firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 17:07:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5EKHkdf-7Pv_KJjmEhrO4_7e8sPIwFXYKVjU4dnfH3AbgPZrl0MXig==
Age: 2268
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RuciS6gCU7BAnZa_iLgpl-SLS22_VmsAw_ToY-1UGo8Tl5MU6ppdVw==
age: 37699
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14596
Expires: Sun, 11 Sep 2022 21:48:47 GMT
Date: Sun, 11 Sep 2022 17:45:31 GMT
Connection: keep-alive
tamimnassar.blogspot.com/2022/03/star-wars-figuren-zum-ausmalen.html
142.250.74.161301 Moved Permanently 215 B URL HTTP/1.1 tamimnassar.blogspot.com/2022/03/star-wars-figuren-zum-ausmalen.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 821d7b0ca4c0c6e9a23953987da72aa4
8fca2c2b8d22ff64ea9e157eeafa50183ac4bc3c
be8d6819f01a54bdfcf05908c9a557ab53ec1b3038d7480b39fe4c426ef5ee8c
GET /2022/03/star-wars-figuren-zum-ausmalen.html HTTP/1.1
Host: tamimnassar.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://tamimnassar.blogspot.com/2022/03/star-wars-figuren-zum-ausmalen.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 11 Sep 2022 17:45:31 GMT
Expires: Sun, 11 Sep 2022 17:45:31 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 215
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d0ea6bf4cc7ee5b4483912776c47dacc
bd1333224cc1beead423969ce903b4a67c13bbf8
46521d14873cd9553052ab9bd601d74ca8278f44d97e3964ff7681b938d953eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 16:56:07 GMT
Expires: Sun, 11 Sep 2022 17:19:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QSKBO1GwPTDcGKGZOA3f8u7b3ypV88zFIyKA_C4wOULfDAnQarTA2Q==
Age: 2964
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3532
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:31 GMT
Last-Modified: Sun, 11 Sep 2022 16:46:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7178a43ba987078296946a97fa2fa609
a43fc4248914b2aa86d6148bfb11fdfc3ef1b759
2844d3e684d0474156afffb8f06e99f0f5b37dd8c7234137c2a3891f4dfb587e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5f137902618b69cb5009f804d05f41a5
7fd17db0ee59063fad57bd86e127f9419b1eb6ca
1266c38381304388041507749390e9adb4435d136d799b5a64879ab2948a9a02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.201200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 08:13:04 GMT
expires: Sat, 09 Sep 2023 08:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 15:01:24 GMT
content-type: text/css
age: 207148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
216.58.207.201200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 14:54:37 GMT
expires: Sat, 09 Sep 2023 14:54:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 15:01:24 GMT
content-type: text/javascript
age: 183055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 02:47:29 GMT
expires: Mon, 11 Sep 2023 02:47:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 53883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/i.pinimg.com/236x/90/72/dd/9072dddcfd321c37c75b67fb3dd18e09.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/i.pinimg.com/236x/90/72/dd/9072dddcfd321c37c75b67fb3dd18e09.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/236x/90/72/dd/9072dddcfd321c37c75b67fb3dd18e09.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/236x/90/72/dd/9072dddcfd321c37c75b67fb3dd18e09.jpg
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0712a01881facad69129a07308dc8210
e608cf81282913cb0941a2d48b7274b2902ec7d4
0c1254ba63c04fb3f82027c2b1b5d89093bafc795db782cdc85be4f27ae2cb13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/g/jquery.easing@1.3(jquery.easing.1.3.min.js),sharrre@1.3.5(jquery.sharrre.min.js),postscribe@1.3.2(postscribe.min.js)
151.101.85.229200 OK 9.0 kB URL HTTP/2 cdn.jsdelivr.net/g/jquery.easing@1.3(jquery.easing.1.3.min.js),sharrre@1.3.5(jquery.sharrre.min.js),postscribe@1.3.2(postscribe.min.js)
IP 151.101.85.229:0
File type ASCII text, with very long lines (13990), with CRLF, CR, LF line terminators
Hash ee3b968a781e0801c61e82150ae5a83b
4736fe6997104489872bc1f9e7df8b37aca3d196
d30bfe29c8cfdf2389a7e00db55c1c890eca0827f1b2d8932254fa828b0ca8ea
GET /g/jquery.easing@1.3(jquery.easing.1.3.min.js),sharrre@1.3.5(jquery.sharrre.min.js),postscribe@1.3.2(postscribe.min.js) HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"6f13-AhPdvB5Mu2fJEu7Jm094JHhH44M"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Sep 2022 17:45:32 GMT
age: 4126246
x-served-by: cache-fra19150-FRA, cache-bma1649-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 8999
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5f137902618b69cb5009f804d05f41a5
7fd17db0ee59063fad57bd86e127f9419b1eb6ca
1266c38381304388041507749390e9adb4435d136d799b5a64879ab2948a9a02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tamimnassar.blogspot.com/2022/03/star-wars-figuren-zum-ausmalen.html
142.250.74.161200 OK 87 kB URL HTTP/2 tamimnassar.blogspot.com/2022/03/star-wars-figuren-zum-ausmalen.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3880)
Hash 05b8c03bb6f913138b98761db0d77ddb
1128e85abd0e4eb22d5f5c7081d485dc528269a2
52cb1b8c0c43957cb9ff46df8d1df57c470d3473e059fa97e935c721112b50c0
GET /2022/03/star-wars-figuren-zum-ausmalen.html HTTP/1.1
Host: tamimnassar.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 11 Sep 2022 17:45:31 GMT
date: Sun, 11 Sep 2022 17:45:31 GMT
cache-control: private, max-age=0
last-modified: Sun, 11 Sep 2022 01:50:53 GMT
etag: W/"18d46b8e6c75aedbd58fda348d09df2ee9f95c74130972ee8e8916d9671d0c4b"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 86718
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Sun, 11 Sep 2022 17:45:32 GMT
expires: Sun, 11 Sep 2022 17:45:32 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a362ed935f69c0db"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_24.jpg
192.0.77.2200 OK 28 kB URL HTTP/2 i1.wp.com/www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_24.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 357x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 590ec624cea2df8370da32c36f4f5426
0b8120c619271417b150e998668f46fe86c32818
33dc7b2c9987aff68b4328fcf82c78c6679d8625a3e08f85c04a8f95794291f7
GET /www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_24.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 28262
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_24.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "97a69f21ca867a78"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash ba150bdcdf5b59720cb0cd89ce3ac1ff
ae2716420af86e47858ce4088c85c004a899aafc
03ee1c0959019eeca2c56877d4f3796fd8f4ee6e6ca6fc5b082861635b09873c
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 17:45:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "5B2CD9D0404996661FDE7A46DF9E5171E4028067"
Expires: Mon, 12 Sep 2022 05:00:00 GMT
Last-Modified: Sun, 11 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1267
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749237b88c011bfa-OSL
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tamimnassar.blogspot.com
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:09:41 GMT
expires: Tue, 05 Sep 2023 21:09:41 GMT
cache-control: public, max-age=31536000
age: 506151
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tamimnassar.blogspot.com
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 339084
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PX8ECFLM0GZwzxpIieFBqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tJbBiMQLtF0EyXCCCJMrIFZzIGs=
www.blogger.com/dyn-css/authorization.css?targetBlogID=1133181461806806078&zx=e4d51587-b33d-49e3-957a-5a3918c4b7d1
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1133181461806806078&zx=e4d51587-b33d-49e3-957a-5a3918c4b7d1
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1133181461806806078&zx=e4d51587-b33d-49e3-957a-5a3918c4b7d1 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 17:45:32 GMT
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_56.jpg
192.0.77.2200 OK 24 kB URL HTTP/2 i1.wp.com/www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_56.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 357x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2fddb1118e80698e03d25ed30c5f63e5
060e6af05b289825023c1720b17c59a863ed51e6
419a76bf05f9037663f218536aaaba5c0b7204d57c35299be60fa554867e9a06
GET /www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_56.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 24134
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://www.kids-n-fun.de/kleurplaatjes/starwars/thumb/starwarz_56.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3179a99c914eb225"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/www.steinchenwelt.net/mediafiles/Bilder/LEGO75534_StarWarsDarthVaderbeisteinchenwelt.jpg
192.0.77.2200 OK 10 kB URL HTTP/2 i0.wp.com/www.steinchenwelt.net/mediafiles/Bilder/LEGO75534_StarWarsDarthVaderbeisteinchenwelt.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 466x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 350c3cca856060c5023d56838465c488
4dd26abff59d52e08fbc643dc73579f95ee31162
14852a96f7d78a11effd09eda049fdeaa673444e3d2eb4b9faba419d09f58873
GET /www.steinchenwelt.net/mediafiles/Bilder/LEGO75534_StarWarsDarthVaderbeisteinchenwelt.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 10216
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://www.steinchenwelt.net/mediafiles/Bilder/LEGO75534_StarWarsDarthVaderbeisteinchenwelt.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ee7c8bd6f3612c4d"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1VY6pw4xnyS6-xa63SkJMkvau14LNuTXvDSIbTy-lRY7LtqKOd_xdvEv7rh5NQTgc9h1OTbEz3RGMqJT0Yw_OHjMwKT3frdLQHQiiF0YSjaBRarpCX5JZetHTE13q-iX8qxEJUz-Fqp5lXXd-plg=w72-h72-p-k-no-nu
142.250.74.1404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1VY6pw4xnyS6-xa63SkJMkvau14LNuTXvDSIbTy-lRY7LtqKOd_xdvEv7rh5NQTgc9h1OTbEz3RGMqJT0Yw_OHjMwKT3frdLQHQiiF0YSjaBRarpCX5JZetHTE13q-iX8qxEJUz-Fqp5lXXd-plg=w72-h72-p-k-no-nu
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash d4bb8e36827b3d7e00574b1aa01b75a5
b7ebf84480d9bf7bafcef70b03c1c6945f66ba30
ff8828b30ef596842b0be8aa31c62700058cd7f72eec3c75f9f5e888ca897709
GET /blogger_img_proxy/ANbyha1VY6pw4xnyS6-xa63SkJMkvau14LNuTXvDSIbTy-lRY7LtqKOd_xdvEv7rh5NQTgc9h1OTbEz3RGMqJT0Yw_OHjMwKT3frdLQHQiiF0YSjaBRarpCX5JZetHTE13q-iX8qxEJUz-Fqp5lXXd-plg=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 17:45:32 GMT
server: fife
content-length: 1751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d136b7fb89512213861800135b7ca1eb
074ba041ac760efb9729ac124e61d9df01c1251d
ebadb5af3db8331727c08e8ed0f7a8feea9f079988fc64670c2242e56e8cfa7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Last-Modified: Sun, 11 Sep 2022 16:51:09 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 279
i0.wp.com/www.ausmalbilder.info/malbuch/Star%20Wars/thumbs/star-wars-73_m.jpg
192.0.77.2200 OK 8.4 kB URL HTTP/2 i0.wp.com/www.ausmalbilder.info/malbuch/Star%20Wars/thumbs/star-wars-73_m.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 157x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e430fc7123cc56a60c9393488cefcc1
f41da60df125e00b6276299e529f474c65d68c06
299cee773c5f2d0a91cce9ce9da86d1647f3b7116cd92ba33622910b6187aa88
GET /www.ausmalbilder.info/malbuch/Star%20Wars/thumbs/star-wars-73_m.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 8424
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://www.ausmalbilder.info/malbuch/Star%20Wars/thumbs/star-wars-73_m.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a3bb2fa98d57ac8c"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1-ywRD10rZ-X5m7q4H3WNOAUHfsTwcMIiox0NxKMM8yN23G_gBFyRzupWTgPthWmYdsxL-vqBKzcunUdA97xre7C6g4f4uWgY8GcCs9yHXBl5o-1Nb_pA6cl-L4zQv0gwt_ows1Z5H=w72-h72-p-k-no-nu
142.250.74.1200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1-ywRD10rZ-X5m7q4H3WNOAUHfsTwcMIiox0NxKMM8yN23G_gBFyRzupWTgPthWmYdsxL-vqBKzcunUdA97xre7C6g4f4uWgY8GcCs9yHXBl5o-1Nb_pA6cl-L4zQv0gwt_ows1Z5H=w72-h72-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash bf105d7fd6296c40417f10bfbac9da77
10ae037ac59a1c64b65b50dbe80e77760e61f80a
483416f776982087e00e147b912bdf7a127e79244b0341b9e77d15c2be0ba53e
GET /blogger_img_proxy/ANbyha1-ywRD10rZ-X5m7q4H3WNOAUHfsTwcMIiox0NxKMM8yN23G_gBFyRzupWTgPthWmYdsxL-vqBKzcunUdA97xre7C6g4f4uWgY8GcCs9yHXBl5o-1Nb_pA6cl-L4zQv0gwt_ows1Z5H=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 12 Sep 2022 17:45:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 17:45:32 GMT
server: fife
content-length: 1899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/jf-staeulalia.pt/img/other/14/collection-star-wars-line-art-3.jpg
192.0.77.2200 OK 56 kB URL HTTP/2 i1.wp.com/jf-staeulalia.pt/img/other/14/collection-star-wars-line-art-3.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 607x850, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d81a97ad42d5da3f1a7a7153dd3a94ad
5c2b9c8d25308e6ae00fc293e74fbf43a3623259
0372e7426751424cf3345bba71dbb9951d6e4af24e9072bbc739649421ae7249
GET /jf-staeulalia.pt/img/other/14/collection-star-wars-line-art-3.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 56356
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://jf-staeulalia.pt/img/other/14/collection-star-wars-line-art-3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a3aad85348720f65"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.freshdads.com/sites/default/files/HarryPotter31.jpg
192.0.77.2200 OK 118 kB URL HTTP/2 i0.wp.com/www.freshdads.com/sites/default/files/HarryPotter31.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 567x794, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 118 kB (117614 bytes)
Hash af424e043d51f22ceaebee8168d34a94
1fb5436e3f7f64438db16ecdede62e2fcc66ae15
ee6f00d1be67b4dc5b9b952dc2c2e7192101ae635b9a362feb21d53132480c83
GET /www.freshdads.com/sites/default/files/HarryPotter31.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 117614
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://www.freshdads.com/sites/default/files/HarryPotter31.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e72994eda0a10eb1"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d136b7fb89512213861800135b7ca1eb
074ba041ac760efb9729ac124e61d9df01c1251d
ebadb5af3db8331727c08e8ed0f7a8feea9f079988fc64670c2242e56e8cfa7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Last-Modified: Sun, 11 Sep 2022 16:51:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.2200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.2:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Sat, 10 Sep 2022 20:42:29 GMT
expires: Sat, 24 Sep 2022 20:42:29 GMT
cache-control: public, max-age=1209600
age: 75783
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/blog.mytoys.de/wp-content/uploads/2017/03/myToys_Malvorlagen_StarWars_Klonkrieger-216x300.jpg
192.0.77.2200 OK 7.6 kB URL HTTP/2 i1.wp.com/blog.mytoys.de/wp-content/uploads/2017/03/myToys_Malvorlagen_StarWars_Klonkrieger-216x300.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 216x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1fa9addc091bd114c90cc2c52b4dc213
7019c1f0ab3a556e824e7fda7e1e7d049f530244
c5645e8587fee969e7319570f798540c6445ba9c9ff22aa71b15c7084456cf6a
GET /blog.mytoys.de/wp-content/uploads/2017/03/myToys_Malvorlagen_StarWars_Klonkrieger-216x300.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 7562
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://blog.mytoys.de/wp-content/uploads/2017/03/myToys_Malvorlagen_StarWars_Klonkrieger-216x300.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "44a68d97dbed4c19"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/jedi-bibliothek.de/blog/wp-content/uploads/2016/09/Ravensburger-Ausmalen-Vorschauseite-2.jpg
192.0.77.2200 OK 72 kB URL HTTP/2 i0.wp.com/jedi-bibliothek.de/blog/wp-content/uploads/2016/09/Ravensburger-Ausmalen-Vorschauseite-2.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x724, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d17fc677e1db888c1ae34792d89fe1bb
3b4553dace3f574ff002c4c555430472e7d1605e
1590dca7fd9e5afef7d263099581daecb1e006ee2ed41ccd00db9f974fce0a88
GET /jedi-bibliothek.de/blog/wp-content/uploads/2016/09/Ravensburger-Ausmalen-Vorschauseite-2.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 71532
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://jedi-bibliothek.de/blog/wp-content/uploads/2016/09/Ravensburger-Ausmalen-Vorschauseite-2.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "131141539d2a7cdf"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/www.projektstarwars.de/proxy.php?image=http%3A%2F%2Ffc02.deviantart.net%2Ffs70%2Ff%2F2011%2F263%2Fc%2Fe%2Fstar_wars___the_sniper_by_konquistador-d4aeoa7.png&hash=6d3653422a549138e3d89f7c49aab30b
192.0.77.2400 Bad Request 32 kB URL HTTP/2 i1.wp.com/www.projektstarwars.de/proxy.php?image=http%3A%2F%2Ffc02.deviantart.net%2Ffs70%2Ff%2F2011%2F263%2Fc%2Fe%2Fstar_wars___the_sniper_by_konquistador-d4aeoa7.png&hash=6d3653422a549138e3d89f7c49aab30b
IP 192.0.77.2:0
Hash e4edb4b14c570898ff21cbf8761512dd
4ebd3939edf27118f8d52ba53adc2c82192b4995
ab1bd165d0af2c8716d281dd1d375dc8f806997344fe9adf1385435acd81f23c
GET /www.projektstarwars.de/proxy.php?image=http%3A%2F%2Ffc02.deviantart.net%2Ffs70%2Ff%2F2011%2F263%2Fc%2Fe%2Fstar_wars___the_sniper_by_konquistador-d4aeoa7.png&hash=6d3653422a549138e3d89f7c49aab30b HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 4
X-Firefox-Spdy: h2
i0.wp.com/ausmalbilderfurerwachsene.com/resources/historie/gwiezdne-wojny1/kolorowanki-gwiezdne-wojny3.jpg
192.0.77.2200 OK 94 kB URL HTTP/2 i0.wp.com/ausmalbilderfurerwachsene.com/resources/historie/gwiezdne-wojny1/kolorowanki-gwiezdne-wojny3.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 722x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9824363c445f715d09d5d118c8140408
3823223d3a2df93e91c53a1d8ec5fe9143f4c965
72d9bb88631978180c51e45850d466aa90b905e6f229bcff019c46d7ae1353bc
GET /ausmalbilderfurerwachsene.com/resources/historie/gwiezdne-wojny1/kolorowanki-gwiezdne-wojny3.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 93820
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://ausmalbilderfurerwachsene.com/resources/historie/gwiezdne-wojny1/kolorowanki-gwiezdne-wojny3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9d9351f579bffb4a"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
bestbestfree.com/01bestbestfree.js
172.67.183.31200 OK 11 kB URL HTTP/2 bestbestfree.com/01bestbestfree.js
IP 172.67.183.31:0
File type HTML document, ASCII text, with very long lines (6051), with CRLF line terminators
Hash dde5f712b2d10b776085cbfc88705e54
8a7bdf791be83861e25671b56eb152593e7ca789
c334b35aed94c306331ee24dd559ff117f849a917da06f0181b0695e71196388
GET /01bestbestfree.js HTTP/1.1
Host: bestbestfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: application/javascript
last-modified: Tue, 18 Jan 2022 15:57:35 GMT
vary: Accept-Encoding
etag: W/"61e6e36f-34b8"
expires: Sun, 02 Oct 2022 07:34:02 GMT
cache-control: public, max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 814290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CywCCnBQA3cOsXAdgAjI1fdLx7z6WtFZpbVx0TeskOUut8PAgdA%2FbS402nSgCOCpsVbF4zpqXIl4Kvs29tymcwZIF1sNul9AUU84aMhDnKnJi0AeSsIuQz4jGx0PlnKu7oqj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749237b97c380b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i1.wp.com/mylitlekid.com/de//assets/gallery/401/13483.jpg
192.0.77.2200 OK 116 kB URL HTTP/2 i1.wp.com/mylitlekid.com/de//assets/gallery/401/13483.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 116 kB (115546 bytes)
Hash 69689e7a1a58f16797876ef7456e70d6
9acb3d822fff266ad6a03dceee5f9a70195d3ac7
f146f3a4f56279b750f0b0168ecc0e0aaebbfef4c9513bc662b74cfdb6d0dd02
GET /mylitlekid.com/de//assets/gallery/401/13483.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 115546
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://mylitlekid.com/de//assets/gallery/401/13483.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2fa53d88fbc96cb6"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0-i1jWeuHaYb6KRgY9R4Slh_-_EK50PAOm_zLFGbBwJRMTLog6Nzlk7LvakM9yGxO5rcjn0mn3VRPPyrs5q_Gowt6Edjn5v-URyGrQsTDUzhIYIV5E8E7KtwOPx-pZq8BgHEnOS-_8IVO0WtxiWVzF97KjqhmYmvAQ=w72-h72-p-k-no-nu
142.250.74.1200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0-i1jWeuHaYb6KRgY9R4Slh_-_EK50PAOm_zLFGbBwJRMTLog6Nzlk7LvakM9yGxO5rcjn0mn3VRPPyrs5q_Gowt6Edjn5v-URyGrQsTDUzhIYIV5E8E7KtwOPx-pZq8BgHEnOS-_8IVO0WtxiWVzF97KjqhmYmvAQ=w72-h72-p-k-no-nu
IP 142.250.74.1:0
File type GIF image data, version 89a, 72 x 72\012- data
Hash 9de14c7c05eba3fbf4dfef930c16d78e
59d5cb4096943543db4586f07256c10cc5df91f2
af5c95005357aec083e0882470ee51277a78c552f42d09cc853a78fa35476d32
GET /blogger_img_proxy/ANbyha0-i1jWeuHaYb6KRgY9R4Slh_-_EK50PAOm_zLFGbBwJRMTLog6Nzlk7LvakM9yGxO5rcjn0mn3VRPPyrs5q_Gowt6Edjn5v-URyGrQsTDUzhIYIV5E8E7KtwOPx-pZq8BgHEnOS-_8IVO0WtxiWVzF97KjqhmYmvAQ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 12 Sep 2022 17:45:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 17:45:32 GMT
server: fife
content-length: 4404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/www.koolkidsdaycare.com/images/Winnie_The_Pooh.gif
192.0.77.2200 OK 45 kB URL HTTP/2 i1.wp.com/www.koolkidsdaycare.com/images/Winnie_The_Pooh.gif
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1b30c5e4ec3e92d62931beaaf557d377
7dc5c5b27315b2e7aeb0e5e06425442b9c791d17
8af2b1ab6b37946b45ec53186b559dfde0af886a430e28628291643590190b39
GET /www.koolkidsdaycare.com/images/Winnie_The_Pooh.gif HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: image/webp
content-length: 45322
last-modified: Sun, 11 Sep 2022 17:45:32 GMT
expires: Wed, 11 Sep 2024 05:45:32 GMT
cache-control: public, max-age=63115200
link: <http://www.koolkidsdaycare.com/images/Winnie_The_Pooh.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "826127926b3bc876"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/blog.mytoys.de/wp-content/uploads/2021/04/Star-Wars-Ausmalbilder-Mando-The-Mandalorian.jpg
192.0.77.2200 OK 103 kB URL HTTP/2 i0.wp.com/blog.mytoys.de/wp-content/uploads/2021/04/Star-Wars-Ausmalbilder-Mando-The-Mandalorian.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1190x1684, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 103 kB (102592 bytes)
Hash 6962bb6a13680aa6ee9dc3edab063511
f520d577507545aded76de0a17aaf5fd5a897f0a
6c72c2e730471614fd5b6e29b8dff5681b426e974a5f24c84b3905591696ec5a
GET /blog.mytoys.de/wp-content/uploads/2021/04/Star-Wars-Ausmalbilder-Mando-The-Mandalorian.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:33 GMT
content-type: image/webp
content-length: 102592
last-modified: Sun, 11 Sep 2022 17:45:33 GMT
expires: Wed, 11 Sep 2024 05:45:33 GMT
cache-control: public, max-age=63115200
link: <http://blog.mytoys.de/wp-content/uploads/2021/04/Star-Wars-Ausmalbilder-Mando-The-Mandalorian.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b4a37f4da9143dc5"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da7b1c24eee0db0c23872933557b7521
b8bc1215b4073784c048587e51a40152bd88c8ed
6ba38b5c68971135ed3f1fbe7afa658ce883240142a4244ce7d84fa251a64c3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 670 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 24fb827545f0df82ba9ce873507284b7
9b19dbdd1f7e262643f5c8937bd71b8b4bbf51e9
8c9289a263ad355d61c55a414ea621a8019e6355e2532825d03d39e0e59292b0
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 11 Sep 2022 17:45:33 GMT
date: Sun, 11 Sep 2022 17:45:33 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 670
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ed7401dda70b56e29c7fe566f7dac27
921925088cf933b3a870276c9a22acf38f578624
d43a4a1e46cc0f637a95824dac6e85e138bd0f83941695cceac08544e508055c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D43A4A1E46CC0F637A95824DAC6E85E138BD0F83941695CCEAC08544E508055C"
Last-Modified: Sat, 10 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5572
Expires: Sun, 11 Sep 2022 19:18:25 GMT
Date: Sun, 11 Sep 2022 17:45:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f9586374bb1bef58a7f21c55bdcccbcf
f4dfc53e23c579b828c19a2ab88d095b05d7b8df
545d01bc8dd9ba4d616be5179a3ae220c605bfba00982fd639835ca09a4dc56f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "545D01BC8DD9BA4D616BE5179A3AE220C605BFBA00982FD639835CA09A4DC56F"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5568
Expires: Sun, 11 Sep 2022 19:18:21 GMT
Date: Sun, 11 Sep 2022 17:45:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11901
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 17:45:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11901
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 17:45:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11901
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 17:45:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11901
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 17:45:33 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 17:40:48 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 1054507268
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:50:01 GMT
age: 60932
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe7cd8a3-d14f-4b0a-852b-f5b637f631ac.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe7cd8a3-d14f-4b0a-852b-f5b637f631ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2d317543d935b1e691a0523c437e83
88adc81c040e8fc7246652362b12cb0c659dcd7a
ae5884ed08ff32caf1383a91a95c47c9dc0298fd38568d3d00cedf8d3b7e9ce3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe7cd8a3-d14f-4b0a-852b-f5b637f631ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10091
x-amzn-requestid: dbc13b68-f749-47fa-b2f0-ae8f9bb6724a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIgtEVRoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d879d-3dccc84a07c8cc7906351bbe;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:45 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TGByMzndAcW2Z4o_Hm_eelKqigueFQRv1pWYPM2WQB7YLRtVLT60OA==
via: 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 07:02:36 GMT
age: 38577
etag: "88adc81c040e8fc7246652362b12cb0c659dcd7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 13166
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 71285
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c65d6ae04a64d9d01439fb4fca3f017
5ce0bc5b075b97639453d67d4f3cea61289b7698
eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16983
x-amzn-requestid: ed588125-de1d-47ae-a5d5-81ab8c2a8105
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRTpmH69oAMFYAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d330a-46ea16040beedf3903d87ec3;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 00:59:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iBwfZ5Vm2pbcO9zLGNtT2c0n6oZ9u-JjgIvbG47d4s6049ehYmXZ4w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 04:26:46 GMT
age: 47927
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 72147
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQTG0AFxTWC0hZ8SKjz94g-7pQ2vfcTputkrw&usqp=CAU
192.0.77.2404 Not Found 9.9 kB URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQTG0AFxTWC0hZ8SKjz94g-7pQ2vfcTputkrw&usqp=CAU
IP 192.0.77.2:0
Hash eab984389fd61b885b16539b0cf9c655
5c35b3f27619049f9e4c0c077f4d142d25ad629a
e04e5c509f0c7ce5dc97a1de89bbd98345c3f89fd233d874e5c32c3778b3fdc8
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQTG0AFxTWC0hZ8SKjz94g-7pQ2vfcTputkrw&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
i.pinimg.com/236x/90/72/dd/9072dddcfd321c37c75b67fb3dd18e09.jpg
151.101.84.84200 OK 16 kB URL HTTP/2 i.pinimg.com/236x/90/72/dd/9072dddcfd321c37c75b67fb3dd18e09.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 236x242, components 1\012- data
Hash b940e5d5f5763149bc7f71aba28dbac6
ec2ec0934ac2336a01dbf6b50756f86e464c77cd
c76abfae1ac0682aa54cd133d8025d839957ba25d1d962930ac9f25c578766ce
GET /236x/90/72/dd/9072dddcfd321c37c75b67fb3dd18e09.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tamimnassar.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "b940e5d5f5763149bc7f71aba28dbac6"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sun, 11 Sep 2022 17:45:33 GMT
content-length: 15604
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 08717793887508da2b68c46d4bdfaec4
c45b402d8ef46b60c2d4ed0db65483e602b7aa0b
db22377d78648258ddf6df6b60c6c53fff67ea7da838a7119a7753008ddbf547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6586
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:33 GMT
Last-Modified: Sun, 11 Sep 2022 15:55:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
i1.wp.com/i.ytimg.com/vi/KoXy-1KRCXw/sddefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/i.ytimg.com/vi/KoXy-1KRCXw/sddefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/KoXy-1KRCXw/sddefault.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 11 Sep 2022 17:45:33 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/KoXy-1KRCXw/sddefault.jpg
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.ytimg.com/vi/eFmjoqYa55E/maxresdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.ytimg.com/vi/eFmjoqYa55E/maxresdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/eFmjoqYa55E/maxresdefault.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 11 Sep 2022 17:45:33 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/eFmjoqYa55E/maxresdefault.jpg
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/thumbs.gfycat.com/EagerActiveFlies-max-1mb.gif
192.0.77.2200 OK 148 kB URL HTTP/2 i0.wp.com/thumbs.gfycat.com/EagerActiveFlies-max-1mb.gif
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 148 kB (148154 bytes)
Hash 80898a313119527c64e986d0cb91cfc8
5e2087e194108287d0148eed478ff200c5c3f62b
263fa37f9535192f6a0d3c7adcb5b26d6fafe71f637d1b19a60b189b8459a7b7
GET /thumbs.gfycat.com/EagerActiveFlies-max-1mb.gif HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:33 GMT
content-type: image/webp
content-length: 148154
last-modified: Wed, 07 Sep 2022 09:06:47 GMT
expires: Fri, 06 Sep 2024 21:06:47 GMT
cache-control: public, max-age=63115200
link: <http://thumbs.gfycat.com/EagerActiveFlies-max-1mb.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "baa892a24e7a8a39"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 645f87ab673d0c7d50dd689cee202801
55a4c28d5435cb616c9df1215ca0fabb4a35f010
3d85b3085b5119871208204334b6f360462ca03942611a11f80686fe86cce80e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/eFmjoqYa55E/maxresdefault.jpg
172.217.21.182200 OK 63 kB URL HTTP/2 i.ytimg.com/vi/eFmjoqYa55E/maxresdefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 2478b5e792598fcaf0a1f9a2a8fd653a
08c30805825500e6e9052a2c0f4c7bebdadc9bfc
7819fdefd6729a9b1d26d2ddeb2e6703bfd75f26a09d0bbc5d2ee2eb15753563
GET /vi/eFmjoqYa55E/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tamimnassar.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 62756
date: Sun, 11 Sep 2022 17:45:33 GMT
expires: Sun, 11 Sep 2022 19:45:33 GMT
cache-control: public, max-age=7200
etag: "1631615764"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1514
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 11 Sep 2022 17:45:33 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+878; expires=Tue, 10-Sep-2024 17:45:33 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Sep 2022 17:45:33 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 25e0740748990b9579a321d1b28983a2
849ef01a23e905d5a6c4a5f823fad713aa9a05e7
ec3c3120565756a22cb396a95382340b4a14eb69115c66ae5538190907974f8e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 17:45:33 GMT
Last-Modified: Sun, 11 Sep 2022 16:05:08 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U_-7r5RkiIKn9bybe-OkzGN12YXzhedubZPEvlOJOU39oPgkM0lIEQ==
Age: 6025
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 17:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/KoXy-1KRCXw/sddefault.jpg
172.217.21.182200 OK 49 kB URL HTTP/2 i.ytimg.com/vi/KoXy-1KRCXw/sddefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 230582819b81f0fb849272e76ab000ca
bc10dc9de67630c612017c697bb65b98d368e51f
964c159938ed53011d8edc2084347f7a764f5bfe6adc31d465a50bdac994db06
GET /vi/KoXy-1KRCXw/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tamimnassar.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 48894
date: Sun, 11 Sep 2022 17:45:33 GMT
expires: Sun, 11 Sep 2022 19:45:33 GMT
cache-control: public, max-age=7200
etag: "1530743199"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash d47eeab1ca059dc88eb6d9ac1fbf0420
b11694cb3fa347114cf758198a423449a1facbd8
67adb880f9afb47106a694e6d2b51b5542053c11270e483a304065717cc88e16
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tamimnassar.blogspot.com
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 17:45:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://tamimnassar.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=4c429e89-c8ee-484c-94dd-cfda02bf9918:1:1; expires=Wed, 08 Sep 2032 17:45:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4606357&@f16&@g1&@h1&@i1&@j1662918322447&@k0&@l1&@mStar%20Wars%20Figuren%20Zum%20Ausmalen%20%3A%20Ausmalbilder%20Lego%20Star%20Wars%20Malvorlagen%20Kostenlos%20Zum%20Ausdrucken%20%7C%20Tamim%20Nassar&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-167044918&@b3:1662918322&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&@w
198.27.80.143200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4606357&@f16&@g1&@h1&@i1&@j1662918322447&@k0&@l1&@mStar%20Wars%20Figuren%20Zum%20Ausmalen%20%3A%20Ausmalbilder%20Lego%20Star%20Wars%20Malvorlagen%20Kostenlos%20Zum%20Ausdrucken%20%7C%20Tamim%20Nassar&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-167044918&@b3:1662918322&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash 2ac6fec30644b89c7ba9d5bf9ca34082
f8756d020b2a9f6fc582da5b1675ef9e5b316d83
ecde5d2569dc2f2e1b37a0727d394548e509e00c24153fed2a8f073e3e0a86c3
GET /stats/0.php?4606357&@f16&@g1&@h1&@i1&@j1662918322447&@k0&@l1&@mStar%20Wars%20Figuren%20Zum%20Ausmalen%20%3A%20Ausmalbilder%20Lego%20Star%20Wars%20Malvorlagen%20Kostenlos%20Zum%20Ausdrucken%20%7C%20Tamim%20Nassar&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-167044918&@b3:1662918322&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 17:45:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
i0.wp.com/png.pngtree.com/thumb_back/fh260/background/20190221/ourmid/pngtree-national-day-eleven-national-day-friend-girlfriend-image_38742.jpg
192.0.77.2200 OK 8.1 kB URL HTTP/2 i0.wp.com/png.pngtree.com/thumb_back/fh260/background/20190221/ourmid/pngtree-national-day-eleven-national-day-friend-girlfriend-image_38742.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x405, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81099e3a4af0273be5fb05935700cb74
a0e6927ca99315f7b1c1376db9cb5573e81f7e46
7a4de43013147643afaaa0c5b09de823e03e72735fec835ea2d22b12435cf047
GET /png.pngtree.com/thumb_back/fh260/background/20190221/ourmid/pngtree-national-day-eleven-national-day-friend-girlfriend-image_38742.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:34 GMT
content-type: image/webp
content-length: 8096
last-modified: Sun, 11 Sep 2022 17:45:34 GMT
expires: Wed, 11 Sep 2024 05:45:34 GMT
cache-control: public, max-age=63115200
link: <http://png.pngtree.com/thumb_back/fh260/background/20190221/ourmid/pngtree-national-day-eleven-national-day-friend-girlfriend-image_38742.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3aabb9b4f2bd635d"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5062a86b01f1f8de3654dfde17be1b32
263ae6891668d021b3812d08f074899962d280a8
f19e99b8535ff842faee82c41ecc91dcb3204e73d05f9199162f3f2fb7effae4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F19E99B8535FF842FAEE82C41ECC91DCB3204E73D05F9199162F3F2FB7EFFAE4"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18486
Expires: Sun, 11 Sep 2022 22:53:40 GMT
Date: Sun, 11 Sep 2022 17:45:34 GMT
Connection: keep-alive
forgerylimit.com/da/ce/88/dace887d039f088ae0d9952a8b8cb060.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 forgerylimit.com/da/ce/88/dace887d039f088ae0d9952a8b8cb060.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37124), with no line terminators
Hash 156d92a31d59435e3bd0ce7cd40d81a0
bfe06b62b5ec2f599fe2415a9665e68a7ee1f590
7a00df4d8051077734d795c41ed70d1e443189669ad12d7120fdab0eedcbaa6b
Analyzer Verdict Alert quad9 Sinkholed
GET /da/ce/88/dace887d039f088ae0d9952a8b8cb060.js HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 17:45:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1e2daa659bc1fae8ef7c93e85351687
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
forgerylimit.com/watch.233513515225.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22star%22%2C%22wars%22%2C%22figuren%22%2C%22zum%22%2C%22ausmalen%22%2C%22ausmalbilder%22%2C%22lego%22%2C%22star%22%2C%22wars%22%2C%22malvorlagen%22%2C%22kostenlos%22%2C%22zum%22%2C%22ausdrucken%22%2C%22tamim%22%2C%22nassar%22%5D&refer=https%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&tz=0&dev=r&res=12.31&uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 forgerylimit.com/watch.233513515225.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22star%22%2C%22wars%22%2C%22figuren%22%2C%22zum%22%2C%22ausmalen%22%2C%22ausmalbilder%22%2C%22lego%22%2C%22star%22%2C%22wars%22%2C%22malvorlagen%22%2C%22kostenlos%22%2C%22zum%22%2C%22ausdrucken%22%2C%22tamim%22%2C%22nassar%22%5D&refer=https%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&tz=0&dev=r&res=12.31&uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.233513515225.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22star%22%2C%22wars%22%2C%22figuren%22%2C%22zum%22%2C%22ausmalen%22%2C%22ausmalbilder%22%2C%22lego%22%2C%22star%22%2C%22wars%22%2C%22malvorlagen%22%2C%22kostenlos%22%2C%22zum%22%2C%22ausdrucken%22%2C%22tamim%22%2C%22nassar%22%5D&refer=https%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&tz=0&dev=r&res=12.31&uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918%3A1%3A1 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tamimnassar.blogspot.com
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 17:45:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://tamimnassar.blogspot.com
Access-Control-Allow-Origin: https://tamimnassar.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://forgerylimit.com/watch.233513515225.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22star%22%2C%22wars%22%2C%22figuren%22%2C%22zum%22%2C%22ausmalen%22%2C%22ausmalbilder%22%2C%22lego%22%2C%22star%22%2C%22wars%22%2C%22malvorlagen%22%2C%22kostenlos%22%2C%22zum%22%2C%22ausdrucken%22%2C%22tamim%22%2C%22nassar%22%5D&refer=https%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&tz=0&dev=r&res=12.31&uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918%3A1%3A1&shu=84c073cce3daa5dc84bcc6a1cd31f1c8ec0b3c4d3d2767d8ee0803a522e670e6f4d3ba1c82e1716af9d2d27649e1d675c3788fd038de60e57e6d8053fd160c191c8adf2e9bde5c5c6d16245ffc8a9c2176a58020&pst=1662918394&rmtc=t
Set-Cookie: u_pl=15928454; expires=Mon, 12 Sep 2022 17:45:34 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjgiOiI0NDEwOGQxODA1NTc2OTQ3NjAxNWY0MjQyY2Y3ZDIyZCIsIjI5IjoiZGFjZTg4N2QwMzlmMDg4YWUwZDk5NTJhOGI4Y2IwNjAifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RhbWltbmFzc2FyLmJsb2dzcG90LmNvbS8yMDIyLzAzL3N0YXItd2Fycy1maWd1cmVuLXp1bS1hdXNtYWxlbi5odG1sIn19.j63hjKNakKIwaNUtaQYKtdlLbyFAJMSNXNabrfZ_gjY; expires=Sun, 11 Sep 2022 17:46:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e0c50db79c741374e0df8adf64f1fb38
Strict-Transport-Security: max-age=0; includeSubdomains
forgerylimit.com/watch.233513515225.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22star%22%2C%22wars%22%2C%22figuren%22%2C%22zum%22%2C%22ausmalen%22%2C%22ausmalbilder%22%2C%22lego%22%2C%22star%22%2C%22wars%22%2C%22malvorlagen%22%2C%22kostenlos%22%2C%22zum%22%2C%22ausdrucken%22%2C%22tamim%22%2C%22nassar%22%5D&refer=https%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&tz=0&dev=r&res=12.31&uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918%3A1%3A1&shu=84c073cce3daa5dc84bcc6a1cd31f1c8ec0b3c4d3d2767d8ee0803a522e670e6f4d3ba1c82e1716af9d2d27649e1d675c3788fd038de60e57e6d8053fd160c191c8adf2e9bde5c5c6d16245ffc8a9c2176a58020&pst=1662918394&rmtc=t
192.243.59.20200 OK 2.1 kB URL HTTP/1.1 forgerylimit.com/watch.233513515225.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22star%22%2C%22wars%22%2C%22figuren%22%2C%22zum%22%2C%22ausmalen%22%2C%22ausmalbilder%22%2C%22lego%22%2C%22star%22%2C%22wars%22%2C%22malvorlagen%22%2C%22kostenlos%22%2C%22zum%22%2C%22ausdrucken%22%2C%22tamim%22%2C%22nassar%22%5D&refer=https%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&tz=0&dev=r&res=12.31&uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918%3A1%3A1&shu=84c073cce3daa5dc84bcc6a1cd31f1c8ec0b3c4d3d2767d8ee0803a522e670e6f4d3ba1c82e1716af9d2d27649e1d675c3788fd038de60e57e6d8053fd160c191c8adf2e9bde5c5c6d16245ffc8a9c2176a58020&pst=1662918394&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2608)
Hash d217ac47af99711e68c08636e20f594a
4693f3a948c331d0fea2daf7d96551dae63ff9c7
2d38e1b6cf3e5ce5cf7d615dc5d9de00a6d37f7bc1b4c1affdbf4f46f95f8217
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.233513515225.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22star%22%2C%22wars%22%2C%22figuren%22%2C%22zum%22%2C%22ausmalen%22%2C%22ausmalbilder%22%2C%22lego%22%2C%22star%22%2C%22wars%22%2C%22malvorlagen%22%2C%22kostenlos%22%2C%22zum%22%2C%22ausdrucken%22%2C%22tamim%22%2C%22nassar%22%5D&refer=https%3A%2F%2Ftamimnassar.blogspot.com%2F2022%2F03%2Fstar-wars-figuren-zum-ausmalen.html&tz=0&dev=r&res=12.31&uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918%3A1%3A1&shu=84c073cce3daa5dc84bcc6a1cd31f1c8ec0b3c4d3d2767d8ee0803a522e670e6f4d3ba1c82e1716af9d2d27649e1d675c3788fd038de60e57e6d8053fd160c191c8adf2e9bde5c5c6d16245ffc8a9c2176a58020&pst=1662918394&rmtc=t HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tamimnassar.blogspot.com
Referer: https://tamimnassar.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15928454; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjgiOiI0NDEwOGQxODA1NTc2OTQ3NjAxNWY0MjQyY2Y3ZDIyZCIsIjI5IjoiZGFjZTg4N2QwMzlmMDg4YWUwZDk5NTJhOGI4Y2IwNjAifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RhbWltbmFzc2FyLmJsb2dzcG90LmNvbS8yMDIyLzAzL3N0YXItd2Fycy1maWd1cmVuLXp1bS1hdXNtYWxlbi5odG1sIn19.j63hjKNakKIwaNUtaQYKtdlLbyFAJMSNXNabrfZ_gjY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 17:45:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://tamimnassar.blogspot.com
Access-Control-Allow-Origin: https://tamimnassar.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4c429e89-c8ee-484c-94dd-cfda02bf9918:1:1; expires=Sun, 18 Sep 2022 17:45:34 GMT; secure; SameSite=None
iprcc6a1179639c6f96eae4f56b7d23eb6f8=3569806; expires=Sun, 11 Sep 2022 21:45:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 12 Sep 2022 17:45:34 GMT; secure; SameSite=None
uncs=1; expires=Mon, 12 Sep 2022 17:45:34 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 12 Sep 2022 17:45:34 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 12 Sep 2022 17:45:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9692ea4793d00423b0710d9ad8833ff5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15250
Expires: Sun, 11 Sep 2022 21:59:44 GMT
Date: Sun, 11 Sep 2022 17:45:34 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 17:45:34 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Tue, 13 Sep 2022 17:45:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i0.wp.com/sk-bucket.sgp1.cdn.digitaloceanspaces.com/2020/07/02100243/105568292_3774819369201184_3776331204695511942_o.jpg
192.0.77.2200 OK 48 kB URL HTTP/2 i0.wp.com/sk-bucket.sgp1.cdn.digitaloceanspaces.com/2020/07/02100243/105568292_3774819369201184_3776331204695511942_o.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 960x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77c4504b15190b40b35ee6ee2fe0b6e5
9cf38f051b17ca51ddeaa0da80f88d1707552bc9
c796ad7a2202931fb57a4cb446cf79ae2ca8a79747bdbf78a5f36b45513adf08
GET /sk-bucket.sgp1.cdn.digitaloceanspaces.com/2020/07/02100243/105568292_3774819369201184_3776331204695511942_o.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:35 GMT
content-type: image/webp
content-length: 48542
last-modified: Sun, 11 Sep 2022 17:45:35 GMT
expires: Wed, 11 Sep 2024 05:45:35 GMT
cache-control: public, max-age=63115200
link: <http://sk-bucket.sgp1.cdn.digitaloceanspaces.com/2020/07/02100243/105568292_3774819369201184_3776331204695511942_o.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "172cfd1518e88600"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/pengantinbaru.com.my/wp-content/uploads/2019/09/Henna-Tangan-Simple-hennabyadila.jpg
192.0.77.2200 OK 116 kB URL HTTP/2 i1.wp.com/pengantinbaru.com.my/wp-content/uploads/2019/09/Henna-Tangan-Simple-hennabyadila.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1020x1110, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 116 kB (115992 bytes)
Hash 1eaff832dfef66c9527fcae12279c743
fcded2055c8a989e60fc6f08c8108d3338c88eb6
9aacaa7384eb489c777329d918bcfe2edb85551fe54e92fdd7f26d21a8f95ec2
GET /pengantinbaru.com.my/wp-content/uploads/2019/09/Henna-Tangan-Simple-hennabyadila.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 17:45:35 GMT
content-type: image/webp
content-length: 115992
last-modified: Sun, 11 Sep 2022 17:45:35 GMT
expires: Wed, 11 Sep 2024 05:45:35 GMT
cache-control: public, max-age=63115200
link: <http://pengantinbaru.com.my/wp-content/uploads/2019/09/Henna-Tangan-Simple-hennabyadila.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d05f5cd1c918cb2c"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 090a097732f15b625208ab10faeea110
33b4fbb528d5b24e6edeebec3887e9b92bed4272
dd912cb8f4b18a02f086446af981c96af8de389bb8872f8bb6dd76cb5b018194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD912CB8F4B18A02F086446AF981C96AF8DE389BB8872F8BB6DD76CB5B018194"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16290
Expires: Sun, 11 Sep 2022 22:17:06 GMT
Date: Sun, 11 Sep 2022 17:45:36 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=4c429e89-c8ee-484c-94dd-cfda02bf9918&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 11 Sep 2022 17:45:36 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d775e23ba284f3bb70f322444ca1fde7
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.googleapis.com/css?family=Oswald
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.10:0
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 17:45:32 GMT
date: Sun, 11 Sep 2022 17:45:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.232200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.232:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 17:45:34 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: df15c9063012b28b27b6da1f7f48b95a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 17:45:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Skuk8vx59M2opbPNTaKT8tIPMugcqW%2F6BecnUZ72vtcs8j9IzTIbLGBFbMhEzQMEw%2BF2DpaZhKOELw8o79uuVNEcjgSI3JcsMQaDqpfmffWBM%2FgOxw9TKTR3wPOzY%2Bb7uuGEpUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749237c6bd95406c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tamimnassar.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 17:45:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 8359931
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 749237b718ffb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2