firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 19:10:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sW4LZgu_O_j1okC_n-sH4fDW9hKYT7t0Ij8EPq4iwreyusv_H01Qbg==
Age: 868
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9242
Expires: Thu, 15 Sep 2022 21:59:02 GMT
Date: Thu, 15 Sep 2022 19:25:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TEUhtEGIpZU-fSInJsUPZFvlc8NahpMxk_F5iLwQP1A28Mc9AGXl5g==
age: 53385
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 19:25:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
berbagimod.blogspot.com/2015/03/resident-evil-revelations-2-episode-3.html
142.250.74.161200 OK 32 kB URL HTTP/1.1 berbagimod.blogspot.com/2015/03/resident-evil-revelations-2-episode-3.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8907)
Hash c07979df04541be10c0e75e9cf544bd6
f3c38f3527de84f6fd032bdd2f1a62fb78dd426b
45a163dc6a05e43dc25d1d14ee3124b2814c1f4dcf3644584e7fe994dfc699e0
Analyzer Verdict Alert fortinet Phishing
GET /2015/03/resident-evil-revelations-2-episode-3.html HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga=GA1.3.1505509798.1663258456; _gid=GA1.3.108288831.1663258456; HstCfa2653523=1663258457344; HstCla2653523=1663266491243; HstCmu2653523=1663258457344; HstPn2653523=1; HstPt2653523=3; HstCnv2653523=2; HstCns2653523=3; __auc=c94a9f5a18341edf61d15352edb; a=hfhSt8AEOJnnmeeFUVNeST1uZDFESxh3; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYyNPaQFjI27LgAGBAsAAIK7A00jrQye6qAHToP_hO5zfzUTVRZRFUoF4Jea6TAhSwQBIMEYCIQD8_lSI7Xaxr8Vfv0UrfcTxcmx0FY9DlStPyBEeGTGmBAIhAJ9IBPcIKja9HyInkcwS6rIJwDAzGoKSeOiYDqSFqbRQ
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 15 Sep 2022 19:25:00 GMT
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 18 Aug 2022 14:59:56 GMT
ETag: W/"98611d158895985a4f2ec83cbd14cdb5aea689a7b34ba70cf2a52083af239f73"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 32382
Server: GSE
ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
216.58.211.10200 OK 20 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (39660)
Hash 6ad9e9100f68042a634e403e56e3744a
3d148af6eb9f86b03d5a815f4fb3a49c7b2df356
72bbdea3217793991ab87a6c7cb165d267551810d3d88b5fd2fd489748d04b7a
GET /ajax/libs/jquery/1.3.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 19926
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 12:59:38 GMT
Expires: Fri, 15 Sep 2023 12:59:38 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 23122
cdn.popcash.net/pop.js
151.139.128.11200 OK 38 kB IP 151.139.128.11:0
File type ASCII text, with very long lines (65390)
Hash 98cfe0446b61a1f2a2df62468da0202c
156362703ec16548fe52ef46832fdad94d493463
903349d17d20a9010f59b6feed6519fda179cf5606bbde8abcd58db81525b527
Analyzer Verdict Alert fortinet Malware
GET /pop.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:00 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Last-Modified: Tue, 05 Jul 2022 13:28:20 GMT
Accept-Ranges: bytes
ETag: W/"62c43c74-1f3e1"
Cache-Control: max-age=2592000, public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gz%2FvP%2FMAOB1B1hPF5JM%2FdNSw7gTZzm4Ex4RL9VdVx04P6KcfVp1GFTdKoOhCmRBBZKjXpTn6Fapgxyz64Y9KhqXNKoNe7V7Mq9D4cJLbvxIkJr%2B8cQq4Co3fFE%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 72a482ec1ea67363-CPH
Vary: Accept-Encoding
X-HW: 1663269900.cds009.sk1.h2,1663269900.cds216.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 38289
fonts.googleapis.com/css?family=Oswald
142.250.74.10200 OK 495 B URL HTTP/1.1 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.10:0
Hash a4a32d3d207b2c021587e24e97d9a668
7eba49938cae3f0f1a7204f8ea5c1e24c21397df
2b5c3cdc80fd6a3c61185c1667e7a0fef0d1ce49066bafe2da8cdeba79301933
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 15 Sep 2022 19:25:00 GMT
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Droid+Sans:regular,bold
142.250.74.10200 OK 304 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Sans:regular,bold
IP 142.250.74.10:0
Hash 37bd97ab5d600328cee799bbc856e70f
b81303809a55a104a709773e53737aedcaec1f44
37d6bf70e3ca3db4fc2d0ce9c7f364c91fdf3d8a5ff2bb17d5d7a94d3b63e64e
GET /css?family=Droid+Sans:regular,bold HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 15 Sep 2022 19:25:00 GMT
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js
216.58.211.10200 OK 52 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (64651)
Hash 3f52ab6e6343ddcd0f9b5365f87875bd
471c32e514c2f2dfe4bb5197738008f62bece4a4
b0e3e00251e47680e3ed06c26d3cca79943d3158ffd0c7474e5f327c629aac8b
GET /ajax/libs/jqueryui/1.8.23/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 51646
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 12 Sep 2022 08:54:52 GMT
Expires: Tue, 12 Sep 2023 08:54:52 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 297008
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee256b7ce0ba8310b3bbe239218b7a69
f14ff579194c66806637e7054eb4a59bc9bb4893
45a741224496e9f3c0abf3f3fb12e445054a92bf040a68c8838aec67d0f0131c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
berbagimod.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 berbagimod.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2015/03/resident-evil-revelations-2-episode-3.html
Cookie: _ga=GA1.3.1505509798.1663258456; _gid=GA1.3.108288831.1663258456; HstCfa2653523=1663258457344; HstCla2653523=1663266491243; HstCmu2653523=1663258457344; HstPn2653523=1; HstPt2653523=3; HstCnv2653523=2; HstCns2653523=3; __auc=c94a9f5a18341edf61d15352edb; a=hfhSt8AEOJnnmeeFUVNeST1uZDFESxh3; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYyNPaQFjI27LgAGBAsAAIK7A00jrQye6qAHToP_hO5zfzUTVRZRFUoF4Jea6TAhSwQBIMEYCIQD8_lSI7Xaxr8Vfv0UrfcTxcmx0FY9DlStPyBEeGTGmBAIhAJ9IBPcIKja9HyInkcwS6rIJwDAzGoKSeOiYDqSFqbRQ
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:39 GMT
Expires: Thu, 22 Sep 2022 15:41:39 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 15 Sep 2022 13:53:40 GMT
Content-Type: text/javascript
Age: 13401
images.dmca.com/Badges/DMCABadgeHelper.min.js
151.139.242.29200 OK 280 B URL HTTP/1.1 images.dmca.com/Badges/DMCABadgeHelper.min.js
IP 151.139.242.29:0
Hash 676eb336bf17b6d9ba8106a096fdd587
22d3b0769cd5aa177e723be2456b32509914fa7d
9e9dc74a53c9a60256b8d4db5b26d02599cea75d3d00e02f16bef59169477a69
GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:24:56 GMT
Cache-Control: max-age=2592000
ETag: "26b181f16d28d51:0"
Last-Modified: Fri, 21 Jun 2019 20:14:34 GMT
X-Powered-By: ASP.NET
Server: NetDNA-cache/2.2
Expires: Sat, 15 Oct 2022 19:24:56 GMT
Access-Control-Allow-Origin: *
Link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes
Content-Length: 280
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
216.58.211.10200 OK 32 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
IP 216.58.211.10:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Hash 34fb740c21fb2f4be218932988fe68f2
2e2ee722aa0902a96a2ed3bd1f51ab762b666b9f
9e0ec1faab0c671db34a814b74946659d86ec455b89b4efd638806a146cfa51a
GET /ajax/libs/jquery/1.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32124
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Sep 2022 12:14:12 GMT
Expires: Sat, 09 Sep 2023 12:14:12 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 544248
yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 15 Sep 2022 19:25:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /banner.php?pub=597677§ion=General&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 15 Sep 2022 19:25:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee256b7ce0ba8310b3bbe239218b7a69
f14ff579194c66806637e7054eb4a59bc9bb4893
45a741224496e9f3c0abf3f3fb12e445054a92bf040a68c8838aec67d0f0131c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
216.58.211.10200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
IP 216.58.211.10:0
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash b582b2eca79a750948dbb3777aeaaadb
bf0ea1c8a7b4a55779cbb3df1f1d75cc19910e9f
04c7f19e1ae294cc641f6c497653b5c13c41b258559f5f05b790032ccca16c82
GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 16:27:21 GMT
expires: Thu, 14 Sep 2023 16:27:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 97059
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adf.ly/static/js/entry_scriptV1.2.js
104.20.66.244200 OK 1.2 kB URL HTTP/1.1 cdn.adf.ly/static/js/entry_scriptV1.2.js
IP 104.20.66.244:0
Hash dca13e3981956c6777a8a573c7c3065a
40aad944b1739a7f7224ac22525d202176147b91
4b1ac63e91a68d26abdb1bc99b87b7b06b73ff40b67109a474fb24e5b4bb9a41
GET /static/js/entry_scriptV1.2.js HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:00 GMT
Content-Type: application/x-javascript
Content-Length: 1157
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 19:11:50 GMT
last-modified: Thu, 15 Sep 2022 00:59:02 GMT
etag: "ef4-632278d6-74b1b2ba01f2be4f;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 790
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74b3beef3f6db50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.yu0123456.com/show.php?nid=5&pid=56383&adtype=&sid=97705
94.229.72.125200 OK 503 B URL HTTP/1.1 a.yu0123456.com/show.php?nid=5&pid=56383&adtype=&sid=97705
IP 94.229.72.125:0
ASN #42831 UK Dedicated Servers Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (503), with no line terminators
Hash 61f40dc55f2c897d295af7b7bf0e05f2
1265bed18b864a0b015ba0f882e0af09412926e2
d7fbae42b48c893a41d69e7ad3bbd57bf607bab655c95edaf89a04be8739274d
GET /show.php?nid=5&pid=56383&adtype=&sid=97705 HTTP/1.1
Host: a.yu0123456.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 503
content-type: text/html; charset=utf-8
date: Thu, 15 Sep 2022 19:24:59 GMT
server: nginx
set-cookie: sid=1775d188-352c-11ed-825e-2daacdbed4f3; path=/; domain=.yu0123456.com; expires=Tue, 03 Oct 2090 22:39:07 GMT; max-age=2147483647; HttpOnly
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20006
Date: Thu, 15 Sep 2022 18:20:39 GMT
Expires: Thu, 15 Sep 2022 20:20:39 GMT
Cache-Control: public, max-age=7200
Age: 3861
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=6e9c590c-126d-4d99-bdac-24861844c297
151.139.242.29200 OK 2.1 kB URL HTTP/1.1 images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=6e9c590c-126d-4d99-bdac-24861844c297
IP 151.139.242.29:0
File type PNG image data, 121 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash a9508f06eb375d4fd4f796dd1ea341c1
4a640684db5bd5bfa8832aa7b42c0ea08d5dab6d
619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94
GET /Badges/dmca_protected_sml_120l.png?ID=6e9c590c-126d-4d99-bdac-24861844c297 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:24:17 GMT
Cache-Control: max-age=2592000
ETag: "26b76633e0ebca1:0"
Last-Modified: Tue, 04 May 2010 23:19:10 GMT
X-Powered-By: ASP.NET
Server: NetDNA-cache/2.2
Expires: Sat, 15 Oct 2022 19:24:17 GMT
Access-Control-Allow-Origin: *
Link: <http://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120l.png>; rel="canonical"
Content-Type: image/png
Content-Length: 2122
X-Cache: HIT
Accept-Ranges: bytes
Connection: keep-alive
3.bp.blogspot.com/-gwsFvgzCBDE/UC5jBenZUoI/AAAAAAAACLU/xlY3lJEl2IY/s1600/PhoXo2.png
142.250.74.161200 OK 1.6 kB URL HTTP/1.1 3.bp.blogspot.com/-gwsFvgzCBDE/UC5jBenZUoI/AAAAAAAACLU/xlY3lJEl2IY/s1600/PhoXo2.png
IP 142.250.74.161:0
File type PNG image data, 100 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash fdb7528e7ccebcfe1daea52aa0195bd6
caa9b43d3056743538e12cb11a7320f9216712ea
08ee145d75eed8be290285f1a8b9fd40b9b8dc029ad10cc6283945b536270506
GET /-gwsFvgzCBDE/UC5jBenZUoI/AAAAAAAACLU/xlY3lJEl2IY/s1600/PhoXo2.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="PhoXo2.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1610
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 19:25:00 GMT
Expires: Fri, 02 Sep 2022 14:21:17 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8b5"
Content-Type: image/png
Age: 0
3.bp.blogspot.com/-rxhREBeAjpQ/Uy2GptnCWCI/AAAAAAAABCA/795PWQPE0ok/w72-h72-p-k-no-nu/%25D0%2591%25D0%25B5%25D0%25B7%25D0%25B8%25D0%25BC%25D0%25B5%25D0%25BD%25D0%25B8-1.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/1.1 3.bp.blogspot.com/-rxhREBeAjpQ/Uy2GptnCWCI/AAAAAAAABCA/795PWQPE0ok/w72-h72-p-k-no-nu/%25D0%2591%25D0%25B5%25D0%25B7%25D0%25B8%25D0%25BC%25D0%25B5%25D0%25BD%25D0%25B8-1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1ffef2077644e1e835770fa66920b0f4
7bebf774866c47f8a78c555b76f590cde4571c38
793f21de74e436992c396630fb64a0dd80c82b9e707c659c2e40670773ebe8f7
GET /-rxhREBeAjpQ/Uy2GptnCWCI/AAAAAAAABCA/795PWQPE0ok/w72-h72-p-k-no-nu/%25D0%2591%25D0%25B5%25D0%25B7%25D0%25B8%25D0%25BC%25D0%25B5%25D0%25BD%25D0%25B8-1.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="________-1.jpg";filename*=UTF-8''%D0%91%D0%B5%D0%B7%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8-1.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4490
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v420"
Content-Type: image/jpeg
Age: 13400
3.bp.blogspot.com/-_Rj6DV70WnQ/UtPpcN300_I/AAAAAAAAAaE/_1dcTpJD7ew/w72-h72-p-k-no-nu/Screenshot_2.jpg
142.250.74.161200 OK 2.8 kB URL HTTP/1.1 3.bp.blogspot.com/-_Rj6DV70WnQ/UtPpcN300_I/AAAAAAAAAaE/_1dcTpJD7ew/w72-h72-p-k-no-nu/Screenshot_2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0319fa3100cface22fb5afd04153f4a2
22b9eb94a5eb820a71c92e1c7bcc25bed7d82744
8767861417e7bc2c148f2e57aa47c951e4e57bf47687d6447679efcc34397669
GET /-_Rj6DV70WnQ/UtPpcN300_I/AAAAAAAAAaE/_1dcTpJD7ew/w72-h72-p-k-no-nu/Screenshot_2.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screenshot_2.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2846
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Sun, 11 Sep 2022 21:13:13 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13400
ETag: "v1a2"
Content-Type: image/jpeg
1.bp.blogspot.com/-6eUQ42kDKP0/UyRQBFBeUSI/AAAAAAAAA9c/vT_oKxFknwU/w72-h72-p-k-no-nu/gallery1376.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/1.1 1.bp.blogspot.com/-6eUQ42kDKP0/UyRQBFBeUSI/AAAAAAAAA9c/vT_oKxFknwU/w72-h72-p-k-no-nu/gallery1376.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e6525627884ed70016c2fff888643402
4c27e6e4dbd267ecd5847c600a4b32391c192b96
721805e5e8da43e9fd77d429097b590db254b528596238903669d88f6d7af0d9
GET /-6eUQ42kDKP0/UyRQBFBeUSI/AAAAAAAAA9c/vT_oKxFknwU/w72-h72-p-k-no-nu/gallery1376.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gallery1376.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2213
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3d9"
Content-Type: image/jpeg
Age: 13400
1.bp.blogspot.com/-WojfGoVZZ0k/U3aPO4QeLCI/AAAAAAAABUQ/vDx4WWrQZpA/w72-h72-p-k-no-nu/1241428620X310.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 1.bp.blogspot.com/-WojfGoVZZ0k/U3aPO4QeLCI/AAAAAAAABUQ/vDx4WWrQZpA/w72-h72-p-k-no-nu/1241428620X310.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a61ea80124fc6fb372476355cd1e0731
605c4265964b5f39a05dd1189a9d2d8005499ab0
d2af8ed2b7b3cbc8e5b24a546e026ee6e0b679e6b6f67ff283555720767bb68d
GET /-WojfGoVZZ0k/U3aPO4QeLCI/AAAAAAAABUQ/vDx4WWrQZpA/w72-h72-p-k-no-nu/1241428620X310.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1241428620X310.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4399
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v545"
Content-Type: image/jpeg
Age: 13400
1.bp.blogspot.com/-UR1eW1SBXXs/VNC4a1x7kfI/AAAAAAAADHw/KFR4NX_Lsrs/w72-h72-p-k-no-nu/Stranded%2BDeep%2B-%2Bberbagimod.blogspot.com.jpg
142.250.74.161200 OK 4.3 kB URL HTTP/1.1 1.bp.blogspot.com/-UR1eW1SBXXs/VNC4a1x7kfI/AAAAAAAADHw/KFR4NX_Lsrs/w72-h72-p-k-no-nu/Stranded%2BDeep%2B-%2Bberbagimod.blogspot.com.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ebd08792f10a4eaa7b8ca5e35a186aa0
c3c8db3ee644cfd43e053f3423b2b1e9b197001a
061841b3ab2a530b6889cce537cceb7f70597d4977205b3f79beefaf489648ba
GET /-UR1eW1SBXXs/VNC4a1x7kfI/AAAAAAAADHw/KFR4NX_Lsrs/w72-h72-p-k-no-nu/Stranded%2BDeep%2B-%2Bberbagimod.blogspot.com.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Stranded Deep - berbagimod.blogspot.com.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4270
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Sun, 11 Sep 2022 21:13:13 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13400
ETag: "vc7d"
Content-Type: image/jpeg
2.bp.blogspot.com/-Zp8WfevSNTU/U3aXTz1RTsI/AAAAAAAABU0/G1hnL00771Q/w72-h72-p-k-no-nu/pes+2014+1.jpg
142.250.74.161200 OK 4.3 kB URL HTTP/1.1 2.bp.blogspot.com/-Zp8WfevSNTU/U3aXTz1RTsI/AAAAAAAABU0/G1hnL00771Q/w72-h72-p-k-no-nu/pes+2014+1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash fc836e6d299a181e4d3ffa58678c9bff
3230b582904c0c95e8d5ef8a27d08367814d1dcf
4f8d79ffb4cf732c066ee991be924ae150c26f409b4d6d312bfaef2893661389
GET /-Zp8WfevSNTU/U3aXTz1RTsI/AAAAAAAABU0/G1hnL00771Q/w72-h72-p-k-no-nu/pes+2014+1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="pes 2014 1.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4295
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v54e"
Content-Type: image/jpeg
Age: 13400
2.bp.blogspot.com/-g1vqHUnhnoE/U25TEuJIwUI/AAAAAAAABQ0/xkSMBXRin5E/w72-h72-p-k-no-nu/Screenshot_106.jpg
142.250.74.161200 OK 5.1 kB URL HTTP/1.1 2.bp.blogspot.com/-g1vqHUnhnoE/U25TEuJIwUI/AAAAAAAABQ0/xkSMBXRin5E/w72-h72-p-k-no-nu/Screenshot_106.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f982ebcae74aa02a949b33977382db47
d585413390b402f2f5463c9f13b56037e0181a7e
e31b004e3a3d7a404e6f90ad4b37bb7618fcae9ad6a2f60bee2fd376e16218ee
GET /-g1vqHUnhnoE/U25TEuJIwUI/AAAAAAAABQ0/xkSMBXRin5E/w72-h72-p-k-no-nu/Screenshot_106.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screenshot_106.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5096
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v50e"
Content-Type: image/jpeg
Age: 13400
2.bp.blogspot.com/-CbBBn1b1y24/VQTqCnMtDyI/AAAAAAAADas/6o2N8axTHIE/s1600/900.jpg
142.250.74.161200 OK 81 kB URL HTTP/1.1 2.bp.blogspot.com/-CbBBn1b1y24/VQTqCnMtDyI/AAAAAAAADas/6o2N8axTHIE/s1600/900.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 986x307, components 3\012- data
Hash a4d5aa9670b3c89e0c02340fb911109f
964e1061198a89fcb88a405febcadb74bdcda1d7
4ec80ad6435a05b98f0aa0267e0e08f3338e524a349e55b7214cfd85f0f5df5e
GET /-CbBBn1b1y24/VQTqCnMtDyI/AAAAAAAADas/6o2N8axTHIE/s1600/900.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="900.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 81180
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vdac"
Content-Type: image/jpeg
Age: 13400
4.bp.blogspot.com/-P4BtINxGSao/UyTgVw1vYUI/AAAAAAAAA90/X93vgtdneJw/w72-h72-p-k-no-nu/game+ss.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 4.bp.blogspot.com/-P4BtINxGSao/UyTgVw1vYUI/AAAAAAAAA90/X93vgtdneJw/w72-h72-p-k-no-nu/game+ss.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e061e173231e0ab76f2a844cf5b39ed6
1b75fa70d95591db64ee75b648e3be0467d31211
778e10f0ac9a88ebcff1ff2251aab7b8d201e085da0c91624185f61d5cbe59c3
GET /-P4BtINxGSao/UyTgVw1vYUI/AAAAAAAAA90/X93vgtdneJw/w72-h72-p-k-no-nu/game+ss.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="game ss.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4352
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3de"
Content-Type: image/jpeg
Age: 13400
4.bp.blogspot.com/-Fqg_KrisYLM/U3V5kRRK2nI/AAAAAAAABT4/-McZuyEEBx4/w72-h72-p-k-no-nu/Screenshot_102.jpg
142.250.74.161200 OK 3.0 kB URL HTTP/1.1 4.bp.blogspot.com/-Fqg_KrisYLM/U3V5kRRK2nI/AAAAAAAABT4/-McZuyEEBx4/w72-h72-p-k-no-nu/Screenshot_102.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5fc7b5a52afcc2ed2c4517df0fa17c89
bf5796b6b17d4f71607ef17e9f72edf661fd6fec
968aabee93ec0112d499f05ac0b576b0d8d36163c14d84cc07251f4ba3bb1832
GET /-Fqg_KrisYLM/U3V5kRRK2nI/AAAAAAAABT4/-McZuyEEBx4/w72-h72-p-k-no-nu/Screenshot_102.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screenshot_102.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2995
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v53f"
Content-Type: image/jpeg
Age: 13400
4.bp.blogspot.com/-FPh9RvBGvA0/UtoF2cNX2sI/AAAAAAAAAcQ/s1W7kdSS9DA/w72-h72-p-k-no-nu/gallery892.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 4.bp.blogspot.com/-FPh9RvBGvA0/UtoF2cNX2sI/AAAAAAAAAcQ/s1W7kdSS9DA/w72-h72-p-k-no-nu/gallery892.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9445d22a1ad6aca592bc1cf61e2dca9b
428dfc6f1d8ea47fd3e63e98f5e89f9e3f82aa41
386f76b4d56d3ed75bf8e90995bc2f57e7ca7e8b525add4ee95b81c81d0544ea
GET /-FPh9RvBGvA0/UtoF2cNX2sI/AAAAAAAAAcQ/s1W7kdSS9DA/w72-h72-p-k-no-nu/gallery892.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gallery892.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3832
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1c6"
Content-Type: image/jpeg
Age: 13400
bdv.bidvertiser.com/BidVertiser.dbm?pid=595536%26bid=1486833
54.241.51.109200 OK 87 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=595536%26bid=1486833
IP 54.241.51.109:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 6c60754af27389e2778b3584bf10f3a1
196be0cdc74708ee01c01f86a648c16573e18fc6
ff2485a3dc35082ae7e3799388665929ffd72227191bf24b7c01033bfe19ddd9
GET /BidVertiser.dbm?pid=595536%26bid=1486833 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/html
Connection: close
Content-Length: 87
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01721134027b8087fcaea01ae7470149
e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864
a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chkme.com/seo-berbagimod.blogspot.com.png
35.208.209.48301 Moved Permanently 162 B URL HTTP/1.1 chkme.com/seo-berbagimod.blogspot.com.png
IP 35.208.209.48:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /seo-berbagimod.blogspot.com.png HTTP/1.1
Host: chkme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 15 Sep 2022 19:25:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://chkme.com/seo-berbagimod.blogspot.com.png
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
X-HTTPS-Enforce: 1
X-Proxy-Cache-Info: DT:1
www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
172.67.136.97302 Found 306 B URL HTTP/1.1 www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
IP 172.67.136.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash afd11f6d7bc0f64d97b825a5cbf550ce
3dbd21d1d95d74b84efda27e08afdbcd7ba09762
fb02e32b8a2fdafbb5ab7dc902aefc92e74e46ea0db3db4742771cf3859be66c
GET /iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1 HTTP/1.1
Host: www.ping-fast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 19:25:00 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
location: https://www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
x-iplb-request-id: A29EDED4:DC6A_BCA58F11:0050_63237C0C_FEF7:ABD2
x-iplb-instance: 31557
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85I2ZhpgYBUGJHkuQsh63KvvKMvT5%2FjS%2B9Grbx7ui5c3hBdJQGEuj2m6MgUfXtPaNL1Gs5S7Oad3dnqxaBVjEO01SxP50f%2Bj6Y6tH6XGB375RKFpGe762OIWu37jDfK4zlHhWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74b3bef00d2b0b51-OSL
alt-svc: h2=":443"; ma=60
3.bp.blogspot.com/-PkNiVFQ36tk/UJKk5O63taI/AAAAAAAAGcM/40odjuACWNs/s1600/body-bg12.png
142.250.74.161200 OK 2.1 kB URL HTTP/1.1 3.bp.blogspot.com/-PkNiVFQ36tk/UJKk5O63taI/AAAAAAAAGcM/40odjuACWNs/s1600/body-bg12.png
IP 142.250.74.161:0
File type PNG image data, 103 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e58f959dc10326ac99f675c51f4f213
8a05f0361c6dbb9e625d55b348929461104fb28b
a4ca55e7e45943d24fc4634166cdcd7bcbd7f9337a7d78d4717ad8852c85e899
GET /-PkNiVFQ36tk/UJKk5O63taI/AAAAAAAAGcM/40odjuACWNs/s1600/body-bg12.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="body-bg12.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2071
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Thu, 25 Aug 2022 17:41:08 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13400
ETag: "v19c3"
Content-Type: image/png
4.bp.blogspot.com/-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png
142.250.74.161200 OK 237 B URL HTTP/1.1 4.bp.blogspot.com/-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png
IP 142.250.74.161:0
File type PNG image data, 7 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash cc1b56913d2f7dccf89833c9f13c1166
cf385fddd75a65e4f90b8c4c61219e37afbbd55d
dce80244c3d820d996560fbaeda32f1855b6a871a8093a46ae9eaf292733f8d5
GET /-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="downarrow-dark.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 237
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Mon, 05 Sep 2022 13:31:35 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13400
ETag: "v189e"
Content-Type: image/png
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0ecacfd5c45535e4b2281e39a7ac58d7
e3b3da79b03088885f532f001abab9cde0112b05
2cafc25d6b264cf883c63e0053a4770795e36cb11a1bbdf2f11d8f1c0b904d0b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 21:35:58 GMT
Expires: Tue, 20 Sep 2022 21:35:57 GMT
Etag: "e3b3da79b03088885f532f001abab9cde0112b05"
Cache-Control: max-age=439256,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b3bef0dcb5b503-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 19:03:22 GMT
Expires: Thu, 15 Sep 2022 19:03:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sQRcJmwSdFyZbldAdmJrUeB0msX7ZdHEn5DoXXfUJXHO3JeRSpclfg==
Age: 1299
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
142.250.74.163200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21224
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 07:02:27 GMT
Expires: Fri, 15 Sep 2023 07:02:27 GMT
Cache-Control: public, max-age=31536000
Age: 44554
Last-Modified: Tue, 19 Apr 2022 18:04:18 GMT
Content-Type: font/woff2
yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 15 Sep 2022 19:25:01 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?section=21MAR_NeLt&pub=597677&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
s06.flagcounter.com/count/F2st/bg_0F17FF/txt_F5F5F5/border_CCCCCC/columns_4/maxflags_40/viewers_0/labels_0/pageviews_0/flags_0/
45.58.124.226200 OK 21 kB URL HTTP/1.1 s06.flagcounter.com/count/F2st/bg_0F17FF/txt_F5F5F5/border_CCCCCC/columns_4/maxflags_40/viewers_0/labels_0/pageviews_0/flags_0/
IP 45.58.124.226:0
File type PNG image data, 292 x 185, 8-bit/color RGB, non-interlaced\012- data
Hash 6aa6649f1e1430556b090b49cd5de983
8bc7d7749cd03e86bce2626a6a91a8be3328be25
b6bd0308e224551bbed3d25229ff8db1afde4281c615bf715196d83e00c8e9ad
GET /count/F2st/bg_0F17FF/txt_F5F5F5/border_CCCCCC/columns_4/maxflags_40/viewers_0/labels_0/pageviews_0/flags_0/ HTTP/1.1
Host: s06.flagcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash ccc5dd6321721b5387ab1946d20fb0e9
3221de997d403eeb791ece427adaac01f14fc10c
ee6828cc6e76b1efad9c477f6b2307e98ad91e8b71b5a66c927cf07e1af8ac2a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 19 Sep 2022 15:45:36 GMT
ETag: "3221de997d403eeb791ece427adaac01f14fc10c"
Last-Modified: Thu, 15 Sep 2022 15:45:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1710
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b3bef16f4a0b51-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-RXzuxzvwYR4/UJYop47uvbI/AAAAAAAAGhM/9Dft6eOVayQ/s1600/search-button.png
142.250.74.161200 OK 558 B URL HTTP/1.1 4.bp.blogspot.com/-RXzuxzvwYR4/UJYop47uvbI/AAAAAAAAGhM/9Dft6eOVayQ/s1600/search-button.png
IP 142.250.74.161:0
File type PNG image data, 17 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 65d05a4f9f0b276abd7f5e0dfaa9303a
fd7f15df4e36388a0fba7df14f7f49c183412d28
75894bcd81ffe4ccfb5c4a2da869c4dc3848c84dff4d0737f1d238b329af78a9
GET /-RXzuxzvwYR4/UJYop47uvbI/AAAAAAAAGhM/9Dft6eOVayQ/s1600/search-button.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="search-button.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 558
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 02 Sep 2022 22:44:55 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13401
ETag: "v1a13"
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5282
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:01 GMT
Last-Modified: Thu, 15 Sep 2022 17:56:59 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
yllix.com/warn.php?section=21MAR_NeLt&pub=597677&ga=g
185.66.200.224200 OK 260 B URL HTTP/2 yllix.com/warn.php?section=21MAR_NeLt&pub=597677&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
Hash 7140ef490dbb8462f4e4954217cee98d
1145f7f9ecfb3fe864d3c2cd30d7af74db3e4dc1
2258dea7125d26e4079e042d3a13058663543509e0b7c2e76b6ecdcf956bcf6b
GET /warn.php?section=21MAR_NeLt&pub=597677&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 19:25:01 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
4.bp.blogspot.com/-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png
142.250.74.161200 OK 1.2 kB URL HTTP/1.1 4.bp.blogspot.com/-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png
IP 142.250.74.161:0
File type PNG image data, 30 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash e41bc01fc66820dc1901d37cb5df3b3d
c361c23886a387ca32db187a0ef84940b9100328
39960302b1ec5b58a87c5a50830875969d9adb66619ceca7af2843c668161f48
GET /-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="home (1).png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1211
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Thu, 08 Sep 2022 11:36:11 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13401
ETag: "v1a07"
Content-Type: image/png
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
142.250.74.163200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22376
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 14 Sep 2022 06:43:11 GMT
Expires: Thu, 14 Sep 2023 06:43:11 GMT
Cache-Control: public, max-age=31536000
Age: 132110
Last-Modified: Tue, 19 Apr 2022 18:25:01 GMT
Content-Type: font/woff2
1.bp.blogspot.com/-nuqGzN8406c/UJP6qzqo9eI/AAAAAAAAGeE/_srJJf734HY/s12/70.png
142.250.74.161200 OK 384 B URL HTTP/1.1 1.bp.blogspot.com/-nuqGzN8406c/UJP6qzqo9eI/AAAAAAAAGeE/_srJJf734HY/s12/70.png
IP 142.250.74.161:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash d98622ff238177cf667d7372ce113acd
a4b8936dd57536fc9ec2eeca1ad8c94ee8a960f5
f58de81d2e0e8e532f8fa08e5484a6ab3d63316db813b33567b4baabd8ddc011
GET /-nuqGzN8406c/UJP6qzqo9eI/AAAAAAAAGeE/_srJJf734HY/s12/70.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="70.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 384
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 09 Sep 2022 20:23:55 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13401
ETag: "v19e1"
Content-Type: image/png
1.bp.blogspot.com/-xNAEen8ZchE/UJP6nKf8dfI/AAAAAAAAGds/flfcN7VnpfU/s12/13.png
142.250.74.161200 OK 312 B URL HTTP/1.1 1.bp.blogspot.com/-xNAEen8ZchE/UJP6nKf8dfI/AAAAAAAAGds/flfcN7VnpfU/s12/13.png
IP 142.250.74.161:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash b0cff453a017a5fe641493583fe4c0fa
487010d43cd2d9c041f5d47ba84fd97e031294ab
e4657fc65904b895b348a87ad83020d884ef70d5a6a4e94385b94393f09aaa38
GET /-xNAEen8ZchE/UJP6nKf8dfI/AAAAAAAAGds/flfcN7VnpfU/s12/13.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="13.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 312
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19db"
Content-Type: image/png
Age: 13401
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0ecacfd5c45535e4b2281e39a7ac58d7
e3b3da79b03088885f532f001abab9cde0112b05
2cafc25d6b264cf883c63e0053a4770795e36cb11a1bbdf2f11d8f1c0b904d0b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 21:35:58 GMT
Expires: Tue, 20 Sep 2022 21:35:57 GMT
Etag: "e3b3da79b03088885f532f001abab9cde0112b05"
Cache-Control: max-age=439255,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b3bef0cc99b503-OSL
dcba.popcash.net/znWaa3gu
52.203.170.34204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP 52.203.170.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 15 Sep 2022 19:25:01 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /banner.php?pub=597677§ion=General&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 15 Sep 2022 19:25:01 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?pub=597677§ion=General&format=468x60&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
1.bp.blogspot.com/-H3-xRhMKfoY/VQ1ZJ-bv0eI/AAAAAAAADk4/580Bd0cgOIE/s1600/resident%2Bevil%2Brevelation%2Bepisode%2B3.jpg
142.250.74.161200 OK 21 kB URL HTTP/1.1 1.bp.blogspot.com/-H3-xRhMKfoY/VQ1ZJ-bv0eI/AAAAAAAADk4/580Bd0cgOIE/s1600/resident%2Bevil%2Brevelation%2Bepisode%2B3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 296x380, components 3\012- data
Hash 35d2e8555c4e1e7f3509a4a0394ba3bd
1a0e8bb38069bc65e8d3401d2806cbb7abad9ce6
5aa47fc97fea4af49dc6c36a3524b3ae4856f5bfb9d2aa4b99adb5bd0197700b
GET /-H3-xRhMKfoY/VQ1ZJ-bv0eI/AAAAAAAADk4/580Bd0cgOIE/s1600/resident%2Bevil%2Brevelation%2Bepisode%2B3.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "ve4f"
Expires: Fri, 16 Sep 2022 19:25:01 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="resident evil revelation episode 3.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 19:25:01 GMT
Server: fife
Content-Length: 20952
X-XSS-Protection: 0
yllix.com/warn.php?pub=597677§ion=General&format=468x60&ga=g
185.66.200.224200 OK 331 B URL HTTP/2 yllix.com/warn.php?pub=597677§ion=General&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
Hash a3cbe408fefa77253cf04aef542176b4
962ff64904ca1feff6d35ab2fe9dca77be3432bd
ef80eee77062c14e6c81041839df72e8a139f7f19e13b2c9b6376af3673fed3d
GET /warn.php?pub=597677§ion=General&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 19:25:01 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
1.bp.blogspot.com/-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s1600/stripe.png
142.250.74.161200 OK 236 B URL HTTP/1.1 1.bp.blogspot.com/-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s1600/stripe.png
IP 142.250.74.161:0
File type PNG image data, 12 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 62da707f76ada65c6397be2632fa1e3a
7481d2f62694892a63ae1f1f874a78907ecdd209
7c9a592ba7be7e9fe47e606a4717e09472df3c1ea2c067177467d1bec9dc53d3
GET /-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s1600/stripe.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="stripe.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 236
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19ef"
Content-Type: image/png
Age: 13401
1.bp.blogspot.com/-SovF-2Yqzx8/UIT2nmYLCuI/AAAAAAAAGGU/FjDXOtx5erk/s1600/small-right.png
142.250.74.161200 OK 277 B URL HTTP/1.1 1.bp.blogspot.com/-SovF-2Yqzx8/UIT2nmYLCuI/AAAAAAAAGGU/FjDXOtx5erk/s1600/small-right.png
IP 142.250.74.161:0
File type PNG image data, 10 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b086e4f3d5def0dc849ff4792cfe396f
58ccf47749e02fb7e0b8aff6cc1a2e745451811d
e8153a9b8632a48c1652f12041f71114fd10f27f62e6ab1f57c443af4fb2af7a
GET /-SovF-2Yqzx8/UIT2nmYLCuI/AAAAAAAAGGU/FjDXOtx5erk/s1600/small-right.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="small-right.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 277
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 18:28:24 GMT
Expires: Wed, 14 Sep 2022 03:08:34 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3397
ETag: "v1865"
Content-Type: image/png
3.bp.blogspot.com/-GnsWJY-Hblo/UIbck16A3BI/AAAAAAAAGJM/qdog-XGwwQE/h20/sprite+images.png
142.250.74.161200 OK 5.2 kB URL HTTP/1.1 3.bp.blogspot.com/-GnsWJY-Hblo/UIbck16A3BI/AAAAAAAAGJM/qdog-XGwwQE/h20/sprite+images.png
IP 142.250.74.161:0
File type PNG image data, 175 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 259e74bcfd0c7bbd1e84e1623dffbbdf
e83779648e23a7a19dfe024647e85b12bd9cb3bf
68ab97610edf119c1d0113f655f24037c276d2d62f1abd052c2100fe5e87b332
GET /-GnsWJY-Hblo/UIbck16A3BI/AAAAAAAAGJM/qdog-XGwwQE/h20/sprite+images.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sprite images.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5156
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 19:25:01 GMT
Expires: Fri, 15 Jul 2022 09:54:02 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1893"
Content-Type: image/png
Age: 0
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/1.1 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9840
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Sep 2022 04:55:59 GMT
Expires: Wed, 13 Sep 2023 04:55:59 GMT
Cache-Control: public, max-age=31536000
Age: 224942
Last-Modified: Mon, 18 Jul 2022 19:24:04 GMT
Content-Type: font/woff2
2.bp.blogspot.com/-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png
142.250.74.161200 OK 727 B URL HTTP/1.1 2.bp.blogspot.com/-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png
IP 142.250.74.161:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 0566fd58559a796a665a8a9f87b69591
14878358b0b13f38cd8ba4e279a2e731a55e3c7b
2c879d9752b3d7c4990fead74006bc48a210cc6181b2b0082020221d383e4b87
GET /-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="link-overlay.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 727
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Wed, 14 Sep 2022 03:08:34 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13401
ETag: "v19fb"
Content-Type: image/png
1.bp.blogspot.com/-yyFrsVmB3aY/UOhjYBGW6II/AAAAAAAAHuc/OB5STvIL9Pg/w25/plus.png
142.250.74.161200 OK 1.2 kB URL HTTP/1.1 1.bp.blogspot.com/-yyFrsVmB3aY/UOhjYBGW6II/AAAAAAAAHuc/OB5STvIL9Pg/w25/plus.png
IP 142.250.74.161:0
File type PNG image data, 25 x 58, 8-bit gray+alpha, non-interlaced\012- data
Hash 68c20b593255862c12d3efb1af6194de
c5d01400a7baa3d40cd8e7b92dabc916c7e4e5ac
cb4e78d391cb7cba6110c75bb124dd974155a8e2000e795c954d85a41a9f8916
GET /-yyFrsVmB3aY/UOhjYBGW6II/AAAAAAAAHuc/OB5STvIL9Pg/w25/plus.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="plus.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1157
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:40 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1ee7"
Content-Type: image/png
Age: 13401
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fPtDHgqy67kWySCRc0x+ng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RS/784RPHI8Q1oLixRkTCQPzgEo=
berbagimod.blogspot.com/feeds/posts/default?alt=json-in-script&max-results=0&callback=totalPosts
142.250.74.161200 OK 1.2 kB URL HTTP/1.1 berbagimod.blogspot.com/feeds/posts/default?alt=json-in-script&max-results=0&callback=totalPosts
IP 142.250.74.161:0
File type ASCII text, with very long lines (2594)
Hash fbb35166a8682ff0d8f7cec4a65bce92
68dbf238a1084bdb32a6a8c28c8d0b878da3ccc1
b196ae74a8739eacb52974ad1727693926cfebfdc366f51dcbbf8de46b177cdb
GET /feeds/posts/default?alt=json-in-script&max-results=0&callback=totalPosts HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2015/03/resident-evil-revelations-2-episode-3.html
Cookie: _ga=GA1.3.1505509798.1663258456; _gid=GA1.3.108288831.1663258456; HstCfa2653523=1663258457344; HstCla2653523=1663266491243; HstCmu2653523=1663258457344; HstPn2653523=1; HstPt2653523=3; HstCnv2653523=2; HstCns2653523=3; __auc=c94a9f5a18341edf61d15352edb; a=hfhSt8AEOJnnmeeFUVNeST1uZDFESxh3; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYyNPaQFjI27LgAGBAsAAIK7A00jrQye6qAHToP_hO5zfzUTVRZRFUoF4Jea6TAhSwQBIMEYCIQD8_lSI7Xaxr8Vfv0UrfcTxcmx0FY9DlStPyBEeGTGmBAIhAJ9IBPcIKja9HyInkcwS6rIJwDAzGoKSeOiYDqSFqbRQ; _gat=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: blogger-renderd
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 1160
X-Frame-Options: SAMEORIGIN
Date: Thu, 15 Sep 2022 19:25:01 GMT
Expires: Thu, 15 Sep 2022 19:25:02 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Thu, 18 Aug 2022 14:59:56 GMT
ETag: W/"f64fd779f1872a906410f53906021b01caa6fc841e4bcf091eeae4d0118ca7b2"
Content-Type: text/javascript; charset=UTF-8
Age: 0
berbagimod.blogspot.com/feeds/comments/default?alt=json-in-script&max-results=0&callback=totalComments
142.250.74.161200 OK 671 B URL HTTP/1.1 berbagimod.blogspot.com/feeds/comments/default?alt=json-in-script&max-results=0&callback=totalComments
IP 142.250.74.161:0
File type ASCII text, with very long lines (1333)
Hash 76428197fe870662c6a63c284f726a9d
7b0810b38798a817023c7b3073823d58ad444f96
5a286bbb7ab01ebd9e85b8e3242c95facacdbafbdc9cd2ef129f2ef1a466eb00
GET /feeds/comments/default?alt=json-in-script&max-results=0&callback=totalComments HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2015/03/resident-evil-revelations-2-episode-3.html
Cookie: _ga=GA1.3.1505509798.1663258456; _gid=GA1.3.108288831.1663258456; HstCfa2653523=1663258457344; HstCla2653523=1663266491243; HstCmu2653523=1663258457344; HstPn2653523=1; HstPt2653523=3; HstCnv2653523=2; HstCns2653523=3; __auc=c94a9f5a18341edf61d15352edb; a=hfhSt8AEOJnnmeeFUVNeST1uZDFESxh3; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYyNPaQFjI27LgAGBAsAAIK7A00jrQye6qAHToP_hO5zfzUTVRZRFUoF4Jea6TAhSwQBIMEYCIQD8_lSI7Xaxr8Vfv0UrfcTxcmx0FY9DlStPyBEeGTGmBAIhAJ9IBPcIKja9HyInkcwS6rIJwDAzGoKSeOiYDqSFqbRQ; _gat=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Server: blogger-renderd
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Length: 671
X-Frame-Options: SAMEORIGIN
Date: Thu, 15 Sep 2022 19:25:01 GMT
Expires: Thu, 15 Sep 2022 19:25:02 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Mon, 04 Apr 2022 16:27:21 GMT
ETag: W/"912884b216cb3f10ce8338263113fc2670840d609556ee6c6cbbf6541452ec14"
Content-Type: text/javascript; charset=UTF-8
Age: 0
pingmyurl.com/pingmyurl100x31.png
192.169.244.12404 Not Found 10 kB URL HTTP/1.1 pingmyurl.com/pingmyurl100x31.png
IP 192.169.244.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 4b831085ee41d7ad0aaf48950120d063
2923ad5db226082d9aeeded130c367807c5f5cdd
4b71f49b2d537b3c5377fdd6d6cb6cf7660ab970576d8c3b5b850f0d114885c4
GET /pingmyurl100x31.png HTTP/1.1
Host: pingmyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 404 Not Found
Date: Thu, 15 Sep 2022 19:25:01 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
date: Thu, 15 Sep 2022 19:15:37 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 169084204
etag: W/"980881274"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:C30E_2E69C9F0:0050_63237C0D_E098F:1DBF2
x-iplb-instance: 32943
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 17 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 7f3aead5505591cb8c280d381a4d1193
07719a22adb8a9279296ec6fc7283be8ee21bf80
df421829cdfa1b26a374ee50fbc58c85ec1810d955a2dee1568d412189bf200d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6971ad04397ebe0a117d03ae5c1de8c5
5179eab2d14b4c8c52c00fd6bf2953fb98ad5b8f
97a64e5b9bf5e3e347b23e4bbf41aa0fe6ffd379d50b379770f5c7347e6bb248
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-hXfZtHjopCw/UOiA5zZrF1I/AAAAAAAAHvY/oovWlz4k--k/s1600/stripe.png
142.250.74.161200 OK 237 B URL HTTP/1.1 2.bp.blogspot.com/-hXfZtHjopCw/UOiA5zZrF1I/AAAAAAAAHvY/oovWlz4k--k/s1600/stripe.png
IP 142.250.74.161:0
File type PNG image data, 12 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash bdd2b390e11245ef9bcacf0aaa230652
e9960cc9efc0e01f181ea54e1b3a0060ed14513f
04ef432477a8480a6041fe0de9639db9152d4938716369366fc7d71e7660735b
GET /-hXfZtHjopCw/UOiA5zZrF1I/AAAAAAAAHvY/oovWlz4k--k/s1600/stripe.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="stripe.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 237
X-XSS-Protection: 0
Date: Thu, 15 Sep 2022 15:41:41 GMT
Expires: Fri, 09 Sep 2022 01:44:10 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13400
ETag: "v1ef6"
Content-Type: image/png
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 15 Sep 2022 19:25:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+188; expires=Sat, 14-Sep-2024 19:25:01 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Sep 2022 19:25:01 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1557
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 15 Sep 2022 19:25:01 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+490; expires=Sat, 14-Sep-2024 19:25:01 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Sep 2022 19:25:01 GMT
X-Firefox-Spdy: h2
berbagimod.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCwibkKsBtOhaA-kCMPbc3qmyHl8D9kvDzwe1i8OyWqLPYnRomixoq8Bj-QXPQGyhxHP6YantC3XRGZ2cQaRxoSuMzdCw
142.250.74.161200 OK 256 B URL HTTP/1.1 berbagimod.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCwibkKsBtOhaA-kCMPbc3qmyHl8D9kvDzwe1i8OyWqLPYnRomixoq8Bj-QXPQGyhxHP6YantC3XRGZ2cQaRxoSuMzdCw
IP 142.250.74.161:0
File type JSON data\012- , ASCII text, with very long lines (403), with no line terminators
Hash ffb1844e82c2b32f6fddb16f8f7934cb
7a83d28296af7f574fc90ed5e2e315197d95c7ca
a59f2ffbf2b6c6d87f61a04b87bbd89d4d0162b6db9192e0dac71b65cdb419ed
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCwibkKsBtOhaA-kCMPbc3qmyHl8D9kvDzwe1i8OyWqLPYnRomixoq8Bj-QXPQGyhxHP6YantC3XRGZ2cQaRxoSuMzdCw HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2015/03/resident-evil-revelations-2-episode-3.html
Cookie: _ga=GA1.3.1505509798.1663258456; _gid=GA1.3.108288831.1663258456; HstCfa2653523=1663258457344; HstCla2653523=1663269886326; HstCmu2653523=1663258457344; HstPn2653523=2; HstPt2653523=4; HstCnv2653523=2; HstCns2653523=4; __auc=c94a9f5a18341edf61d15352edb; a=hfhSt8AEOJnnmeeFUVNeST1uZDFESxh3; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYyNPaQFjI27LgAGBAsAAIK7A00jrQye6qAHToP_hO5zfzUTVRZRFUoF4Jea6TAhSwQBIMEYCIQD8_lSI7Xaxr8Vfv0UrfcTxcmx0FY9DlStPyBEeGTGmBAIhAJ9IBPcIKja9HyInkcwS6rIJwDAzGoKSeOiYDqSFqbRQ; _gat=1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 15 Sep 2022 19:25:01 GMT
Expires: Thu, 15 Sep 2022 19:25:01 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 256
Server: GSE
cdn.chitika.net/getads.js
143.204.55.12301 Moved Permanently 167 B URL HTTP/1.1 cdn.chitika.net/getads.js
IP 143.204.55.12:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /getads.js HTTP/1.1
Host: cdn.chitika.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://cdn.chitika.net/getads.js
X-Cache: Redirect from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ek2EAkpkcVnlrhOINmc3VbQ9y5WZ9X2yPcpPvySqvUXFlBm7d_ovuw==
d31qbv1cthcecs.cloudfront.net/atrk.js
143.204.55.36200 OK 4.3 kB URL HTTP/1.1 d31qbv1cthcecs.cloudfront.net/atrk.js
IP 143.204.55.36:0
File type ASCII text, with very long lines (4255), with no line terminators
Hash d89453438fbf10dcf4c13265c40d5160
02d5f4e46c94bf34e12b2d773f63f643ea2b3518
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
GET /atrk.js HTTP/1.1
Host: d31qbv1cthcecs.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4255
Connection: keep-alive
Date: Sat, 13 Aug 2022 04:02:04 GMT
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
ETag: "d89453438fbf10dcf4c13265c40d5160"
Cache-Control: max-age=26920000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GPVhQZukY4oHCBbJyhlmGwplymtdnKkhZUO1631KOwkqWlEyrmxV5A==
Age: 2906579
c1.popads.net/pop.js
185.76.9.25200 OK 9.9 kB IP 185.76.9.25:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 87f2106b2ef322202b466870df717aa2
4b7461dec21a73a4c475817b6ce3b8f58efca57c
d29a8563a37e8893a7481326f22315d57678da676c8a9599dc46785cc73a24cd
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
Last-Modified: Sun, 03 Jul 2022 20:49:14 GMT
ETag: W/"62c200ca-7b48"
Access-Control-Allow-Origin: *
X-Accel-Expires: @1664139665
Server: CDN77-Turbo
X-77-NZT: AblMCRTI71n/fYwCAA
X-77-NZT-Ray: 3L6choVsAuc
X-Cache: HIT
X-Age: 167037
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
connect.facebook.net/id_ID/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/id_ID/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 46f6544509e9416e222b9953c5fe443b
591d0d0941e51d40fa578f082582c22ca1f7dffa
8c4d43c08200e179d06d5c30e7f60a11d36a2ee454eb39a6db926342c60352fd
GET /id_ID/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 92844d45d66c2b15d28987af89d3ae4f
ETag: "122f9b76e2852820230adb07568c2e7f"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Thu, 15 Sep 2022 19:31:26 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: RvZURQnpQW4iK5lTxf5EOw==
X-FB-Debug: +qHeR/+8cq5aysIynGeeaHIGKEtiqXjfNnOyJR+0oP0QQLr4Br4fvWlJ0qPVJlqwsw4GD+RVBFD55qOQJecypg==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Thu, 15 Sep 2022 19:25:02 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1684
tcr.tynt.com/ti.js
104.18.36.173200 OK 16 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Hash a384492ef8f3bb035fc8ecba870e86d3
a6da9b212e2d640261cc1c1a5c98096aef5d8778
9232a4a99aa4630732414441f411afe936b0e95047f3d018e46c40f211fc1ede
GET /ti.js HTTP/1.1
Host: tcr.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-b4ff"
content-encoding: gzip
CF-Cache-Status: HIT
Age: 183029
Expires: Sun, 18 Sep 2022 19:25:02 GMT
Cache-Control: public, max-age=259200
Server: cloudflare
CF-RAY: 74b3bef7cd840b39-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash d12873cae53935be7948ad867d36b46a
67da3cdfafcd7eaf991d5eeb88ca50226f2606d2
99f9e2d729ee1a93bd31aafbd035a634ab3b792c4bb473c35cef1e0915bea7ae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 19:25:02 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bwmXtdkLt8HDyAfJwYJN2YuyO6m12npAroPHrG8ZHH-0ugGbaAfAbg==
cdn.chitika.net/getads.js
143.204.55.12200 OK 0 B URL HTTP/2 cdn.chitika.net/getads.js
IP 143.204.55.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getads.js HTTP/1.1
Host: cdn.chitika.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 0
last-modified: Fri, 19 Apr 2019 16:40:37 GMT
server: AmazonS3
date: Thu, 15 Sep 2022 05:57:28 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 05Di14pHq-FRKBOc_57U3qfxbJIVLgb-H_Q3HWd_qE9gCR-2kZO9Sg==
age: 51400
X-Firefox-Spdy: h2
adsco.re/t
162.252.214.5200 OK 172 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash c5dded80a519fe3623dc9a15cd703e15
42c9e2c70c2835b8a1fcdce099815a24745bb12e
0857069ba445f5a03b220f4c206c045a35f0e38f60ba0345106d61146a7d1f8d
POST /t HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 215
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://berbagimod.blogspot.com
Access-Control-Allow-Credentials: true
Token-Level: 3
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 00997d4afbff5cff07cac4a3341cd82f
9e9c07fa21f2c9464dd7720e42b6ff21bca1cb5a
3f5c41d9bfaee19e85f9da760c9f20dc7e300ba2a39ef5996bee46ec3306132d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F5C41D9BFAEE19E85F9DA760C9F20DC7E300BA2A39EF5996BEE46EC3306132D"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8966
Expires: Thu, 15 Sep 2022 21:54:28 GMT
Date: Thu, 15 Sep 2022 19:25:02 GMT
Connection: keep-alive
berbagimod.blogspot.com/favicon.ico
142.250.74.161200 OK 906 B URL HTTP/1.1 berbagimod.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 56eb67e2540f7af4f0e5933f4052b296
b282da783e5d4a8ef3440b9a10c9bca72a120cda
25ad7568b5215ec11323c8c68a700b3ee91a0299e652af088477b9b5a440b2f8
GET /favicon.ico HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2015/03/resident-evil-revelations-2-episode-3.html
Cookie: _ga=GA1.3.1505509798.1663258456; _gid=GA1.3.108288831.1663258456; HstCfa2653523=1663258457344; HstCla2653523=1663269886326; HstCmu2653523=1663258457344; HstPn2653523=2; HstPt2653523=4; HstCnv2653523=2; HstCns2653523=4; __auc=c94a9f5a18341edf61d15352edb; a=hfhSt8AEOJnnmeeFUVNeST1uZDFESxh3; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYyNPaQFjI27LgAGBAsAAIK7A00jrQye6qAHToP_hO5zfzUTVRZRFUoF4Jea6TAhSwQBIMEYCIQD8_lSI7Xaxr8Vfv0UrfcTxcmx0FY9DlStPyBEeGTGmBAIhAJ9IBPcIKja9HyInkcwS6rIJwDAzGoKSeOiYDqSFqbRQ; _gat=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Thu, 15 Sep 2022 19:25:02 GMT
Date: Thu, 15 Sep 2022 19:25:02 GMT
Cache-Control: private, max-age=86400
Last-Modified: Thu, 18 Aug 2022 14:59:56 GMT
ETag: W/"98611d158895985a4f2ec83cbd14cdb5aea689a7b34ba70cf2a52083af239f73"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 906
Server: GSE
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
35.82.251.53302 0 B URL HTTP/1.1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
IP 35.82.251.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x.png HTTP/1.1
Host: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 302
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: http://ae22fc48e19ce19a172d06ea046963754.profile.ord58-p7.cloudfront.net/test.png
Server: Server
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 19:25:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 19:25:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 19:25:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 77997
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 74903
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 75551
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Rx8KX_QI5I2x7q0gcvxcJX7QzZUe2KkfqAUVR64lEujF4xDEWWDhZQ==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 83029
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MYJf90B8rX8_nPUl4stpbZcQeQDaZ2Hgyu6GmsfdqUh-0Nx5OJJThw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:54 GMT
age: 82988
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 83005
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s4.histats.com/stats/2653523.php?2653523&@f16&@g0&@h2&@i2&@j1663269886326&@k3395083&@l4&@mResident%20Evil%20Revelations%202%20Episode%203%20Download&@n0&@o1000&@q0&@r0&@s407&@ten-US&@u1280&@b1:-51295816&@b3:1663269886&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fberbagimod.blogspot.com%2F2015%2F03%2Fresident-evil-revelations-2-episode-3.html&@w
192.99.0.58200 OK 103 B URL HTTP/1.1 s4.histats.com/stats/2653523.php?2653523&@f16&@g0&@h2&@i2&@j1663269886326&@k3395083&@l4&@mResident%20Evil%20Revelations%202%20Episode%203%20Download&@n0&@o1000&@q0&@r0&@s407&@ten-US&@u1280&@b1:-51295816&@b3:1663269886&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fberbagimod.blogspot.com%2F2015%2F03%2Fresident-evil-revelations-2-episode-3.html&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash 9483dd8d666fa9da829d6fa131ff6fc1
7fb72f7227a8e7533e404a0574e1b751aba4f324
9533910d20c35efdf4e0826fc23a859ccecbe419e52e2ed177f90015cf3f9777
GET /stats/2653523.php?2653523&@f16&@g0&@h2&@i2&@j1663269886326&@k3395083&@l4&@mResident%20Evil%20Revelations%202%20Episode%203%20Download&@n0&@o1000&@q0&@r0&@s407&@ten-US&@u1280&@b1:-51295816&@b3:1663269886&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fberbagimod.blogspot.com%2F2015%2F03%2Fresident-evil-revelations-2-episode-3.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 103
Connection: close
certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=Resident%20Evil%20Revelations%202%20Episode%203%20Download&time=1663269886688&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fberbagimod.blogspot.com%2F2015%2F03%2Fresident-evil-revelations-2-episode-3.html&random_number=13679752508&sess_cookie=78f2ceab183429c5adfc238a5c0&sess_cookie_flag=1&user_cookie=c94a9f5a18341edf61d15352edb&user_cookie_flag=0&dynamic=true&domain=berbagimod.blogspot.com&account=wcguj1agkg00wv&jsv=20130128&user_lang=en-US
54.230.111.32200 OK 43 B URL HTTP/1.1 certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=Resident%20Evil%20Revelations%202%20Episode%203%20Download&time=1663269886688&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fberbagimod.blogspot.com%2F2015%2F03%2Fresident-evil-revelations-2-episode-3.html&random_number=13679752508&sess_cookie=78f2ceab183429c5adfc238a5c0&sess_cookie_flag=1&user_cookie=c94a9f5a18341edf61d15352edb&user_cookie_flag=0&dynamic=true&domain=berbagimod.blogspot.com&account=wcguj1agkg00wv&jsv=20130128&user_lang=en-US
IP 54.230.111.32:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=Resident%20Evil%20Revelations%202%20Episode%203%20Download&time=1663269886688&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fberbagimod.blogspot.com%2F2015%2F03%2Fresident-evil-revelations-2-episode-3.html&random_number=13679752508&sess_cookie=78f2ceab183429c5adfc238a5c0&sess_cookie_flag=1&user_cookie=c94a9f5a18341edf61d15352edb&user_cookie_flag=0&dynamic=true&domain=berbagimod.blogspot.com&account=wcguj1agkg00wv&jsv=20130128&user_lang=en-US HTTP/1.1
Host: certify.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 15 Sep 2022 02:27:38 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S7FvoZ2F015_ANz6GtlSJvD3FEcY4bKZvVwN2wWLtSuhkKIZ6NVeAQ==
Age: 61045
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:02 GMT
Last-Modified: Thu, 15 Sep 2022 19:07:34 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
serve.popads.net/c?_=BAYAYyNPaQFjI3wOgAGBAsAAIMU6_GNraGo5LkZq_YbCifjokLjrC7PdEH-dN8KB2y4pwQBIMEYCIQCrqCLifsOn38j1RNO-XjmO0EbFUCSi8ljwbNYHCPXbsAIhAMvZS_PFjMdcFg-fP1FMJ00kEItmTogKYvx16n9cSt9W&v=4&siteId=334241&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
216.21.13.11200 OK 1.2 kB URL HTTP/1.1 serve.popads.net/c?_=BAYAYyNPaQFjI3wOgAGBAsAAIMU6_GNraGo5LkZq_YbCifjokLjrC7PdEH-dN8KB2y4pwQBIMEYCIQCrqCLifsOn38j1RNO-XjmO0EbFUCSi8ljwbNYHCPXbsAIhAMvZS_PFjMdcFg-fP1FMJ00kEItmTogKYvx16n9cSt9W&v=4&siteId=334241&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP 216.21.13.11:0
File type ASCII text, with very long lines (1159), with no line terminators
Hash 57a19ff352d2eb1032168d419f399613
f19539e7f224ed48fa5dd5ed961b2a112fa1ea09
0f92136ae70cb0dbc7bdb13e9117374e5ce445c09a17f69acfc961782f4f58da
GET /c?_=BAYAYyNPaQFjI3wOgAGBAsAAIMU6_GNraGo5LkZq_YbCifjokLjrC7PdEH-dN8KB2y4pwQBIMEYCIQCrqCLifsOn38j1RNO-XjmO0EbFUCSi8ljwbNYHCPXbsAIhAMvZS_PFjMdcFg-fP1FMJ00kEItmTogKYvx16n9cSt9W&v=4&siteId=334241&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Thu, 15-Sep-2022 20:25:02 GMT; Max-Age=3600
fraudcheck=5fd02b8780a33025e6b6693e7603de33; expires=Sat, 15-Oct-2022 19:25:02 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Fri, 16-Sep-2022 01:25:02 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 1159
date: Thu, 15 Sep 2022 19:25:02 GMT
ae22fc48e19ce19a172d06ea046963754.profile.ord58-p7.cloudfront.net/test.png
18.154.192.68200 OK 58 B URL HTTP/1.1 ae22fc48e19ce19a172d06ea046963754.profile.ord58-p7.cloudfront.net/test.png
IP 18.154.192.68:0
File type ASCII text, with no line terminators
Hash b1935f865a4eade8564b6ef4b022f27f
f42746792e52473c4d9e152aceb7080550d3c1e5
21c52b1622a4539bf82dbc7fd4a2638cdde3b8151697eb5c4d3dbb426576fbaa
GET /test.png HTTP/1.1
Host: ae22fc48e19ce19a172d06ea046963754.profile.ord58-p7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: CloudFront
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: text/plain
Content-Length: 58
Connection: keep-alive
Expires: Thu, 15 Sep 2022 19:25:02 GMT
Cache-Control: max-age=0
X-Amz-Cf-Id: NSkDeR35QoRAqqxETyqPXv7P6DjOufJk48qeV2CFIO3gqZ5f8Dd2cw==
X-Cache: RoutingProfileExp from cloudfront
Via: 1.1 d2781cbc5b051eea1dbcba637ac10784.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
e1.o.lencr.org/
23.36.76.225200 OK 344 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash a31036cd5a550b3cf01874c570035fda
edad1d18dc8c2be1239382cd704ee5d96e74bf88
82a051924eb9f3eaffddd5c9bc648f5b4548953b2ac428032a09d6efaaceb477
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "82A051924EB9F3EAFFDDD5C9BC648F5B4548953B2AC428032A09D6EFAACEB477"
Last-Modified: Thu, 15 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10132
Expires: Thu, 15 Sep 2022 22:13:54 GMT
Date: Thu, 15 Sep 2022 19:25:02 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 88585c9219a9ce565c70ecc0c28bd40a
cff3c785936486cc9800b38bf9b37e9d424c9a89
d3f4f585b326c19f0279b48de7dc23fe9d2ced370b7176b48f58b92a5337f223
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 23:33:41 GMT
Expires: Wed, 21 Sep 2022 23:33:40 GMT
Etag: "cff3c785936486cc9800b38bf9b37e9d424c9a89"
Cache-Control: max-age=532717,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b3befb3cdfb503-OSL
s10.histats.com/counters/cc_407.js
46.105.201.240200 OK 11 kB URL HTTP/2 s10.histats.com/counters/cc_407.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (21709), with no line terminators
Hash 5a8d470fd81868ab54884f9a6451a708
cfea8aa92d01fe740ddb8e9ad8adb2d29c84f51e
c5a1bb235d7a2ec92a761cd05c43b9fa83b45d9d171b1c3319a0276131434e5f
GET /counters/cc_407.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 19:18:53 GMT
etag: "399042403"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 220037320
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 10590
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 664 B IP 104.18.32.68:0
File type GIF image data, version 87a, 61 x 13\012- data
Hash 0b39e7c28de1f9efc248f94e9ead8a25
f6e666b3198fdb8e24e1d68a28aeb6dd8876851c
98277f51d6bd44c884296de408192a073a9eea421a5c40d5dd3b9480ae7b98ea
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 23:33:41 GMT
Expires: Wed, 21 Sep 2022 23:33:40 GMT
Etag: "cff3c785936486cc9800b38bf9b37e9d424c9a89"
Cache-Control: max-age=532717,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b3befc6aa80b02-OSL
e1.o.lencr.org/
23.36.76.225200 OK 344 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash a31036cd5a550b3cf01874c570035fda
edad1d18dc8c2be1239382cd704ee5d96e74bf88
82a051924eb9f3eaffddd5c9bc648f5b4548953b2ac428032a09d6efaaceb477
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "82A051924EB9F3EAFFDDD5C9BC648F5B4548953B2AC428032A09D6EFAACEB477"
Last-Modified: Thu, 15 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10132
Expires: Thu, 15 Sep 2022 22:13:54 GMT
Date: Thu, 15 Sep 2022 19:25:02 GMT
Connection: keep-alive
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 19:25:02 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 88585c9219a9ce565c70ecc0c28bd40a
cff3c785936486cc9800b38bf9b37e9d424c9a89
d3f4f585b326c19f0279b48de7dc23fe9d2ced370b7176b48f58b92a5337f223
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:25:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 23:33:41 GMT
Expires: Wed, 21 Sep 2022 23:33:40 GMT
Etag: "cff3c785936486cc9800b38bf9b37e9d424c9a89"
Cache-Control: max-age=532717,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b3befc6eaab503-OSL
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 19:25:02 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=duQgiM__Sr45CSacwqm_6r&dn=TI&cc=1&r=
67.202.105.31200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=duQgiM__Sr45CSacwqm_6r&dn=TI&cc=1&r=
IP 67.202.105.31:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=duQgiM__Sr45CSacwqm_6r&dn=TI&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 16 Sep 2022 19:25:03 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 15 Sep 2022 19:25:02 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0&t=Resident%20Evil%20Revelations%202%20Episode%203%20Download HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 19:25:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 19:25:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 19:25:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 19:25:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1663269886763&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 19:25:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
sc.tynt.com/script/sc/duQgiM__Sr45CSacwqm_6r.js
172.64.151.83200 OK 120 kB URL HTTP/2 sc.tynt.com/script/sc/duQgiM__Sr45CSacwqm_6r.js
IP 172.64.151.83:0
File type HTML document, ASCII text, with very long lines (1709)
Size 120 kB (120045 bytes)
Hash f66a99abfb28d7efc3da0cef8c3b4c4d
f582408cb59f67dd26800f61c12f2f6df40911c9
e7a7d473c954a588575bce0b042028974b5d2a7a6ab169a14daffd00d63e2303
GET /script/sc/duQgiM__Sr45CSacwqm_6r.js HTTP/1.1
Host: sc.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 19:25:02 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
status: 200 OK
x-rack-cache: fresh
cache-control: max-age=86400, public, s-maxage=172800
last-modified: Wed, 14 Sep 2022 14:13:07 GMT
x-xss-protection: 1; mode=block
x-request-id: 59840104-a19b-418b-8219-336722f2f33b
x-content-digest: 393debe7eda28d14bb33edab2f2be76fe41f92ef
x-runtime: 0.002937
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Fri, 16 Sep 2022 04:33:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13400
server: cloudflare
cf-ray: 74b3befc8be4fac4-OSL
X-Firefox-Spdy: h2
chkme.com/seo-berbagimod.blogspot.com.png
35.208.209.48404 Not Found 42 kB URL HTTP/2 chkme.com/seo-berbagimod.blogspot.com.png
IP 35.208.209.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (29060), with CRLF, LF line terminators
Hash 051a540089a54a0a12ba2a8e7a9996c5
4d2e23cc11d830810166c1dd0ba44cb27d1d0ebe
8a102d6ad157711c0d45e3cb36aee5f3415b609a4a828e6e4a2fff7f49fc88d0
GET /seo-berbagimod.blogspot.com.png HTTP/1.1
Host: chkme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Thu, 15 Sep 2022 19:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://chkme.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding, Accept-Encoding
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:03 GMT
Last-Modified: Thu, 15 Sep 2022 19:07:34 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:03 GMT
Last-Modified: Thu, 15 Sep 2022 19:07:34 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4890
Cache-Control: max-age=134836
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:03 GMT
Etag: "6322d4a9-1d7"
Expires: Sat, 17 Sep 2022 08:52:19 GMT
Last-Modified: Thu, 15 Sep 2022 07:30:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2590
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:25:03 GMT
Last-Modified: Thu, 15 Sep 2022 18:41:53 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 19:25:02 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 16 Oct 2022 19:25:02 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 5025
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b3bef919fbb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pingmyurl.com/pingmyurl100x31.png
192.169.244.12404 Not Found 0 B URL HTTP/1.1 pingmyurl.com/pingmyurl100x31.png
IP 192.169.244.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /pingmyurl100x31.png HTTP/1.1
Host: pingmyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 404 Not Found
Date: Thu, 15 Sep 2022 19:25:00 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
free-cosmetics-online.com/favicon.ico
104.21.23.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 104.21.23.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 15 Sep 2022 19:25:02 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 24
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5L7qnRKHjMsuubOWBqOrb4yyqNdkHdw1BdKS7gCiiuFyurhspaRLJAmdvRhrI98ScLl9BYZyCWSOwoOuo7S3NYHH1TeUVlvEH3Br0TIxX8mrhrk2efE1De6%2BryHsEI%2F0QeGRv2%2Fx1a%2BPSD%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74b3befc8a780b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2