/AAAAAAAA0c4/QgXHGoH1x-c/s400/2013-09-16_211740.png
142.250.74.161200 OK 106 kB URL HTTP/1.1 3.bp.blogspot.com/-zVmETs3dqJI/UjcFX3tqXmI/AAAAAAAA0c4/QgXHGoH1x-c/s400/2013-09-16_211740.png
IP 142.250.74.161:0
File type PNG image data, 400 x 289, 8-bit/color RGB, non-interlaced\012- data
Size 106 kB (105666 bytes)
Hash 7774f56c232d3abf3087507c2bb313f7
624d0bfe6cc06ebdbb614ff0980d9053d36aa33f
b8cee2e8ce1bb2a185f96d800867f201128930a5bec713058bd35ac701ab78cb
GET /-zVmETs3dqJI/UjcFX3tqXmI/AAAAAAAA0c4/QgXHGoH1x-c/s400/2013-09-16_211740.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vd1d0"
Expires: Fri, 25 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2013-09-16_211740.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: fife
Content-Length: 105666
X-XSS-Protection: 0
i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
143.204.55.106200 OK 918 B URL HTTP/2 i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e16b7abd904475580b7337e9ad7c1186
0b64b294e6e44f0d6ee746f86beb996b371501da
16a6cb27477f691f335eecd30e8ad33db3265e8326d82a7bea55f8a5e65922ff
GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 918
date: Thu, 24 Nov 2022 22:49:26 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="recurso_9_1.webp"
expires: Fri, 24 Nov 2023 22:49:26 GMT
server: photobucket
x-amzn-trace-id: Root=1-637ff4f6-4ddd740c6fb585437757a3d2
x-request-id: M8vJyqkNsu6ksROYQS9Wf
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FfFYvHfGSZ1ZNrsDFVLK8mrbgKYhPB6-kP-eY6ckEd1_6UlmdzpQBQ==
vary: Accept, Origin
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash beead144ce94f591f0556269c1844db2
e5d23288dee315423c22aca7aab1fe1df3ea2028
a20643b22513cd25281e52820f4be3036a583ac39422e31e194fe7993d128e08
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 22:30:52 GMT
Expires: Thu, 01 Dec 2022 22:30:51 GMT
Etag: "e5d23288dee315423c22aca7aab1fe1df3ea2028"
Cache-Control: max-age=603084,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f5b2a5590cb523-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/shadow/flag_canada.png
172.67.69.193200 OK 886 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_canada.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dfda6415875b226812181f7ea64fcc8
6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
GET /geocompteur/shadow/flag_canada.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 07:00:43 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 56921
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyyT1VB9IjVI3TS9xEvgLxScmlYoMMK7oezj32J%2F%2FqUFoomnwn4ky4zTC0k7q4e0xSp2H0jGglW8CQpviohPHsCbmeYzlfq5298gKPCs5s%2B9VyIOnzkvd3ZAZjY1PvAU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be15b529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_united%20states.png
172.67.69.193200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20states.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03d9bb2b449e6e964d86aec6d71b6856
e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 789018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FMgoqoimmFqym0ghmSD%2FA71Z8lSUToKfVcCH76zYgzEDwHEc2st%2FWXBJ65rBszoQdKzwyhwiLk3mXM8h4cWqnEb%2BAGGag6VhpLtdBhxdLGfElsGlW4MUyW1KNJdoIqu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be12b529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
172.67.69.193200 OK 1.1 kB URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
IP 172.67.69.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0fc51517b26d444ccc31bf17fd659031
6e1b9de34f5a49e747479616aed3f2ebfabb8559
e36ce5c99fb3b9921c4681d52cffc7c083d48fb2d1a00cee52227a384e83ee68
GET /hitparade.php?pagexiti=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Thu, 24 Nov 2022 22:52:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F8j8x5stb6eO0S9jXeEZB9AtKpKVtr2GEVoV70M7ZCE5W5yOQuL1VqQFYbwWl1tihUZEyu9aHJZAZTgNknXKt0%2BnckJOgFGmwyFYtPGEQws%2FmWP8zYC3VqJiYS8dcRs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a37afcb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
172.67.69.193200 OK 940 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8719b63ac81155fd64422298ef8a8b25
c034b5869772ddf1675ebdbeb3c0d3c540738c24
b313f56a36c855a1a34a02b96910ee4307e553a28a6e52bc64e2ab1bc2cfdae5
GET /geocompteur/shadow/flag_new%20zealand.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 940
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1173
content-disposition: inline; filename="flag_new%20zealand.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 03:15:52 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 156813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sszXY5AoZFlyrpJpTdGAJwNEcdGliWwARA%2ByvFZ7ZTG%2Bf0G0waB30JBPn5XsQ9MPR2jQEUNmJIWspVBXbqLiARhbRtjn0JTMTHdrp%2FI9zWvVmk4kw2kMf3WOqJ3eyuf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be19b529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_australia.png
172.67.69.193200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_australia.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 395fda4bf932944885ae2bad6bc94cbd
56579ba3f9e670a64a59fee1079028bf5bbc33ca
6869308fc918c3d6b972eacc5900d2e17ab9740e282d5b3f214f66fbd5b1d43e
GET /geocompteur/shadow/flag_australia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 1022
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1234
content-disposition: inline; filename="flag_australia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:42:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2325987
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wGsjQJQNDf%2B6XRqkeoVaR1uVuCbfXy0ayTVmC1gwmlGZA2Z%2FL%2Bl65Jxu%2FU4TDmXzRMFWHHgSmdtWpMYKbyJEkjbzJao1XpGXXHts18cUjU%2BCN2foeC0Ug60HAUG%2Bamz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be1eb529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_romania.png
172.67.69.193200 OK 644 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_romania.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a2ef37e3cfe2119759469a219565c145
7d174bb96c9eb762a56b531e8c15a160773fe008
8f45100a446929b8ad38c886a1cc6d033a066a008f8268b6fa1ec8d3f4d74166
GET /geocompteur/shadow/flag_romania.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 644
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=842
content-disposition: inline; filename="flag_romania.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 16:05:24 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 110641
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhc4dwcH8ZW7p4e5JzDix6eARCxKs71%2FxJ6wHcjRN26vw9sqM8lO59a2fDyD5%2BAOVk%2Fh7JNVVxPQma9ry%2BR%2BqnJEOO5gaEGkKHresHvw9dUnO6Qk5p1weO0UL5HwzB8k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be26b529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_finland.png
172.67.69.193200 OK 724 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_finland.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4bb42c0a72d24163a22f5b03c19014ca
333c2b0e19045c6162ea18f96cde896e9568c965
57f34fcc77132fcdfc669956854f38ebc6089241f1d5f52d7218d06365c9e750
GET /geocompteur/shadow/flag_finland.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 724
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=899
content-disposition: inline; filename="flag_finland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:42:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2325987
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcVdVK7E1JSlHIQ1uV%2BeSi0J%2BsxvR6TE%2Bk82JqhvKO%2Bv%2FeEY0AmmlK3zzhCgH9JQjlQIcy7ZLZcVXDNpwbLu4o%2FXamv%2BLIOAulv1VrKIr1DAVpXFV5jZZdVBqKMGvyWO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be30b529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_germany.png
172.67.69.193200 OK 686 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_germany.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c667705cee250254b246ed54d521b22
ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
GET /geocompteur/shadow/flag_germany.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 26 Nov 2022 19:27:53 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2431293
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDir4IGGms9RAAvR8PP64KNWdGusLIR%2FG3CAgMaeE6I90430lJWnDNhUU280FxRLT9Db7JbuXNuhK95tQbqpPGCwV0yUkO2fKKb8sOUMwyYohAbblMyrKMJvTJtl59Uo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be2ab529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_netherlands.png
172.67.69.193200 OK 710 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_netherlands.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4d48534384964664d122ef558ebf1acd
8cbccb6b66f6161c329f9945b58e79e09640cc90
286ee399704cd53efeabbca51dfc8459fb9633265ae4e9e046610f7d61d087bb
GET /geocompteur/shadow/flag_netherlands.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 710
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=892
content-disposition: inline; filename="flag_netherlands.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 10 Dec 2022 23:05:41 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1208625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UEQtQkCTi9LGo73dBY4N5Ljg%2Fi7eY5Jl9ewkgTsWHuaLhCIoofzz7xD37f3V0iIQ7CJbtHibwDYjzXOghTrjmVMx9CH7WhT0GqswBbNO%2FRl4Yi7nXfdy9jg7Ac8ZGij"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5be2db529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.69.193200 OK 3.9 kB URL HTTP/1.1 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.69.193:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Adidas&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FAdidas
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXJhG77deCtHPI63vOk97iAlesCNdR%2FGvi4fxcpmBLAakfEm9hg1XWdvy8r05CX3Iw%2F1iFtkTCQPkfFjAUjhLZ9YfWMZX0SZuWZDS85xDQL4BKFqv1TZEoWAeLwB6Q2n"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f5b2a5de70b512-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 26 Nov 2022 22:49:26 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 2.2 kB URL HTTP/2 bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
Hash e3052d6939266c4bccffef1c8b30f3f9
3444ec68fdf24ec36aed91dc19158fb4b33e9724
97c22c17d1e3f181db25ca33a36f20f3300f6df0efa622b863cb56a1cb3ea3e2
GET /5/3294720/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: application/json
x-trace-id: 47ce994e22569e01a5a111f6b542a41f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://indahjiwadanrupa.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=d1f4d4a0e6e84c6cac620749a7391b43; expires=Fri, 24 Nov 2023 22:49:26 GMT; path=/; secure; SameSite=None
oaidts=1669330166; expires=Fri, 24 Nov 2023 22:49:26 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
172.67.69.193200 OK 814 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ec4b0c854ec18061c7bafbe9ac9d1c3b
77c850ef6479e29a631dba64d06ccc1eefb1adc6
48f6236fb62cb417c5d00552052f378bfd1a82ca9f21f341c69390fd346fd439
GET /geocompteur/shadow/flag_korea,%20republic%20of.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 814
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1163
content-disposition: inline; filename="flag_korea,%20republic%20of.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:21:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 649646
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QWWTsc4PKubUwXfcKEqfD3kcj3qvbEyKCHipDzytVIQdUPDx6%2B2873j4usxDjysNuM4%2BOCJ3S%2FF5jCgI7avGfIYiCh%2BcX3Qt8z1LEqXTU6nvt26aoXFPAaEQnpccfbN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5de57b529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
172.67.69.193200 OK 680 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 852881aef6d6a8bca3123c3201f64c74
0e5ef2c61383bb79c8a6ea068d9a688631d844fa
41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:43:35 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2325950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAxE8B3fQG7P%2FNy2Zl5RWqjnbt8W%2FzuBpkSukJDm17KM6z0L4SHIhKsUOYgBFf4WbSzw4SFimsSQXuimF8jFEpkvPZwAne6RmajCvB8f2sCjvDT0QGKf4p1PgpOZxOGZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5de59b529-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=22x49x26&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/
143.204.46.236302 Found 156 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=22x49x26&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/
IP 143.204.46.236:0
File type HTML document, ASCII text
Hash 166755d57258b928447dd02f6a22f938
710decf5a99c2a33f3f3bbd0eca24d218d1a5500
22db54a64202d5a0d09b6467b7f7aee963f0d355e44d72d279b7f56cfb86967b
GET /hit.xiti?s=281802&p=geocity_blue2&hl=22x49x26&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/ HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 156
date: Thu, 24 Nov 2022 22:49:26 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_blue2&hl=22x49x26&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=17DC7D62-5121-4E1D-A991-7F81622FAE0B; Path=/; Domain=xiti.com; Expires=Sun, 24 Dec 2023 22:49:26 GMT; HttpOnly
atidx=17DC7D62-5121-4E1D-A991-7F81622FAE0B; Path=/; Domain=xiti.com; Expires=Sun, 24 Dec 2023 22:49:26 GMT; HttpOnly; Secure
atid=17DC7D62-5121-4E1D-A991-7F81622FAE0B; Path=/; Domain=xiti.com; Expires=Sun, 24 Dec 2023 22:49:26 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PjFZjcdOBUiDRlpRjhCHFCQvtWcnGVhtNxb07umGStWNXphnsjbVpQ==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash bda3f7eeea4a9dfcce61ac9108fa97c0
e8a72786813eca8979622c996ce53932a42fa4be
f012c97d14d02e7ccb59053aeeff3bd5ebc64aa28dc8eb579751315d5fbdb47a
GET /gtag/js?id=G-RP7FMTL79Y HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 22:49:26 GMT
expires: Thu, 24 Nov 2022 22:49:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 04eec1a04b944c17505e5a88eea96d39
18c8e7be7057b2c55d4212aa768db895413ff42b
70d0470087f7acef8faf9def1b2899fa216ca39e9f6b080c6329b3c0675ddc04
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 18:31:18 GMT
Expires: Tue, 29 Nov 2022 18:31:17 GMT
Etag: "18c8e7be7057b2c55d4212aa768db895413ff42b"
Cache-Control: max-age=415910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f5b2a61a27b523-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 919 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 8184d8a608ab097ce374e7864297b90a
8a8a4e653e8cb534176a0b3ec6503eac0c66250a
b60f3ec284498d436f061de20c97dd7f8c50c3c35541a7df795d0cea807139d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5832
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Last-Modified: Thu, 24 Nov 2022 21:12:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=22x49x26&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
143.204.46.236200 OK 373 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=22x49x26&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
IP 143.204.46.236:0
File type GIF image data, version 89a, 39 x 25\012- data
Hash 29cb2a1e585dff1f4282449fdbbab2d7
075d147195f9dba1862a6f3990d219d7c4389225
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
GET /hit.xiti?s=281802&p=geocity_blue2&hl=22x49x26&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 373
date: Thu, 24 Nov 2022 22:49:26 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vojlu1bOrGzGkmioKpv3VzoQmkk_pxOjU4mtAp7FHWv-ZXXS-HiGzw==
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/earth_blue2.png
172.67.69.193200 OK 2.6 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/earth_blue2.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 35ef26dc64d2a2d57e62bef7f3c6f8c3
d8bd4c88f74912e188cb4e2ccc5ed53ecd36591c
2ab4d3f5ec0ee2c160aab1838975a7c7cd89e6adee9d7af72fc5f2f9d898317a
GET /geocompteur/img/tmp/earth_blue2.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/webp
content-length: 2596
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3258
content-disposition: inline; filename="earth_blue2.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:15:30 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2035
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o14kFTPjfyS9jPWIbG18DLNwyTP0Xw4Q7ImmGkHa3AkKIeeSOZa6w93XYKJO3JG77Xx0O7%2F8IWK4%2BiQHymFnK9RsRTsqPJKUkkhjiruaCe%2FmGy8jrDjsz14UbvYb%2F8%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a6df97b529-OSL
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 5.5 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 8149cebd1fc553f016a0ee52dd4c677f
e091240fd66b5de1799c5b55f66dbf0d1077b1ac
a59c9aa3b3046baec8c322632aac7c5ef95bc0439c5953ecdcbc57690e03c9df
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCTellctMJGX7HZ6tJa8CASHPlDZKguaaIg703iMzmBi%2B8HrgNAnm203yODU4mxa9FHk%2FhGGdCtxRSRIYyZb0mq7cSf48PJTlF6gtSuUcvhqvtFeKT%2FID21rF5bB%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5b2a6bfb80b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a5c1b54daca67c400e76b7224ae5521
2583cebe55e8d1bfe6c921d595d8d36cf480ff2f
941e5441730c4558040e0decdec018ff15dad6abc6be4858c6417f2e941dbcbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "941E5441730C4558040E0DECDEC018FF15DAD6ABC6BE4858C6417F2E941DBCBD"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17896
Expires: Fri, 25 Nov 2022 03:47:42 GMT
Date: Thu, 24 Nov 2022 22:49:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/shadow/flag_jordan.png
172.67.69.193200 OK 1.1 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_jordan.png
IP 172.67.69.193:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b4a351c8b73da8314a09e107aa23578b
b9a222b3aeb6768ad31f8b4a05edd59b517ea8ce
4f913903da465b7f77fbd49f5a81f80d33907f0798b57638935a1fe22150ad89
GET /geocompteur/shadow/flag_jordan.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/png
content-length: 1070
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:49:25 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlTho1G2Agy%2Bgqf0u6gURep%2FjFrTznL3zjbpAPk5ZYwjeJBynJ%2Fk5%2FOtcik5%2FH3qKLLdsqO0mZD0vyNaYu9YRLWAKBTKackrne%2BLqDvd7rxZS%2B9iaxg8pN68a0troCRh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5b2a5de4ab529-OSL
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
216.58.207.234200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:17:21 GMT
expires: Thu, 23 Nov 2023 14:17:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 117125
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.widgeo.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 61595
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_slovakia.png
172.67.69.193200 OK 1.1 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_slovakia.png
IP 172.67.69.193:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash fa2f268db422821d9df486fbe709125d
a39032e4cdd17bf468333d19d018405f79fcaa11
fcda6b73cb5184f73fa3921c8f77cde0314463eb1881b621b4c6ac09eb25182b
GET /geocompteur/shadow/flag_slovakia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: image/png
content-length: 1065
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:49:25 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOoa%2FaHykwkPjwl1slQ%2BLjofqPw9SPhkSR5CQB9D5OCnciiNy37zE74VoP1PJTwY5Haj0FRrU2JNMz259h91xdp%2FwmOdCNZeduOjRJ8CXIZFOxNO0foaw0gUfdg6dE03"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5b2a5ee63b529-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
172.67.69.193200 OK 1.8 kB URL HTTP/2 www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
IP 172.67.69.193:0
Hash 3b8d0b7d94a1df0f4e9d93c131694e07
37b002c04b3cd3bd653f1dc6df694010ea08761b
af46faa9273e72620b8040608775acab593265853cf837cda16e234af30f1d07
GET /geocompteur/css/city_css.php?c=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 22:49:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcKnAz4Qxg52Nr55CdPZpZOmU%2BLCYYuex1knNoENrdlxxa1KDdo8LIATRLerEGo%2B%2BnNLSqM9HUTSZ%2BcXJU5YoFXFgTjzG31VmBrrrRFltkHadhFy2XRyZrW0UDaqY%2Bhr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5ae09b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.exactseek.com/images/exactbutton1.gif
70.35.204.181200 OK 3.5 kB URL HTTP/1.1 www.exactseek.com/images/exactbutton1.gif
IP 70.35.204.181:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash fcca6f86d560ed5a0707708d4c82fec1
531a5a8c0e53c3d2021007b88c045d8c6618a07e
80caea32c373db145d7cc840e333eacd1459c30f815027d185030b45ca7182fb
GET /images/exactbutton1.gif HTTP/1.1
Host: www.exactseek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 16 Apr 2012 18:53:03 GMT
ETag: "dcd-4bdd054f481c0"
Accept-Ranges: bytes
Content-Length: 3533
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
96.30.9.108200 OK 1.3 kB URL HTTP/2 checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
IP 96.30.9.108:0
File type GIF image data, version 89a, 180 x 60\012- data
Hash 785039293e19a0f0a0db1231b9704b67
8c2f91b1a33a4f266f23f06b7dfa8ab4a431a400
118d4625d63c95ff6bdbf63452619f02b738a2055c5ee4ba986d114ad0d007ab
GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1
Host: checkpagerank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=2592000
expires: Sat, 24 Dec 2022 22:49:26 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1278
content-type: image/gif
date: Thu, 24 Nov 2022 22:49:26 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d671eeaa144abcd68a7fa391420b864c
5ee007afb6ab9f83df18cfb33c6297d633e917ab
62ce03a659aac726ba003462fdc2b8e175f834f00aa3d7c55b7cc2d33b530954
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 574
Cache-Control: max-age=113234
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:49:27 GMT
Etag: "637f0a0b-116"
Expires: Sat, 26 Nov 2022 06:16:41 GMT
Last-Modified: Thu, 24 Nov 2022 06:07:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
onmarshtompor.com/?rb=SUsbXjHZwMxlk3v4a4ZBqrZD8hclJRcYFag9wRFrm2wVjpN4nx9ZyN7DuRjGW_OV6Jb0lVlF3AscBKhmmfJuIT9mg4LMpNhXfHrJ7EvGNdaUaRAYMynTCX905Z13athPxeROsLNvEF23El6JhPvXJz2eU46RVwTVRGSx1mlIggRU6Ww5TvXro_0S_iiAZKaHRPOxdxXbN_nZV0959BalQsFr1is9-OVbZvlLB9cOOtpZlUnd8ak3WBtxReqVswGd0xYy1g%3D%3D&request_ab2=96001&zoneid=3294720&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FAdidas%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=719c4f6e-97b8-43cd-8650-25ca6a0ff1d4&userId=d1f4d4a0e6e84c6cac620749a7391b43&m=link
139.45.197.243200 OK 2.0 kB URL HTTP/1.1 onmarshtompor.com/?rb=SUsbXjHZwMxlk3v4a4ZBqrZD8hclJRcYFag9wRFrm2wVjpN4nx9ZyN7DuRjGW_OV6Jb0lVlF3AscBKhmmfJuIT9mg4LMpNhXfHrJ7EvGNdaUaRAYMynTCX905Z13athPxeROsLNvEF23El6JhPvXJz2eU46RVwTVRGSx1mlIggRU6Ww5TvXro_0S_iiAZKaHRPOxdxXbN_nZV0959BalQsFr1is9-OVbZvlLB9cOOtpZlUnd8ak3WBtxReqVswGd0xYy1g%3D%3D&request_ab2=96001&zoneid=3294720&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FAdidas%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=719c4f6e-97b8-43cd-8650-25ca6a0ff1d4&userId=d1f4d4a0e6e84c6cac620749a7391b43&m=link
IP 139.45.197.243:0
File type JSON data\012- , ASCII text, with very long lines (2597), with no line terminators
Hash ff87ea9c4b7811d74d75d8b099bb0762
e609f827218652d08d044d6c98e459fd75b894f0
d84d3f5586c98c78169c20d00a7a25e9231eba646f607ac60e82a4fcd0b8c0c8
GET /?rb=SUsbXjHZwMxlk3v4a4ZBqrZD8hclJRcYFag9wRFrm2wVjpN4nx9ZyN7DuRjGW_OV6Jb0lVlF3AscBKhmmfJuIT9mg4LMpNhXfHrJ7EvGNdaUaRAYMynTCX905Z13athPxeROsLNvEF23El6JhPvXJz2eU46RVwTVRGSx1mlIggRU6Ww5TvXro_0S_iiAZKaHRPOxdxXbN_nZV0959BalQsFr1is9-OVbZvlLB9cOOtpZlUnd8ak3WBtxReqVswGd0xYy1g%3D%3D&request_ab2=96001&zoneid=3294720&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FAdidas%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=719c4f6e-97b8-43cd-8650-25ca6a0ff1d4&userId=d1f4d4a0e6e84c6cac620749a7391b43&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://indahjiwadanrupa.blogspot.com/
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 22:49:27 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 29220c6c9d549fb48e320415988760b6
Access-Control-Allow-Origin: http://indahjiwadanrupa.blogspot.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=d1f4d4a0e6e84c6cac620749a7391b43; expires=Fri, 24 Nov 2023 22:49:27 GMT; path=/
oaidts=1669330167; expires=Fri, 24 Nov 2023 22:49:27 GMT; path=/
syncedCookie=true; expires=Thu, 01 Dec 2022 22:49:27 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
www.widgeo.net/geocompteur/img/tmp/geocity_blue2.png
172.67.69.193200 OK 16 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/geocity_blue2.png
IP 172.67.69.193:0
File type PNG image data, 164 x 397, 8-bit colormap, non-interlaced\012- data
Hash 2668beaab1a3c3db80567c42789dd151
bcdca9d7bc53de89be506ff93f65fd648f071982
cbb0814ce5c62d7cb2f93f88c3803128b6b724e777bb8bc641af67ae546d8a99
GET /geocompteur/img/tmp/geocity_blue2.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:27 GMT
content-type: image/png
content-length: 16354
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:49:25 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plRBBldMzt69uBabg39Z1ZNxBTCoW1OD4InpHZd0cgbfeM1sjhzR6evaeFlIDtsjk6%2BHRxe5umReNNwKz5z6OC5MFWIaeN7uu3F6jPVPcXxTNNajQiT9lPNEy6sS0kWa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5b2a6ef9cb529-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ba98650cceb17a47ac0f34de3c3c2574
78e21c7a408c8ef34065defa22dbcb926f562d9b
8a311b1ba0b977b6b27fd02043471f29e6608bbe3c2cabe904b09f5f04510d98
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=354827,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f5b2a80cb9b523-OSL
www.widgeo.net/geocompteur/geowidget_js.js
172.67.69.193200 OK 466 B URL HTTP/2 www.widgeo.net/geocompteur/geowidget_js.js
IP 172.67.69.193:0
File type ASCII text, with very long lines (866)
Hash a676c5a340143f818f708afe8d12fc7c
ed9c2f4177fbdbbac6548a5a0a07a372c41f8b81
d8cbab2d3bd05d6def8a95cc2a512caf89c93694a15e830a93a9a6ce85f2f23c
GET /geocompteur/geowidget_js.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2217
cache-control: public, max-age=604800
expires: Tue, 29 Nov 2022 12:50:42 GMT
last-modified: Thu, 13 Feb 2020 12:35:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 208723
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHg1vgMBnrkXfTrRvTXxOpuCa6e7%2B0cCz88cuZo4nYaNyXkKL7nYDoZzZctPpIomsEJIErxWusps8EfQT%2BRezPlcmWvh%2FmCN7MLlMFgIpS9naw02NQzzoHh10TqcxiGp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a6efb0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 22:49:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 22:49:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 22:49:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 22:49:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 22:49:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d43ec6824d4fdc4d31b8c245bf8c5849
81f85633fca39972d8e0bf9a4ec7cd999e54564f
b0e521b23879af86102f46a9ec412faf6345df31a97a7b58880f63f81fdcd0c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7900
x-amzn-requestid: a9d184b1-3b4a-4ca6-9ad2-ce3aac10f422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB91H2IIAMFjGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38b-5732361f36c023c22c922ee9;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRreyOCHys8rW4UWA3JSMhtOiiltT6ULxxgi9aLM7sw07UruCXgPkQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:13:14 GMT
age: 2173
etag: "81f85633fca39972d8e0bf9a4ec7cd999e54564f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05a92b9f554600c920e8b772eb16ee75
7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NCCF79BaJkG2j75ihGL9jd3gEE4zajsC9vmEKMmk9u7-wm2s5u4mVQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:22:08 GMT
age: 66439
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 19920
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f65dfa986cf95e8fb459778b945c59
29edd439b6e7894bc4771fc655a50d926f349a08
c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 96e5c00c-1565-4e9f-aa5b-6da99785a03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsokHSgoAMF_RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e36-547f241a67f3703958f2eade;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:16:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KDIu_SbDdEi4ynoXJsXclQJmaAse8FTkyZdGCzmv0Pvgj3C0bus8XQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 03:59:13 GMT
age: 67814
etag: "29edd439b6e7894bc4771fc655a50d926f349a08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 63899
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 14277
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
indahjiwadanrupa.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 indahjiwadanrupa.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/search/label/Adidas
Cookie: ck_TCM_pop=1; prefetchAd_3294720=true
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Thu, 24 Nov 2022 22:49:30 GMT
Date: Thu, 24 Nov 2022 22:49:30 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 22 Nov 2022 15:14:41 GMT
ETag: W/"ecbad70b21d766f29b6cf283af936d9cabbba864bb23876d2055a88b5952c74b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
103.224.212.222404 Not Found 196 B URL HTTP/1.1 magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
IP 103.224.212.222:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Malware
GET /FCUCOMMUNITY/fcuwidget.js HTTP/1.1
Host: magazine.sepakuhosting.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Date: Thu, 24 Nov 2022 22:49:31 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d626aa115a0ebfee553cb00cc5c88be0
126992c1446938166383701607a4cc500ceaf69c
0158847b7f5870c78438d36035ed9be7e49f3fca5df5b65d0451fcb78f73fa51
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 09:44:16 GMT
Expires: Thu, 01 Dec 2022 09:44:15 GMT
Etag: "126992c1446938166383701607a4cc500ceaf69c"
Cache-Control: max-age=557082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f5b2c32888b523-OSL
www.freewebsubmission.com/images/fwsbutton10.gif
74.208.47.213200 OK 2.2 kB URL HTTP/1.1 www.freewebsubmission.com/images/fwsbutton10.gif
IP 74.208.47.213:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash 6016bc8360a0f80b057623864a01c8b6
8136988f2c9a449b037363fc5bddce38963e4a88
198588f87288e60355833b7bba5b39721295f176889164613076722106359629
GET /images/fwsbutton10.gif HTTP/1.1
Host: www.freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:49:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 21 Apr 2020 21:52:19 GMT
ETag: "8b5-5a3d40794a733"
Accept-Ranges: bytes
Content-Length: 2229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
www.salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1
111.90.135.111301 Moved Permanently 0 B URL HTTP/1.1 www.salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1
IP 111.90.135.111:0
ASN #45839 Shinjiru Technology Sdn Bhd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1 HTTP/1.1
Host: www.salam.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
set-cookie: wpzerospam_ip_checked=91.90.42.154; path=/
wpzerospam_has_access=1; path=/
wpzerospam_access_checked=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_cached=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_blacklist_api=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_attempts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
content-length: 0
date: Thu, 24 Nov 2022 22:49:31 GMT
server: LiteSpeed
salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
111.90.135.111404 Not Found 7.2 kB URL HTTP/1.1 salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
IP 111.90.135.111:0
ASN #45839 Shinjiru Technology Sdn Bhd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash 68cbbe29d7fb307bb0a7f00b11330de7
79b7ff33443a063ed829c6ba1ea84d06f53f992c
6182611bc80d5d55603a01861f80f663f680c0382d6720983e7a9649fe42ac9d
GET /widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1 HTTP/1.1
Host: salam.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
set-cookie: wpzerospam_ip_checked=91.90.42.154; path=/
wpzerospam_has_access=1; path=/
wpzerospam_access_checked=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_cached=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_blacklist_api=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_attempts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <http://salam.my/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 24 Nov 2022 22:49:32 GMT
server: LiteSpeed
www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
172.67.131.238403 Forbidden 4.2 kB URL HTTP/1.1 www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
IP 172.67.131.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1049)
Hash a16e8ac993cc00a1b0cd1f2053d50948
d0774abb20d3298ff0e62111f2f4573614da8eb9
47fcee62cfac33f347774d394d20a59e63a456cffa59283569e7580cea4b4bfe
GET /widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3 HTTP/1.1
Host: www.apesal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Thu, 24 Nov 2022 22:49:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz6adP3owW9qV9H9KlWLSLiHDEW7rzdzTUzqwWrJxvgsohEE%2Bjsd%2BfjbT0RQDSGsD98ZE%2BZdlRqaNEAfSbo5KKuMx00wvlrPnW1dyGvHNG7weRQkn9BVmBt%2BwbLxedm%2BWw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f5b2ceafd61bfa-OSL
Content-Encoding: gzip
inklinkor.com/tag.min.js
104.21.91.63200 OK 0 B IP 104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 5df613ad8aef091f343d8f1dfa071959
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:06:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 25 Nov 2022 21:37:01 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4345
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Of%2FvWQXRw7%2FNTF3c31XO4npAb%2F3emFl52MGNcj%2Fmw0sXLsIRhuCf5CJYFjMfrjkYGWF9eR6bE0RCuPcn6%2FPVjYu8OZN%2FrYicMtk%2BSnm244obluFRQrs%2B9BuLOsuA4SJs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5b2a38b3db4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.widgeo.net/tcm.js
172.67.69.193200 OK 0 B IP 172.67.69.193:0
GET /tcm.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:26 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 04:47:23 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 496922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGSlT5ctPAaInwRSvuBHXoB9TaweWzizeLB1AbAFOYalXwIlzRF9iX%2FWTg0%2BJzPmGErdCVtRatDw8YteY8SRIa7z05FTL1n%2FPKRfHtzpt%2FWDZv44MtmhAWit2hX0ft3i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a53d8ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
babab.net/banner.jpg
104.21.18.241200 OK 0 B IP 104.21.18.241:0
GET /banner.jpg HTTP/1.1
Host: babab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:49:27 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.3.3
set-cookie: PHPSESSID=6pemh37l72h89c4s8cjah97gm5; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWuoLwyQ1am%2BChMVPjcNyG1ZRQfC%2FxhJ88pf2i0fENwET5Ya83jy4vOP93BynXrUinAIXU2jJGS7t%2B%2BrmtExv7Qe3sO5mYTMRkEl%2BncqTZVR6pZYuDpU2u2dBhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5b2a5f9021c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2