r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8780
Expires: Thu, 27 Oct 2022 05:31:04 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6496
Cache-Control: max-age=116074
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:19:18 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3166
Expires: Thu, 27 Oct 2022 03:57:30 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6ZzYDbFw7BKzaBWmsd2uyJDQUy83krVPF+sBAMFovMB9S070PmUSc2k09tgwGnli3CHSVlWwlyE=
x-amz-request-id: H0J4ANQTFWXEE95G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 02:09:38 GMT
age: 3306
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 03:04:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
goldilicious.blogspot.com/2014/09/imunisasi-1-tahun-6-bulan-umyarah.html
142.250.74.161200 OK 33 kB URL HTTP/1.1 goldilicious.blogspot.com/2014/09/imunisasi-1-tahun-6-bulan-umyarah.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3610)
Hash 9d0e626b0efc5ddf6b623e85732c41d7
b9edeacf940459476cb1771496f57110fe286244
adf38256f107514fef451e8958d2a30b9183b9c34b492c26d04188c59e348816
Analyzer Verdict Alert fortinet Phishing
GET /2014/09/imunisasi-1-tahun-6-bulan-umyarah.html HTTP/1.1
Host: goldilicious.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 27 Oct 2022 03:04:44 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 19 Aug 2022 06:21:33 GMT
ETag: W/"a0f1e612579fb346a53a9e5f55168ed1cd6687c7de7b830d29cbb30c40760df3"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 32785
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5e6bc5615a40b88a61736c1e24db5c4
25553fed7022761e18dffb94835a8fb310d40daa
65aa9296f715a2ff9cce4fbed08a058dc11889e77de0efb6f65325446914e105
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 89f1adba05b1afa58865e2e8062294d8
625992e3b56d90a3544869363c1ba80b587438b8
26b4d7fcd5181b95baabbe690e57e5ec9e6a56cc91a3961a123861ae993b11ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
goldilicious.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 goldilicious.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: goldilicious.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/2014/09/imunisasi-1-tahun-6-bulan-umyarah.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 27 Oct 2022 03:04:44 GMT
Expires: Thu, 03 Nov 2022 03:04:44 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 26 Oct 2022 20:56:42 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5e6bc5615a40b88a61736c1e24db5c4
25553fed7022761e18dffb94835a8fb310d40daa
65aa9296f715a2ff9cce4fbed08a058dc11889e77de0efb6f65325446914e105
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5e6bc5615a40b88a61736c1e24db5c4
25553fed7022761e18dffb94835a8fb310d40daa
65aa9296f715a2ff9cce4fbed08a058dc11889e77de0efb6f65325446914e105
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.105200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 10:32:20 GMT
expires: Fri, 20 Oct 2023 10:32:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 19 Oct 2022 14:50:24 GMT
content-type: text/css
age: 577944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
142.250.74.164200 OK 16 kB URL HTTP/1.1 www.google.com/js/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35615)
Hash 3aff9da268245e3fe3c9f2d4b00722c9
ed4fd93cbcc1f4bce9eae5cbc720ea98d6a6e688
f1a876fa6d0541708a7f4a474e521fc7872d1d77a262ba2f8438b8ebb9c29983
GET /js/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 15800
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 20 Oct 2022 10:44:51 GMT
Expires: Fri, 20 Oct 2023 10:44:51 GMT
Cache-Control: public, max-age=31536000
Age: 577193
Last-Modified: Tue, 11 Oct 2022 09:30:00 GMT
Content-Type: text/javascript
resources.blogblog.com/img/icon18_email.gif
142.250.74.105200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 21:40:15 GMT
expires: Fri, 28 Oct 2022 21:40:15 GMT
cache-control: public, max-age=604800
last-modified: Fri, 21 Oct 2022 14:53:29 GMT
content-type: image/gif
age: 451469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Thu, 27 Oct 2022 03:04:44 GMT
expires: Thu, 27 Oct 2022 03:04:44 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 19:57:04 GMT
expires: Wed, 02 Nov 2022 19:57:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 26 Oct 2022 15:54:08 GMT
content-type: image/gif
age: 25660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 23:51:43 GMT
expires: Sat, 21 Oct 2023 23:51:43 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 21 Oct 2022 15:50:58 GMT
content-type: text/javascript
age: 443581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2216895134-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2216895134-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 083268f093ceb61c3a61a818f199d053
97e2062e29efe96089c3e98a5e50f29cdcb05464
6dccb46111dff2073ee44dd7c4b0093f39d28ebc62ec17917c6ce6f8d42dba13
GET /static/v1/widgets/2216895134-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56821
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 15:54:22 GMT
expires: Thu, 26 Oct 2023 15:54:22 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Oct 2022 05:52:40 GMT
content-type: text/javascript
age: 40222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5e6bc5615a40b88a61736c1e24db5c4
25553fed7022761e18dffb94835a8fb310d40daa
65aa9296f715a2ff9cce4fbed08a058dc11889e77de0efb6f65325446914e105
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/img/blogger_logo_round_35.png
142.250.74.105200 OK 2.5 kB URL HTTP/1.1 www.blogger.com/img/blogger_logo_round_35.png
IP 142.250.74.105:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2531
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 21 Oct 2022 16:31:30 GMT
Expires: Fri, 28 Oct 2022 16:31:30 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 20 Oct 2022 18:52:41 GMT
Content-Type: image/png
Age: 469994
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash d70fcc84d705c565b31a5835c0938d5b
d28e5dc9fcc6239d67986df3205468072023d2d7
1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Oct 2022 07:26:05 GMT
expires: Mon, 23 Oct 2023 07:26:05 GMT
cache-control: public, max-age=31536000
age: 329919
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
216.58.207.194200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 216.58.207.194:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 26 Oct 2022 13:08:21 GMT
Expires: Wed, 09 Nov 2022 13:08:21 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 50183
i102.photobucket.com/albums/m91/seantromer/icon_kedah.png
143.204.55.73301 Moved Permanently 167 B URL HTTP/1.1 i102.photobucket.com/albums/m91/seantromer/icon_kedah.png
IP 143.204.55.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/m91/seantromer/icon_kedah.png HTTP/1.1
Host: i102.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 27 Oct 2022 03:04:44 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i102.photobucket.com/albums/m91/seantromer/icon_kedah.png
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y2s_JMvbtUzWvZnfCuYLnQ6g8Bdf5URTYeLy2Ln2SZ8aBtPSzafL8A==
Vary: Origin
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 27 Oct 2022 03:04:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
goldilicious.blogspot.com/b/csi.js?h=ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk
142.250.74.161200 OK 22 kB URL HTTP/1.1 goldilicious.blogspot.com/b/csi.js?h=ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk
IP 142.250.74.161:0
File type ASCII text, with very long lines (15656)
Hash 20da1d9764c55099bc142fc7b0c1fb6e
6295ddc4b3a56f70cdcd564bbd3649b10544b4ca
95df8e1232c84c38d2a8b50395ae718f44fc64471db36b4c53710a419d315cde
Analyzer Verdict Alert fortinet Phishing
GET /b/csi.js?h=ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk HTTP/1.1
Host: goldilicious.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/2014/09/imunisasi-1-tahun-6-bulan-umyarah.html
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 21939
Server: GSE
www.blogger.com/dyn-css/authorization.css?targetBlogID=7634939570743350977&zx=19ed81f6-b7fc-4fb4-9f3f-94ac437239fb
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7634939570743350977&zx=19ed81f6-b7fc-4fb4-9f3f-94ac437239fb
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=7634939570743350977&zx=19ed81f6-b7fc-4fb4-9f3f-94ac437239fb HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 03:04:44 GMT
last-modified: Thu, 27 Oct 2022 03:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i102.photobucket.com/albums/m91/seantromer/icon_kedah.png
143.204.55.73200 OK 5.3 kB URL HTTP/2 i102.photobucket.com/albums/m91/seantromer/icon_kedah.png
IP 143.204.55.73:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2e60b037040ef21215fa44ef9170ad78
48f0046da0944cb0c918ba02d18eda89b0bf8555
73baaa4b009ee6ac13f206fe95eeed8d25e38a69ad7b81e4ff74f8a5391af4f5
GET /albums/m91/seantromer/icon_kedah.png HTTP/1.1
Host: i102.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goldilicious.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 5346
date: Tue, 25 Oct 2022 03:52:19 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="icon_kedah.webp"
expires: Wed, 25 Oct 2023 03:52:19 GMT
server: photobucket
x-amzn-trace-id: Root=1-63575d73-30ba79257777968954184874
x-request-id: 60dY4LpNHUlO8jZvXjvt3
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bTFsmLlEh2sG2bS6egLxgmaEuUyfK6PrvAo6U1UtmmkvhlrCLOaEHw==
age: 169945
vary: Accept, Origin
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=589992%26bid=1473873
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=589992%26bid=1473873
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=589992%26bid=1473873 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
lb3f.lilypie.com/w9AOp8.png
174.136.99.42200 OK 6.0 kB URL HTTP/1.1 lb3f.lilypie.com/w9AOp8.png
IP 174.136.99.42:0
File type PNG image data, 400 x 80, 8-bit colormap, non-interlaced\012- data
Hash 3d4783517d428a377e5a263fda923c53
640f8b6a2c454e69bcdb6d3a56569708ba0b1171
b38217c05f381a8599337a95bea876390c87bb3d9420b4db12bc90a6e61a4244
GET /w9AOp8.png HTTP/1.1
Host: lb3f.lilypie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 03:04:44 GMT
Server: Apache/2.4.54
X-Powered-By: PHP/8.0.23
Content-Length: 5969
Connection: close
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09a95980c79849a2cea4b8a29d73b0b4
300f977c1e2100c100ffbacf0ed33d151f051bc4
b51f508559473b5a6501fc5ce4ded715f96d56cbf2a43c6e0d4c9984576b5795
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6254
Cache-Control: max-age=110775
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:45 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:51:00 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.linkwithin.com/pixel.png
3.19.188.212200 OK 83 B URL HTTP/1.1 www.linkwithin.com/pixel.png
IP 3.19.188.212:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1dba98f5e46c0e7a1549b3d8af9b93
37284bda145ed93cee64997e3d6688cae7d98468
88021da4a13d993a2c94e4d8ddc9bd98b34985d806371e71e0531b37b8a0e081
GET /pixel.png HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 27 Oct 2022 03:04:44 GMT
Content-Type: image/png
Content-Length: 83
Last-Modified: Thu, 18 Jun 2020 22:02:28 GMT
Connection: keep-alive
ETag: "5eebe474-53"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
lagf.lilypie.com/bthpp8.png
174.136.99.42200 OK 8.8 kB URL HTTP/1.1 lagf.lilypie.com/bthpp8.png
IP 174.136.99.42:0
File type PNG image data, 400 x 80, 8-bit colormap, non-interlaced\012- data
Hash dfa07c2e8d4734a0980f8a08a9bc2466
0de3dce7583ed231711b4b79f54b1831c75b4181
885b4f37812acddf904495cbd66b36ae332fdf53d19ad68db413c228e0dbc084
GET /bthpp8.png HTTP/1.1
Host: lagf.lilypie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: Apache/2.4.54
X-Powered-By: PHP/8.0.23
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
2.bp.blogspot.com/-_JAV1ZwSI1Y/Ujk8ayEHGyI/AAAAAAAACMA/OtbbX1kl95o/w72-h72-p-k-no-nu/DSC05088.JPG
142.250.74.161200 OK 2.3 kB URL HTTP/1.1 2.bp.blogspot.com/-_JAV1ZwSI1Y/Ujk8ayEHGyI/AAAAAAAACMA/OtbbX1kl95o/w72-h72-p-k-no-nu/DSC05088.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f3c832d4f5b42eabdc04a63ae5c9da1c
bc5ea51d0d781ddef0ddfa543e8b4cb22f60c8dc
bbc7d4c296287830f30cbb16d085344052fa7df5373c1ce17fe9793890f99997
GET /-_JAV1ZwSI1Y/Ujk8ayEHGyI/AAAAAAAACMA/OtbbX1kl95o/w72-h72-p-k-no-nu/DSC05088.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v8c1"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC05088.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 2269
X-XSS-Protection: 0
3.bp.blogspot.com/-n6BmKweWyUM/VQJTdn7NajI/AAAAAAAAC5g/txgnyGsyjL4/w72-h72-p-k-no-nu/IMG-20150311-WA0018.jpg
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 3.bp.blogspot.com/-n6BmKweWyUM/VQJTdn7NajI/AAAAAAAAC5g/txgnyGsyjL4/w72-h72-p-k-no-nu/IMG-20150311-WA0018.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a58a677ed46bd28ba295102910e2c58a
a6808c40ca2f36088429931b6e1c61763baede6d
e0ddc97162b3036fcff995a0752acc8915526a18a99fc8cf68b666143ac1f57c
GET /-n6BmKweWyUM/VQJTdn7NajI/AAAAAAAAC5g/txgnyGsyjL4/w72-h72-p-k-no-nu/IMG-20150311-WA0018.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v146f"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG-20150311-WA0018.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 3182
X-XSS-Protection: 0
4.bp.blogspot.com/-gNLPNGSMpQA/VKocsqyPvpI/AAAAAAAAC34/NjsvfQLW35Y/w72-h72-p-k-no-nu/10893692_10202426791386116_895927409_n.jpg
142.250.74.161200 OK 4.2 kB URL HTTP/1.1 4.bp.blogspot.com/-gNLPNGSMpQA/VKocsqyPvpI/AAAAAAAAC34/NjsvfQLW35Y/w72-h72-p-k-no-nu/10893692_10202426791386116_895927409_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 79472e6f39df45209f8a16187112154f
43647865e26d0fc512fec106b3702901aaea632f
838ec0f2880182e014f2b90a7bfcba6a0d2afc92dc24b6f2b96aae6ceaac40ef
GET /-gNLPNGSMpQA/VKocsqyPvpI/AAAAAAAAC34/NjsvfQLW35Y/w72-h72-p-k-no-nu/10893692_10202426791386116_895927409_n.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb81"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10893692_10202426791386116_895927409_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 4163
X-XSS-Protection: 0
2.bp.blogspot.com/_hP4nU8qp6tk/TQzQH47UUoI/AAAAAAAAA30/dbCaBfHyins/w72-h72-p-k-no-nu/makanan.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 2.bp.blogspot.com/_hP4nU8qp6tk/TQzQH47UUoI/AAAAAAAAA30/dbCaBfHyins/w72-h72-p-k-no-nu/makanan.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b36c8f61acee01a787f52052afccd9ee
6007a428fb418a7fd65ec3bb14f038522caad23f
1f7f626b16abe93cfcf3587a1f0a665366834451787a79273844349d791868fc
GET /_hP4nU8qp6tk/TQzQH47UUoI/AAAAAAAAA30/dbCaBfHyins/w72-h72-p-k-no-nu/makanan.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v37d"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="makanan.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 4382
X-XSS-Protection: 0
3.bp.blogspot.com/_hP4nU8qp6tk/TTpNhLeqitI/AAAAAAAABBY/9ZpAeHGntJU/w72-h72-p-k-no-nu/SDC10459.jpg
142.250.74.161200 OK 4.6 kB URL HTTP/1.1 3.bp.blogspot.com/_hP4nU8qp6tk/TTpNhLeqitI/AAAAAAAABBY/9ZpAeHGntJU/w72-h72-p-k-no-nu/SDC10459.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google, copyright=COPYRIGHT, 2007], baseline, precision 8, 72x72, components 3\012- data
Hash 1895f5a8623315b280dcd497fbe37ad3
890f8936f20f99d0f3d8346d6538832d31ca9f00
06687bea5225be6348bc5fcdac3e3e1981d33c0ce3da384ea168f0294ab83570
GET /_hP4nU8qp6tk/TTpNhLeqitI/AAAAAAAABBY/9ZpAeHGntJU/w72-h72-p-k-no-nu/SDC10459.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v416"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="SDC10459.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 4552
X-XSS-Protection: 0
3.bp.blogspot.com/-Kl59nW-8pyA/TwuF1fjAFRI/AAAAAAAABSQ/E4gtiA_xuQI/w72-h72-p-k-no-nu/IMG_2472.JPG
142.250.74.161200 OK 1.7 kB URL HTTP/1.1 3.bp.blogspot.com/-Kl59nW-8pyA/TwuF1fjAFRI/AAAAAAAABSQ/E4gtiA_xuQI/w72-h72-p-k-no-nu/IMG_2472.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7806b926d310d6a40792354356beb9fd
dbeb073dfa940b7b6aa6efcaadeaadc9a27fea3a
b45d7c15c1f898062db08cf06c0e34849d2ecd6ce4978047a75fc8272a51900e
GET /-Kl59nW-8pyA/TwuF1fjAFRI/AAAAAAAABSQ/E4gtiA_xuQI/w72-h72-p-k-no-nu/IMG_2472.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="IMG_2472.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1708
X-XSS-Protection: 0
Date: Thu, 27 Oct 2022 03:04:45 GMT
Expires: Wed, 26 Oct 2022 03:52:19 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v524"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-byQeFhzU40I/VA0vMTWJntI/AAAAAAAACuY/_uWxBi6iQeo/s1600/10653690_10201763335520134_8414708720582652182_n.jpg
142.250.74.161200 OK 119 kB URL HTTP/1.1 1.bp.blogspot.com/-byQeFhzU40I/VA0vMTWJntI/AAAAAAAACuY/_uWxBi6iQeo/s1600/10653690_10201763335520134_8414708720582652182_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 960x960, components 3\012- data
Size 119 kB (119388 bytes)
Hash 2a7ae4ffaabcfbc5568dbf5c8cd3e024
ffa1d9230c02b9c7131dec4db5b9bdbc596035f2
ddb2782fe28b31a130341f4f7038331c3c3851d7689aa40a012384c2890b9f14
GET /-byQeFhzU40I/VA0vMTWJntI/AAAAAAAACuY/_uWxBi6iQeo/s1600/10653690_10201763335520134_8414708720582652182_n.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vae9"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10653690_10201763335520134_8414708720582652182_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 119388
X-XSS-Protection: 0
3.bp.blogspot.com/-lJGTB-nLvyo/TyuOZJTFzbI/AAAAAAAABWQ/hlpSJfrbM4Y/w72-h72-p-k-no-nu/pix_gal1.jpg
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 3.bp.blogspot.com/-lJGTB-nLvyo/TyuOZJTFzbI/AAAAAAAABWQ/hlpSJfrbM4Y/w72-h72-p-k-no-nu/pix_gal1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f456ecbffed264e14a6dba5012292042
abd5c021b9eaa818183582fb04710d40a2d7c5b6
ddec1061bfc8553aae6d1a5000cc6967422d8f3b085270e506f5d5df9a2e9c0a
GET /-lJGTB-nLvyo/TyuOZJTFzbI/AAAAAAAABWQ/hlpSJfrbM4Y/w72-h72-p-k-no-nu/pix_gal1.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v564"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pix_gal1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 2926
X-XSS-Protection: 0
2.bp.blogspot.com/-WQXjE2J2hkw/TZGDOdhljvI/AAAAAAAABI8/6fkkOpRHs4U/w72-h72-p-k-no-nu/DSC00036.JPG
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 2.bp.blogspot.com/-WQXjE2J2hkw/TZGDOdhljvI/AAAAAAAABI8/6fkkOpRHs4U/w72-h72-p-k-no-nu/DSC00036.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3bea58051965c0ede62b25d3ebfa5ce3
3befdb194ab6066b23099c7ff9e649ab8444ee66
396bc963abbb94845d12f0f29f6a1ce8388de3d6cd45932eb09de6c292573061
GET /-WQXjE2J2hkw/TZGDOdhljvI/AAAAAAAABI8/6fkkOpRHs4U/w72-h72-p-k-no-nu/DSC00036.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v48f"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC00036.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 4433
X-XSS-Protection: 0
davf.daisypath.com/idl8p8.png
174.136.99.42200 OK 11 kB URL HTTP/1.1 davf.daisypath.com/idl8p8.png
IP 174.136.99.42:0
File type PNG image data, 400 x 80, 8-bit colormap, non-interlaced\012- data
Hash d50005e60529738ec50515374bcc198e
e2a2c01b5ebca7a34c1fd74c38252dc0f5c3e9d7
d07974010effac8e7889d4d7076c29ed0492bc00c0d26d8d5d7caf8fdc78b85d
GET /idl8p8.png HTTP/1.1
Host: davf.daisypath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: Apache/2.4.54
X-Powered-By: PHP/8.0.23
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
davf.daisypath.com/4L7Rp8.png
174.136.99.42200 OK 9.3 kB URL HTTP/1.1 davf.daisypath.com/4L7Rp8.png
IP 174.136.99.42:0
File type PNG image data, 400 x 80, 8-bit colormap, non-interlaced\012- data
Hash d6b8fc37d36f3de1b48dc2e0bdd457da
d8365b9484b0f6e15244afd22c2ed2c45c14e39f
64a7f6bb74ac59e51a2b649acd428df076509fd3fc25b6074896c03612918bf4
GET /4L7Rp8.png HTTP/1.1
Host: davf.daisypath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: Apache/2.4.54
X-Powered-By: PHP/8.0.23
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
4.bp.blogspot.com/-XjoCbanQ0Ks/VA0vMSwxp_I/AAAAAAAACuQ/JWI-ftr1FFA/s1600/10613046_10201675333640142_8907406737658538862_n.jpg
142.250.74.161200 OK 98 kB URL HTTP/1.1 4.bp.blogspot.com/-XjoCbanQ0Ks/VA0vMSwxp_I/AAAAAAAACuQ/JWI-ftr1FFA/s1600/10613046_10201675333640142_8907406737658538862_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 640x640, components 3\012- data
Hash 2c71c7567c7831b382f83f4cdb8bea29
d402db408a5d96eb970825775124a4ca157da7c3
007f6f88084a530fd5f3883c535f08573fc754b7494fb83a2626b92213a2316a
GET /-XjoCbanQ0Ks/VA0vMSwxp_I/AAAAAAAACuQ/JWI-ftr1FFA/s1600/10613046_10201675333640142_8907406737658538862_n.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vae7"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10613046_10201675333640142_8907406737658538862_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 97911
X-XSS-Protection: 0
synad2.nuffnang.com.my/k.js
18.138.110.223302 Found 314 B URL HTTP/1.1 synad2.nuffnang.com.my/k.js
IP 18.138.110.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2dc70b6c45bf3273ce02cc411906180e
3e706e22af3600df7ca611184af391f70755d256
32a8cb54b2eda028acc7b6cc832de6dcc6f82b4ec288620ec870def3f74b1b6c
GET /k.js HTTP/1.1
Host: synad2.nuffnang.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 302 Found
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: Apache/2.2.34 (Amazon)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Location: https://eccdn1.synad3.nuffnang.com.my/k.js
Cache-Control: max-age=86400
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Content-Length: 314
Connection: close
Content-Type: text/html; charset=iso-8859-1
4.bp.blogspot.com/-0RuHtYHfL9c/VA0wlZLCtfI/AAAAAAAACus/Ihp5f8M8mx0/s1600/225825_615292238494668_1898427676_n.jpg
142.250.74.161200 OK 30 kB URL HTTP/1.1 4.bp.blogspot.com/-0RuHtYHfL9c/VA0wlZLCtfI/AAAAAAAACus/Ihp5f8M8mx0/s1600/225825_615292238494668_1898427676_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 400x278, components 3\012- data
Hash b1513a0cc1a30c4a64670ee37e188e40
5bfadac1b508809584c8073477651a801ebe825b
8b274fcd1d7cf67118ffa018216101fcc2d50a4968f754effe32cfbd54038389
GET /-0RuHtYHfL9c/VA0wlZLCtfI/AAAAAAAACus/Ihp5f8M8mx0/s1600/225825_615292238494668_1898427676_n.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vaec"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="225825_615292238494668_1898427676_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 30269
X-XSS-Protection: 0
3.bp.blogspot.com/-FiN7aT8cr2A/VJJKhwYbviI/AAAAAAAAC3E/pxbNbVha1Nk/s1600/4.jpg
142.250.74.161200 OK 73 kB URL HTTP/1.1 3.bp.blogspot.com/-FiN7aT8cr2A/VJJKhwYbviI/AAAAAAAAC3E/pxbNbVha1Nk/s1600/4.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 886x411, components 3\012- data
Hash b8cf793d918842d8a56ac9650b6ae67b
1ea4413304200d702f8230ac0c6a893306bc2f0b
3dcf73b96854021f420b642ba3fb15bc025cbdeda5226dd464de826bf2ab7996
GET /-FiN7aT8cr2A/VJJKhwYbviI/AAAAAAAAC3E/pxbNbVha1Nk/s1600/4.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb72"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="4.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 72999
X-XSS-Protection: 0
1.bp.blogspot.com/-nwP1S0sv84U/Ut4L2Se7CDI/AAAAAAAACRQ/Zbk4fLKqcSg/w72-h72-p-k-no-nu/DSC_0136.JPG
142.250.74.161200 OK 2.4 kB URL HTTP/1.1 1.bp.blogspot.com/-nwP1S0sv84U/Ut4L2Se7CDI/AAAAAAAACRQ/Zbk4fLKqcSg/w72-h72-p-k-no-nu/DSC_0136.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 42f2fe7557792dc0a17869bd5989ddcd
e5b4212e1e31cb9967e2aa174f90904fda13acbd
c5325df0d047619dbb4c5e865b1f1e8c8609e4d22b13e28b937d5387b5cea89d
GET /-nwP1S0sv84U/Ut4L2Se7CDI/AAAAAAAACRQ/Zbk4fLKqcSg/w72-h72-p-k-no-nu/DSC_0136.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v916"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC_0136.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 2398
X-XSS-Protection: 0
1.bp.blogspot.com/-BMi6iN05V78/VA0vMs-HjeI/AAAAAAAACuU/neLPrZjC6Sk/s1600/10653296_10201767431862540_452732601561710765_n.jpg
142.250.74.161200 OK 74 kB URL HTTP/1.1 1.bp.blogspot.com/-BMi6iN05V78/VA0vMs-HjeI/AAAAAAAACuU/neLPrZjC6Sk/s1600/10653296_10201767431862540_452732601561710765_n.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 526x526, components 3\012- data
Hash a90cbfe6db3d1c4739de153cbfb62d3c
16b55c38f488e64d7c03f08fef91aee2767b9a40
d430fcd6f7937222ef7d7e43a06f3ef3105dd3a4da440f2c83f2b8f6c9dc8d05
GET /-BMi6iN05V78/VA0vMs-HjeI/AAAAAAAACuU/neLPrZjC6Sk/s1600/10653296_10201767431862540_452732601561710765_n.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vae8"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10653296_10201767431862540_452732601561710765_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 74429
X-XSS-Protection: 0
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +UbwcAKxOjKrxuAyW30goA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tJQ6cYIShDsSg01Q9OLrhPGdBSA=
www.blogblog.com/1kt/simple/paging_dot.png
142.250.74.105200 OK 99 B URL HTTP/1.1 www.blogblog.com/1kt/simple/paging_dot.png
IP 142.250.74.105:0
File type PNG image data, 20 x 18, 8-bit gray+alpha, non-interlaced\012- data
Hash fcb8627989fa00c5341d05abce52eea9
215f7e27bcb50152a6d87444d3038746c87f1d18
1e3869a752d8d7cfad487a6f4e2def12daa851373a9cce97dcc4a96523501dba
GET /1kt/simple/paging_dot.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 99
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 21 Oct 2022 17:46:03 GMT
Expires: Fri, 28 Oct 2022 17:46:03 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 21 Oct 2022 16:57:23 GMT
Content-Type: image/png
Age: 465522
d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
54.230.245.149200 OK 1.2 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
IP 54.230.245.149:0
File type ASCII text, with CRLF line terminators
Hash 263303c015aaddbd3c417327b3b50823
c5c4f7ec9f5c1a2cfafad6b5810ed0da2080d3cb
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617
GET /activejs/bdv_fsthd.js HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1199
Connection: keep-alive
Last-Modified: Thu, 14 Jan 2021 11:27:17 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Thu, 27 Oct 2022 01:10:37 GMT
ETag: "977ef3668ead61:0"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: K2o1V_y4h6NlnzmkFeNrcT1SA7Kt8wAS_AYbT8S_sCze1HlFkK3sPg==
Age: 9045
d2b9l3u54v5v39.cloudfront.net/css/default.css
54.230.245.149200 OK 1.5 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/default.css
IP 54.230.245.149:0
File type ASCII text, with CRLF line terminators
Hash 8ea20baef891abad5a169261301f1b0d
b983c5b36da773d38fc2d9d56fb1e462080ac0f8
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af
GET /css/default.css HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 1489
Connection: keep-alive
Last-Modified: Mon, 21 Sep 2015 08:25:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Wed, 26 Oct 2022 22:24:18 GMT
ETag: "70d0ec1947f4d01:0"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4pR1r0G3Z9Zqf8sXH97352ss0jfTp2qfGMZKlSzQRDSMrDEh8hplMQ==
Age: 17717
d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2
54.230.245.149200 OK 2.8 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2
IP 54.230.245.149:0
File type ASCII text, with CRLF line terminators
Hash d58909e3606e94cade8eca195ab40f2e
e6363f5074ba81376c31b4cd770f0b0344621e24
68cec5539b0b468c927628d857780b25c5be36223db516828dce541b1c167c00
GET /css/58x466.css?cbst=2 HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2831
Connection: keep-alive
Last-Modified: Thu, 18 Jan 2018 16:19:13 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Thu, 27 Oct 2022 02:44:59 GMT
ETag: "ec706f147890d31:0"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r4xaDsZUvOyojyM3Kb67mkKVOU0W1G_BHM8UbVv93zgYzSf4zFGzwg==
Age: 2344
1.bp.blogspot.com/-U0WxOy1t9KQ/T88c81HMt1I/AAAAAAAAAVE/OAW3nFf4rFc/s35/IMG-20110928-00666.jpg
142.250.74.161200 OK 1.4 kB URL HTTP/1.1 1.bp.blogspot.com/-U0WxOy1t9KQ/T88c81HMt1I/AAAAAAAAAVE/OAW3nFf4rFc/s35/IMG-20110928-00666.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 35x35, components 3\012- data
Hash fe1015bd7b7ffbdaf56bb120eeac6c1b
a42474ddb210896ebc2ffd0d4515177a7bbb3fcb
c382676e9b8aab84add3ade05b93aa084fe87f2c878ba5ad40a82938f71aa801
GET /-U0WxOy1t9KQ/T88c81HMt1I/AAAAAAAAAVE/OAW3nFf4rFc/s35/IMG-20110928-00666.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v151"
Expires: Fri, 28 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG-20110928-00666.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 27 Oct 2022 03:04:45 GMT
Server: fife
Content-Length: 1379
X-XSS-Protection: 0
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 27 Oct 2022 03:04:45 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
142.250.74.163200 OK 34 kB URL HTTP/2 www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2800)
Hash 88e921b492ded34fcf0c75fa81304a02
75a00e5b7c6846be55aa39550258e576abe199ff
6d126a4fa36c1ef24a46c83a19a68085e4f88a7ee57ae21a331c1cd350263a79
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 33986
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 02:54:55 GMT
expires: Thu, 27 Oct 2022 03:44:55 GMT
cache-control: public, max-age=3000
last-modified: Tue, 25 Oct 2022 15:39:03 GMT
content-type: text/javascript
age: 590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 02:59:33 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 95161322
etag: W/"980881274"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:E116_2E69C9F0:0050_6359F54D_1A95:7AC9
x-iplb-instance: 40744
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0b21021a9952aee1a74f3bd0a3dab020
df8dd2d33f9505ecdf4b57372050ffe264ea34ca
5fb04e8d818840ea60d750ec6a1230a3318202fc25790f0c45cac8fe8302a1f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7634939570743350977%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByM2NjY2NjZCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7306794926347607954%26origin%3Dhttp://goldilicious.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7634939570743350977%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByM2NjY2NjZCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7306794926347607954%26origin%3Dhttp://goldilicious.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 491 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7634939570743350977%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByM2NjY2NjZCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7306794926347607954%26origin%3Dhttp://goldilicious.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7634939570743350977%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByM2NjY2NjZCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7306794926347607954%26origin%3Dhttp://goldilicious.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (535)
Hash 8a3d7e89bbe2f095c5e7965d5913cead
3694d9e1307ad259a10bb1525003c02f91f4d739
80638906a401f1784f12f9e5c1f3f7613371ebee7ae13b3abfb10cd4b8c13c36
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7634939570743350977%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByM2NjY2NjZCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7306794926347607954%26origin%3Dhttp://goldilicious.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7634939570743350977%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByM2NjY2NjZCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7306794926347607954%26origin%3Dhttp://goldilicious.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goldilicious.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 03:04:45 GMT
location: https://www.blogger.com/followers.g?blogID=7634939570743350977&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByM2NjY2NjZCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50&pageSize=21&postID=7306794926347607954&origin=http%3A%2F%2Fgoldilicious.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-RcyeP3EiVnTx3qt73J9a8g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 491
server: GSE
set-cookie: __Host-GAPS=1:sw6OKtPt6kcOlqiB9GpDpfTn8s0bRw:OW_HhKe4xbSJUP2x;Path=/;Expires=Sat, 26-Oct-2024 03:04:45 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 77b5da0f60755df91da1b98333c6d33c
0c36c5f1063e2ef41d02e26ddf9ed1e0a490e6b4
085b499d52d53965301db8affc692e09876290e5d67bf09c83178cc54384999f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
badges.instagram.com/static/images/ig-badge-sprite-48.png
31.13.72.53301 Moved Permanently 0 B URL HTTP/1.1 badges.instagram.com/static/images/ig-badge-sprite-48.png
IP 31.13.72.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/images/ig-badge-sprite-48.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://badges.instagram.com/static/images/ig-badge-sprite-48.png
Content-Type: text/plain
Server: proxygen-bolt
X-FB-TRIP-ID: 1512268381
Alt-Svc: h3=":443"; ma=86400
Date: Thu, 27 Oct 2022 03:04:45 GMT
Connection: keep-alive
Content-Length: 0
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 9fdee9d17c22bef79ae5f51e83fdd9af
51aa0001e973405252b83a11408ef77eba1d6de6
85d86e478ce1d65d0d0ca5062357693d7788eaae41556c7fb1351cdeb4bdd280
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 2163ae8e9875d54e8d72a23e7e88d7b2
ETag: "01e9e9ab25e3fdc40e316f0bf2492aeb"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Thu, 27 Oct 2022 03:24:38 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: n97p0Xwivvea5fUeg/3Zrw==
X-FB-Debug: b8ZGd1uuPWJNugz1rJDHKUOQsMi2uIF6GgGJabRKLbGpLGebCuonJ6XryT2glbkpgAoUQNpgicawF2NtYNUf9w==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Thu, 27 Oct 2022 03:04:45 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1685
badges.instagram.com/static/images/ig-badge-48.png
31.13.72.53301 Moved Permanently 0 B URL HTTP/1.1 badges.instagram.com/static/images/ig-badge-48.png
IP 31.13.72.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/images/ig-badge-48.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://badges.instagram.com/static/images/ig-badge-48.png
Content-Type: text/plain
Server: proxygen-bolt
X-FB-TRIP-ID: 1512268381
Alt-Svc: h3=":443"; ma=86400
Date: Thu, 27 Oct 2022 03:04:45 GMT
Connection: keep-alive
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ab0372fbd4e9d389119ccc12be968eb
0e48ffd21d7abf1cf59a471feba8da1f26b934fc
090ac22163a5cc5471bd4220bc6ebe686b115c15378c5eb9066f0767066af57d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5283
Cache-Control: max-age=93633
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Etag: "6358ab6c-1d7"
Expires: Fri, 28 Oct 2022 05:05:19 GMT
Last-Modified: Wed, 26 Oct 2022 03:37:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0602e5405d090f0dfaa391af9dbabdaa
42b6a75d27aff80b714d6a9c24e7a836d53c11f1
c9a65811dd6b64d2cb0353b2ec2f6f98b26967b9c7951b8dde0766b9162b7ff5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6560
Cache-Control: max-age=111073
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Etag: "6358ea8f-1d7"
Expires: Fri, 28 Oct 2022 09:55:59 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0602e5405d090f0dfaa391af9dbabdaa
42b6a75d27aff80b714d6a9c24e7a836d53c11f1
c9a65811dd6b64d2cb0353b2ec2f6f98b26967b9c7951b8dde0766b9162b7ff5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1678
Cache-Control: max-age=106191
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Etag: "6358ea8f-1d7"
Expires: Fri, 28 Oct 2022 08:34:37 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:39 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
goldilicious.blogspot.com/favicon.ico
142.250.74.161200 OK 776 B URL HTTP/1.1 goldilicious.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3f4b503d5fa82f1c5592f2ee744d7f70
389ddc93d3f89647026dd8659a7e10e9728761bc
60324e08e0c1f6c2179d76634fdff10f3e23061154b2870e531452aa107e1df6
GET /favicon.ico HTTP/1.1
Host: goldilicious.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/2014/09/imunisasi-1-tahun-6-bulan-umyarah.html
Cookie: HstCfa1192007=1666839885418; HstCla1192007=1666839885418; HstCmu1192007=1666839885418; HstPn1192007=1; HstPt1192007=1; HstCnv1192007=1; HstCns1192007=1
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Thu, 27 Oct 2022 03:04:46 GMT
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: private, max-age=86400
Last-Modified: Fri, 19 Aug 2022 06:21:33 GMT
ETag: W/"a0f1e612579fb346a53a9e5f55168ed1cd6687c7de7b830d29cbb30c40760df3"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 776
Server: GSE
connect.facebook.net/en_US/all.js?hash=2e6288e46e90ddae86edb6567d6984a9
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=2e6288e46e90ddae86edb6567d6984a9
IP 31.13.72.12:0
File type ASCII text, with very long lines (18722)
Hash 1833cdaea7b3a62cfe031bc2703863ea
823b42d04fa3c79fd70031c417e8718fea8cbff8
e4874135520a9795f7aefdc7de362b709af85601327dc0040ecb295ad451ea7e
GET /en_US/all.js?hash=2e6288e46e90ddae86edb6567d6984a9 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://goldilicious.blogspot.com
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 861735dfed3e2c5e2c20adffa27e4a9c
etag: "9d1530f5a0e266041fe6be60d9f74eda"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 26 Oct 2023 20:10:18 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: GDPNrqezpiz+AxvCcDhj6g==
x-fb-debug: HpS8jUcHhpDh2x09KhuwEkCxpRf+FiS3eTLhBwDab5NKRuquI5U2ZcO/l83vNwykTpY+O/GEfrEyjQ7FYVz+aA==
content-length: 86754
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 03:04:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ab0372fbd4e9d389119ccc12be968eb
0e48ffd21d7abf1cf59a471feba8da1f26b934fc
090ac22163a5cc5471bd4220bc6ebe686b115c15378c5eb9066f0767066af57d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5283
Cache-Control: max-age=93633
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Etag: "6358ab6c-1d7"
Expires: Fri, 28 Oct 2022 05:05:19 GMT
Last-Modified: Wed, 26 Oct 2022 03:37:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
badges.instagram.com/static/images/ig-badge-sprite-48.png
31.13.72.53404 Not Found 21 kB URL HTTP/2 badges.instagram.com/static/images/ig-badge-sprite-48.png
IP 31.13.72.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8012)
Hash 8f4ecb58c60af8ec8bf6816d511c55cb
a5f0a6939be71ffab23c92f7f0fe99c04cc124dd
1e193fce991893191d9c9087ba8f8d0343cd7a244511e31460c2141c2f79c436
GET /static/images/ig-badge-sprite-48.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goldilicious.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
vary: Cookie, Accept-Language
date: Thu, 27 Oct 2022 03:04:46 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 73
access-control-expose-headers: X-IG-Set-WWW-Claim
x-ig-request-elapsed-time-ms: 20
x-ig-peak-time: 0
content-length: 20955
x-ig-origin-region: odn
x-fb-trip-id: 1512268381
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c68f55ceed40c88b3ac6e21da050b99
c4d919780047bf35565d3d509cb075f0e7993867
e7adad7796124741c54c3a2b968fb0e5cca87c69b73452247e1a1745873f9568
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7ADAD7796124741C54C3A2B968FB0E5CCA87C69B73452247E1A1745873F9568"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10236
Expires: Thu, 27 Oct 2022 05:55:22 GMT
Date: Thu, 27 Oct 2022 03:04:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0602e5405d090f0dfaa391af9dbabdaa
42b6a75d27aff80b714d6a9c24e7a836d53c11f1
c9a65811dd6b64d2cb0353b2ec2f6f98b26967b9c7951b8dde0766b9162b7ff5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1678
Cache-Control: max-age=106191
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Etag: "6358ea8f-1d7"
Expires: Fri, 28 Oct 2022 08:34:37 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:39 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
synad2.nuffnang.com.my/lr.js
18.138.110.223302 Found 315 B URL HTTP/1.1 synad2.nuffnang.com.my/lr.js
IP 18.138.110.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1e5a58c4069ab1dfac01c1427d79281e
3fb8451f31d1b7dcd0a6397eb5197838de52a09c
6909936fd0b322677a32c29850af205428ed53367b5aef713c5efe9dcca8ac18
GET /lr.js HTTP/1.1
Host: synad2.nuffnang.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 302 Found
Date: Thu, 27 Oct 2022 03:04:46 GMT
Server: Apache/2.2.34 (Amazon)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Location: https://eccdn1.synad3.nuffnang.com.my/lr.js
Cache-Control: max-age=86400
Expires: Fri, 28 Oct 2022 03:04:46 GMT
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
s4.histats.com/stats/1192007.php?1192007&@f16&@g1&@h1&@i1&@j1666839885418&@k0&@l1&@mImunisasi%201%20tahun%206%20Bulan%20Umayrah%20%7C%20~%20Sebuah%20Kisah%20Klasik%20Untuk%20Masa%20Depan%20~&@n0&@o1000&@q0&@r0&@s432&@ten-US&@u1280&@b1:125440315&@b3:1666839885&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgoldilicious.blogspot.com%2F2014%2F09%2Fimunisasi-1-tahun-6-bulan-umyarah.html&@w
192.99.8.34200 OK 103 B URL HTTP/1.1 s4.histats.com/stats/1192007.php?1192007&@f16&@g1&@h1&@i1&@j1666839885418&@k0&@l1&@mImunisasi%201%20tahun%206%20Bulan%20Umayrah%20%7C%20~%20Sebuah%20Kisah%20Klasik%20Untuk%20Masa%20Depan%20~&@n0&@o1000&@q0&@r0&@s432&@ten-US&@u1280&@b1:125440315&@b3:1666839885&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgoldilicious.blogspot.com%2F2014%2F09%2Fimunisasi-1-tahun-6-bulan-umyarah.html&@w
IP 192.99.8.34:0
File type ASCII text, with no line terminators
Hash 1ced4ffcccf6863fa6aac4dc175f027b
6532b1aa1307b839b7860c7bfa47a1fdf946d2ff
3c731df61361a51c30e47e7169a119b380f60647306fa85e91cade276a9e5796
GET /stats/1192007.php?1192007&@f16&@g1&@h1&@i1&@j1666839885418&@k0&@l1&@mImunisasi%201%20tahun%206%20Bulan%20Umayrah%20%7C%20~%20Sebuah%20Kisah%20Klasik%20Untuk%20Masa%20Depan%20~&@n0&@o1000&@q0&@r0&@s432&@ten-US&@u1280&@b1:125440315&@b3:1666839885&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgoldilicious.blogspot.com%2F2014%2F09%2Fimunisasi-1-tahun-6-bulan-umyarah.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 03:04:46 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 103
Connection: close
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 666 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 1ee4fcc6bc5d4a74841bde5e2be52621
c04bd68b2e519e021037dd1e4d624189b46a374d
00913f63ee8bc6cbc6499378b6039e4e82b017b956000524296a2f842f2a3122
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 27 Oct 2022 03:04:46 GMT
date: Thu, 27 Oct 2022 03:04:46 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 666
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECPzv162fwdvK1gEiC3ZjYXJkX3Bob3RvKig3NDdkMTVhODJjMmE5MDY4ZDI1ZGM5YzNmNjNmZWUwZTQ4NzcxY2U0MAHP9Yykadij-mrJs4FyIRa4RLANvg
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECPzv162fwdvK1gEiC3ZjYXJkX3Bob3RvKig3NDdkMTVhODJjMmE5MDY4ZDI1ZGM5YzNmNjNmZWUwZTQ4NzcxY2U0MAHP9Yykadij-mrJs4FyIRa4RLANvg
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECPzv162fwdvK1gEiC3ZjYXJkX3Bob3RvKig3NDdkMTVhODJjMmE5MDY4ZDI1ZGM5YzNmNjNmZWUwZTQ4NzcxY2U0MAHP9Yykadij-mrJs4FyIRa4RLANvg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 03:04:46 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-HudwMf6aL0QLzUD9rb74hfue-runZghxVy2I9MQ=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-XDy_FG5f4aWL3T1taLtuYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=aUvPSWbsQPbUup3WDegdGhimCZ6z5MlCrtivjBVp4Um5-tZDrr3oY3BdK15vwwVvXIb0Fw-Ac4rDP7oPEqY8GSWtrqVkLbljgywWTKeRcYBYFBmV0d6DypribsnYGL8Q44nw2P50NlnejIklsKOkzNKNKb5FeSJZZEhl0PgXim4; expires=Fri, 28-Apr-2023 03:04:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCIft0K2XtMWkeSILdmNhcmRfcGhvdG8qKDhhYWJiMzNmMDA3MmQ1YTFlOTMzNjM2MDIwOWFjOTZhMjc3ZmRiMTgwAW624rF0g3RUPTJnuRn5evtak4qo
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCIft0K2XtMWkeSILdmNhcmRfcGhvdG8qKDhhYWJiMzNmMDA3MmQ1YTFlOTMzNjM2MDIwOWFjOTZhMjc3ZmRiMTgwAW624rF0g3RUPTJnuRn5evtak4qo
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCIft0K2XtMWkeSILdmNhcmRfcGhvdG8qKDhhYWJiMzNmMDA3MmQ1YTFlOTMzNjM2MDIwOWFjOTZhMjc3ZmRiMTgwAW624rF0g3RUPTJnuRn5evtak4qo HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 03:04:46 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8_gqyvZqg7fBOv7-JvMrRYe1kGIXqwtJyEuLliwlE=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-6pP6cNZGbgaedBtD4qWERA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=UMv6UnevkRW4BHnhvMVkiAYpHrtBlo0IIJsrSl7lcLdufpFPjFYiRAZh1YV4xyr3roe6R9fQJUMiB0ruQ8T0S83V_823CEdu3tSpFvdCYvu7C--7a9eF7njqdj86lMA-3J25Pz2O26wNI5h16GzqwZDvGBVsBhbpoQXFzlxpfMA; expires=Fri, 28-Apr-2023 03:04:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/counters/cc_432.js
46.105.201.240200 OK 7.0 kB URL HTTP/2 s10.histats.com/counters/cc_432.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (18156), with no line terminators
Hash 3f5e9106ddb514e54e0bf9754de8d5a8
84c4fa6561f3ec9bd24e5f42b6b87230412508e2
2d7128b8f9459b61235de04c7a4a48612f174efd056449920830c68bbf6ba1a8
GET /counters/cc_432.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:56:04 GMT
etag: "1507603602"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 1039696766
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7034
X-Firefox-Spdy: h2
badges.instagram.com/static/images/ig-badge-48.png
31.13.72.53404 Not Found 0 B URL HTTP/2 badges.instagram.com/static/images/ig-badge-48.png
IP 31.13.72.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/images/ig-badge-48.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goldilicious.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
vary: Cookie, Accept-Language
date: Thu, 27 Oct 2022 03:04:46 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 73
access-control-expose-headers: X-IG-Set-WWW-Claim
x-ig-request-elapsed-time-ms: 18
x-ig-peak-time: 0
content-length: 20955
x-ig-origin-region: odn
x-fb-trip-id: 1512268381
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECIvejO6U3YbQ7AEiC3ZjYXJkX3Bob3RvKig5ZmIyNDdmNGU3MTNmMTMzM2YxMGJmYzYzZTY2NWNjNWY1N2YyY2ZjMAFcHKFY9criwrGqNXpHZ8VyWLseSQ
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECIvejO6U3YbQ7AEiC3ZjYXJkX3Bob3RvKig5ZmIyNDdmNGU3MTNmMTMzM2YxMGJmYzYzZTY2NWNjNWY1N2YyY2ZjMAFcHKFY9criwrGqNXpHZ8VyWLseSQ
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECIvejO6U3YbQ7AEiC3ZjYXJkX3Bob3RvKig5ZmIyNDdmNGU3MTNmMTMzM2YxMGJmYzYzZTY2NWNjNWY1N2YyY2ZjMAFcHKFY9criwrGqNXpHZ8VyWLseSQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 03:04:46 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu98CZ4c-yO5CmWZzHEjMqkNXhRgFqWX5E2KdoY_=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-pTZbg1vB8p7ick7L9L7ymg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=VADS1VmhAbwv4KB7bfqiFugLy5cOS7l0B9B41pP1k7UXjM9Kgq3eFomxR0EjceNvapW-1jYdE2ocdq_-ppRH7hCVCE5RGIs7YWw86Lo1WoNkDLO9brIT3I4SHIc74893LVgO1VhlrijGg1XKmkjjPbcbg1IGB21oQHuyTbcGHdc; expires=Fri, 28-Apr-2023 03:04:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCMzvncOmyvzFJiILdmNhcmRfcGhvdG8qKDc5OTVmNjk4NzY0MGNiZTQ1YzhhNjQwZTgzZWY4ZDE4OWZhMGQxNTEwASiMEoqjskDTsypFuR853sZ5wV_d
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCMzvncOmyvzFJiILdmNhcmRfcGhvdG8qKDc5OTVmNjk4NzY0MGNiZTQ1YzhhNjQwZTgzZWY4ZDE4OWZhMGQxNTEwASiMEoqjskDTsypFuR853sZ5wV_d
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCMzvncOmyvzFJiILdmNhcmRfcGhvdG8qKDc5OTVmNjk4NzY0MGNiZTQ1YzhhNjQwZTgzZWY4ZDE4OWZhMGQxNTEwASiMEoqjskDTsypFuR853sZ5wV_d HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 03:04:46 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu911R8NxLSFCoKD1rZivC1GjW7WQooeU0PRvGF2WA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-17M6bC8pXUre4FsEz6wl2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=AAPeD8TFwjKCwmGJfmpjdteNw-Ckr2eAN7x2hExabNZ5zGb3KsrAH60fJmg-KgxEkvtVLmSNTT-y2FPICIZlwb9SnSpy50FaPfVn8pDKfGCCp6BqUWomws_VtMTJFfM8MlrMFClIwP9uUQY6gJ13l6kshW2CDx_6leGP68OCAKY; expires=Fri, 28-Apr-2023 03:04:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 548adf48ccc53ecd7c0ac1dfb27d13a3
6271706fe6ef27e23ca62a3e02782731a1d52295
fdabb8de87f72c6f3262946250085f022ace8db0339ad9bfb413c6659f8ae493
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
synad2.nuffnang.com.my/ss.js
18.138.110.223302 Found 315 B URL HTTP/1.1 synad2.nuffnang.com.my/ss.js
IP 18.138.110.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 51f316438686c03cef13e0cfbf8c505a
5679098c6a8f7e945c1d342fb926dec9725ca338
3d20dd5cb58039151bb0d7c0aafec903479f53078031aeeba45dfe56e955d796
GET /ss.js HTTP/1.1
Host: synad2.nuffnang.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 302 Found
Date: Thu, 27 Oct 2022 03:04:46 GMT
Server: Apache/2.2.34 (Amazon)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Location: https://eccdn1.synad3.nuffnang.com.my/ss.js
Cache-Control: max-age=86400
Expires: Fri, 28 Oct 2022 03:04:46 GMT
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
lh3.googleusercontent.com/a-/ACNPEu9nT9B8eA5EMwJEToAmDc_g97bHVCK_sLEL6vMeCg=s96-p
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9nT9B8eA5EMwJEToAmDc_g97bHVCK_sLEL6vMeCg=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash ac2f50b27de1c4d826c97fbf7bc97811
1210feafd74a99f1363af13de8d1f4adc4298141
590280a1f7b1f2b449e830931224f214f4286c623eff816586f43b4503a0fb86
GET /a-/ACNPEu9nT9B8eA5EMwJEToAmDc_g97bHVCK_sLEL6vMeCg=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4176
x-xss-protection: 0
date: Thu, 27 Oct 2022 02:18:53 GMT
expires: Fri, 14 Oct 2022 02:41:08 GMT
cache-control: public, max-age=86400, no-transform
age: 2753
etag: "v11f4"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-HudwMf6aL0QLzUD9rb74hfue-runZghxVy2I9MQ=s96-p
142.250.74.33200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-HudwMf6aL0QLzUD9rb74hfue-runZghxVy2I9MQ=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash c59959259a0aacc7503cce827eb0a184
c11836b0af42c7e5c8298a51adc07da930634307
2be50edf72a386b7179a9935046c77fd55ea4b1aff7571d4a6572d6e4fee052a
GET /a-/ACNPEu-HudwMf6aL0QLzUD9rb74hfue-runZghxVy2I9MQ=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3790
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Fri, 14 Oct 2022 03:52:36 GMT
cache-control: public, max-age=86400, no-transform
etag: "v642"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu8_gqyvZqg7fBOv7-JvMrRYe1kGIXqwtJyEuLliwlE=s96-p
142.250.74.33200 OK 3.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu8_gqyvZqg7fBOv7-JvMrRYe1kGIXqwtJyEuLliwlE=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash dc6961fc489672fa2e7029b3fb40e485
2db1cc4ed17bf37d4748cd1c5c0cdd736439532b
8808fca8c8592e0b9df18fe1d2688df3e57041db53dfc2e2026b0303c257b6ca
GET /a-/ACNPEu8_gqyvZqg7fBOv7-JvMrRYe1kGIXqwtJyEuLliwlE=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3586
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Wed, 26 Oct 2022 00:14:05 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3488c"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu98CZ4c-yO5CmWZzHEjMqkNXhRgFqWX5E2KdoY_=s96-p
142.250.74.33200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu98CZ4c-yO5CmWZzHEjMqkNXhRgFqWX5E2KdoY_=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 34b1a5c578fbe3f686348bd2b3d1af81
07ef71ba345aeffd0d74b85795e5c58ac528ba24
ccf5770dec3e621a02c1bd8c1053e2ee76c0514b751017b1370f476ad8ffb8cc
GET /a-/ACNPEu98CZ4c-yO5CmWZzHEjMqkNXhRgFqWX5E2KdoY_=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4132
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Wed, 26 Oct 2022 00:39:37 GMT
cache-control: public, max-age=86400, no-transform
etag: "v28"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 548adf48ccc53ecd7c0ac1dfb27d13a3
6271706fe6ef27e23ca62a3e02782731a1d52295
fdabb8de87f72c6f3262946250085f022ace8db0339ad9bfb413c6659f8ae493
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ba93f7305eade9093c149ab8374c1f
29d352bf8c811674691a8d9bc737bc8bf27da37a
12c1af15ce9017b55fdd5e90a2206ff29d6ed1c0c2a35f9fad6e674bd56b5256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 548adf48ccc53ecd7c0ac1dfb27d13a3
6271706fe6ef27e23ca62a3e02782731a1d52295
fdabb8de87f72c6f3262946250085f022ace8db0339ad9bfb413c6659f8ae493
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 548adf48ccc53ecd7c0ac1dfb27d13a3
6271706fe6ef27e23ca62a3e02782731a1d52295
fdabb8de87f72c6f3262946250085f022ace8db0339ad9bfb413c6659f8ae493
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ba93f7305eade9093c149ab8374c1f
29d352bf8c811674691a8d9bc737bc8bf27da37a
12c1af15ce9017b55fdd5e90a2206ff29d6ed1c0c2a35f9fad6e674bd56b5256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ba93f7305eade9093c149ab8374c1f
29d352bf8c811674691a8d9bc737bc8bf27da37a
12c1af15ce9017b55fdd5e90a2206ff29d6ed1c0c2a35f9fad6e674bd56b5256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-KnA7I-IWlec/UMqIxZ-JnQI/AAAAAAAABCg/yodsxYLrJDA/s45-c/Neko_dance_by_EternalNova.jpg
142.250.74.161200 OK 1.4 kB URL HTTP/2 3.bp.blogspot.com/-KnA7I-IWlec/UMqIxZ-JnQI/AAAAAAAABCg/yodsxYLrJDA/s45-c/Neko_dance_by_EternalNova.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash b2e755489a30fc1c62a7e35c12ae751f
89a70cbe6f364c47a553bdb1786d388a9a1a48dc
365286f2525185561f2c9164fc0f5abfccc751461c2e0525ba043f6bfb50703d
GET /-KnA7I-IWlec/UMqIxZ-JnQI/AAAAAAAABCg/yodsxYLrJDA/s45-c/Neko_dance_by_EternalNova.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Neko_dance_by_EternalNova.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1441
x-xss-protection: 0
date: Thu, 27 Oct 2022 02:18:21 GMT
expires: Sun, 16 Oct 2022 03:52:41 GMT
cache-control: public, max-age=86400, no-transform
age: 2785
etag: "v428"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_lT2AMjHhj3E/TOR3zR82yiI/AAAAAAAAACk/6FJB8XeLlEY/S45-s45-c/DSC00780.JPG
142.250.74.161200 OK 1.9 kB URL HTTP/2 2.bp.blogspot.com/_lT2AMjHhj3E/TOR3zR82yiI/AAAAAAAAACk/6FJB8XeLlEY/S45-s45-c/DSC00780.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 6c08ebfcedb99957f3c66dc1f799dc9c
4d617b0dd8f4c113af5eeffca5d8204f934a1575
7bb3e5ae58bf31012a3fd8d929cfc98a68c0e4b7a9efd7ce2243fb1196771b5f
GET /_lT2AMjHhj3E/TOR3zR82yiI/AAAAAAAAACk/6FJB8XeLlEY/S45-s45-c/DSC00780.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="DSC00780.JPG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1926
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Wed, 26 Oct 2022 03:52:20 GMT
cache-control: public, max-age=86400, no-transform
etag: "v29"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6265
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:46 GMT
Connection: keep-alive
lh3.googleusercontent.com/p/AF1QipP5mnXnMtJXZdnJeqdPV_a_AO-mXzlCCftLPfW_=s45-c?key=CILx2bC8wZy_5gE
142.250.74.33200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipP5mnXnMtJXZdnJeqdPV_a_AO-mXzlCCftLPfW_=s45-c?key=CILx2bC8wZy_5gE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 273c7e3db8779b384afdef80683ab028
bd93ee192872a432c8596d4de97c83b72a0ec649
b9e71d503e8984fdea65ae958baa3d691ac80752a15d62094dbb1dcacc516680
GET /p/AF1QipP5mnXnMtJXZdnJeqdPV_a_AO-mXzlCCftLPfW_=s45-c?key=CILx2bC8wZy_5gE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3465"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:46 GMT
server: fife
content-length: 4403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
age: 19029
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:58:12 GMT
age: 18394
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05e2d92ca05c08e9598d4128d55b1cba
109364ef1db445ba6c5e8c1178ab56fcce80d346
078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 5b0d857f-cba8-4cc2-9ff5-bf3560f7620e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb3RHk1oAMF3KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cfb-30108b2d2bf56f3d0edbaa67;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnJCFnqy9-kDnIS-oExds78LCxiyL3noVoC_I2PVpybhmZoQHi2GoA==
via: 1.1 6e11af43b7d44f54f9a54c759c251f16.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 12:31:05 GMT
age: 52421
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd4d7051e9d8525d8ed7d5249b24068d
cbad9147991b1a1b27088f90fe7078d1056a9633
4701cc21f58c8ac8b8ad78a34973b3ade538255868afbf59be40e7f1365bcc20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7542
x-amzn-requestid: 95e8df21-80b6-400a-bcd5-41efdab9cc57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwLH0lIAMFT2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a800-3300914f11c46b9902b30fe4;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4aCnw-Gulpqp0Vsa-kZQuR4y22SLWYZP9HbtIz2eMuI1lpPqb3kddg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:48 GMT
etag: "cbad9147991b1a1b27088f90fe7078d1056a9633"
content-type: image/jpeg
age: 19018
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 19017
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6265
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6265
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 548adf48ccc53ecd7c0ac1dfb27d13a3
6271706fe6ef27e23ca62a3e02782731a1d52295
fdabb8de87f72c6f3262946250085f022ace8db0339ad9bfb413c6659f8ae493
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipMzJJsjsMtW5iMhhc_LciQKN7Ynsx8890xoROMd=s45-c?key=CIWt5PvFxMKsfA
142.250.74.33200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMzJJsjsMtW5iMhhc_LciQKN7Ynsx8890xoROMd=s45-c?key=CIWt5PvFxMKsfA
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 50346f075b63d6194bd0fda50080066e
47ced1bd25d15229de3363654ee8f433455c59fa
90a236e47759c5ae6e70947b4ba4546eab38a52ae276de9466251a0dd71133c9
GET /p/AF1QipMzJJsjsMtW5iMhhc_LciQKN7Ynsx8890xoROMd=s45-c?key=CIWt5PvFxMKsfA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v801f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:46 GMT
server: fife
content-length: 4270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d71555b55dd7d34a53b9e8252902da1
551ceee96287d4d5fa8c8f286baebd382c8aff67
ff2040a25f467fc41873bdb2c7ed9f28ab508e8096b54152607bd0b40580567f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4670
x-amzn-requestid: bd7ccf26-ed98-4252-82df-a8f17108fc2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvtEoYoAMFrCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fd-51c97f553b02f4750e78023a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:53 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AANmFqkisteLJO0nLhaNgo6NTfYSkLPEGf5zewefdRtPZbEziAPz3Q==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:45 GMT
etag: "551ceee96287d4d5fa8c8f286baebd382c8aff67"
content-type: image/jpeg
age: 19021
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 27 Oct 2022 03:04:46 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+669; expires=Sat, 26-Oct-2024 03:04:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Oct 2022 03:04:46 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ba93f7305eade9093c149ab8374c1f
29d352bf8c811674691a8d9bc737bc8bf27da37a
12c1af15ce9017b55fdd5e90a2206ff29d6ed1c0c2a35f9fad6e674bd56b5256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 35ba93f7305eade9093c149ab8374c1f
29d352bf8c811674691a8d9bc737bc8bf27da37a
12c1af15ce9017b55fdd5e90a2206ff29d6ed1c0c2a35f9fad6e674bd56b5256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2974
Origin: https://www.blogger.com
Connection: keep-alive
Cookie: NID=511=AAPeD8TFwjKCwmGJfmpjdteNw-Ckr2eAN7x2hExabNZ5zGb3KsrAH60fJmg-KgxEkvtVLmSNTT-y2FPICIZlwb9SnSpy50FaPfVn8pDKfGCCp6BqUWomws_VtMTJFfM8MlrMFClIwP9uUQY6gJ13l6kshW2CDx_6leGP68OCAKY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 27 Oct 2022 03:04:46 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+101; expires=Sat, 26-Oct-2024 03:04:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Oct 2022 03:04:46 GMT
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPsMzSRHQmdgf9TsBkh543bOtnnLlmawyO0pjRJ=s45-c?key=CILl0emTvZ6zzwE
142.250.74.33200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPsMzSRHQmdgf9TsBkh543bOtnnLlmawyO0pjRJ=s45-c?key=CILl0emTvZ6zzwE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 9099a2e00a7e85ecb0755290e3e966bb
699d65e8883478e6c446f9d6df5c8ad769921490
69dd0a538b85c6c2d7dfc2105dc8d30f6c690035499aa424e3a7647e130f8cba
GET /p/AF1QipPsMzSRHQmdgf9TsBkh543bOtnnLlmawyO0pjRJ=s45-c?key=CILl0emTvZ6zzwE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v92f9"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:46 GMT
server: fife
content-length: 4745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNO9KsuAnfu22kUAiQrx2b6PJllPQ6LPRhZKieU=s45-c?key=CNOD2uug1r33Hw
142.250.74.33200 OK 5.0 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNO9KsuAnfu22kUAiQrx2b6PJllPQ6LPRhZKieU=s45-c?key=CNOD2uug1r33Hw
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash ccc9f0bbc1cefcf5a909333b8a5d1731
4e5b30c28e6bf384a6850f93a90036a13de4080e
122cee57678301b5650fdfb0a046fcd9afd52913280173e12e653ebabed624ad
GET /p/AF1QipNO9KsuAnfu22kUAiQrx2b6PJllPQ6LPRhZKieU=s45-c?key=CNOD2uug1r33Hw HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2210"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:46 GMT
server: fife
content-length: 4989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPmJ6XQjWvGfoU43JhQTtRDBCEjvLLlwzbHqtdp=s45-c?key=CM-88sD9gqmFZw
142.250.74.33200 OK 5.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPmJ6XQjWvGfoU43JhQTtRDBCEjvLLlwzbHqtdp=s45-c?key=CM-88sD9gqmFZw
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash f9b71ca1092bfc652c22f57d2f8a7205
ada1fba7375f435486f3a88cc30ab01fd65315d5
240b8d84ce954c45ef319bd21bb0876d684c42af6c4ad17266f96e85b383c150
GET /p/AF1QipPmJ6XQjWvGfoU43JhQTtRDBCEjvLLlwzbHqtdp=s45-c?key=CM-88sD9gqmFZw HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1fa9"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:46 GMT
server: fife
content-length: 5227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNZog3CfIeYTdaqzxQGdjzay5-4thkYAFyIl9vu=s45-c?key=CNz127Twp-iawgE
142.250.74.33200 OK 4.9 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNZog3CfIeYTdaqzxQGdjzay5-4thkYAFyIl9vu=s45-c?key=CNz127Twp-iawgE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 8a9c2a1f0757d7e3695c8fe566037ab3
c86ae6afdf9d778ed180273480befde6c3431ec3
df3b2636116a9caeed766ec205574fed62e47ed1099903bbd8e76e78671cb69e
GET /p/AF1QipNZog3CfIeYTdaqzxQGdjzay5-4thkYAFyIl9vu=s45-c?key=CNz127Twp-iawgE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v28fa"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:46 GMT
server: fife
content-length: 4868
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipO6e0cWQCDvIWe9IJbfcokp8m59ulV7T-jvFmUw=s45-c?key=CLjn1bf5ncn6SQ
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipO6e0cWQCDvIWe9IJbfcokp8m59ulV7T-jvFmUw=s45-c?key=CLjn1bf5ncn6SQ
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash e3c4642c621062322b321fde5d29f9e6
a7b38544e77c579c07aae97f8df0d097d3e57153
4c342f0301b98c2b47a97771a6ff51b5d0f10acdbdc0d2d6e6dca8a3fa719659
GET /p/AF1QipO6e0cWQCDvIWe9IJbfcokp8m59ulV7T-jvFmUw=s45-c?key=CLjn1bf5ncn6SQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4ba"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:46 GMT
server: fife
content-length: 4151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-yYhSoW0teRs/YyGQxq08-iI/AAAAAAABHzg/NP5dMOAgSdoaaKfiBlt6y5tcKj1_ExY1QCK4BGAYYCw/s45-c/blogger-mama-maszull.png
142.250.74.161200 OK 22 kB URL HTTP/2 2.bp.blogspot.com/-yYhSoW0teRs/YyGQxq08-iI/AAAAAAABHzg/NP5dMOAgSdoaaKfiBlt6y5tcKj1_ExY1QCK4BGAYYCw/s45-c/blogger-mama-maszull.png
IP 142.250.74.161:0
File type gzip compressed data, max compression\012- data
Hash 16442ca640090ff530888aad55023136
e1e910e5ffaf95405cabc21f9dd96f683451f0d1
557993210078782562813865e93cb75911d039e502124404c4923672fbd299bf
GET /-yYhSoW0teRs/YyGQxq08-iI/AAAAAAABHzg/NP5dMOAgSdoaaKfiBlt6y5tcKj1_ExY1QCK4BGAYYCw/s45-c/blogger-mama-maszull.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="blogger-mama-maszull.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5392
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Fri, 14 Oct 2022 03:48:53 GMT
cache-control: public, max-age=86400, no-transform
etag: "v11f3b"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-O5WT0hkJrSg/UzouVjmjGQI/AAAAAAAAFmY/nOAyjGs_z54/s45-c/*
142.250.74.161200 OK 2.3 kB URL HTTP/2 2.bp.blogspot.com/-O5WT0hkJrSg/UzouVjmjGQI/AAAAAAAAFmY/nOAyjGs_z54/s45-c/*
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash f6121e26d5a60036224e66122d61cd27
4829792a6dfc43c581a1a05c45e057038e6916e7
312ff831842ca63057e2a547b5a8dbef22e440235a704bf7e5cc379b600c5d9a
GET /-O5WT0hkJrSg/UzouVjmjGQI/AAAAAAAAFmY/nOAyjGs_z54/s45-c/* HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="*.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2319
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Thu, 27 Oct 2022 12:42:14 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1667"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bdv.bidvertiser.com/bidvertiser.dbm?pid=589992&bid=1473873&RD=0202966932802&DIF=2
54.241.51.109200 OK 1.9 kB URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=589992&bid=1473873&RD=0202966932802&DIF=2
IP 54.241.51.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 4ef8fdabf0cc42958c534c0c2a03f9e0
b2604d270e1f109ae333010ecd2227aedf78f7c8
94136e97b593c73079b88d765a7f69dc4250f6cca7da5437bcffab0b6ac17a52
GET /bidvertiser.dbm?pid=589992&bid=1473873&RD=0202966932802&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 200 OK
Date: Thursday, 27-Oct-2022 03:04:46 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 27-Oct-2021 03:04:46 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
2.bp.blogspot.com/-1C_ox8aLkCU/VfFB3NQ2f1I/AAAAAAAAHGw/XKt1OfhhVtY/s45-c/20150307_175557.jpg
142.250.74.161200 OK 1.7 kB URL HTTP/2 2.bp.blogspot.com/-1C_ox8aLkCU/VfFB3NQ2f1I/AAAAAAAAHGw/XKt1OfhhVtY/s45-c/20150307_175557.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash d737312da5ba4cf8287113f9f8272266
ec7b5c8fd535482de98ee3351c135926b359fe88
e3548fa5ba02dbf04d3b632eeec23651976173db2a4d3babeaf23753d2c1949f
GET /-1C_ox8aLkCU/VfFB3NQ2f1I/AAAAAAAAHGw/XKt1OfhhVtY/s45-c/20150307_175557.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20150307_175557.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1655
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Sun, 23 Oct 2022 14:09:42 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1c6d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-uZ3lBx0aJ2k/TkkyS5MruJI/AAAAAAAAACA/1i21HiS5sfw/s45-c/eza2.JPG
142.250.74.161200 OK 2.1 kB URL HTTP/2 2.bp.blogspot.com/-uZ3lBx0aJ2k/TkkyS5MruJI/AAAAAAAAACA/1i21HiS5sfw/s45-c/eza2.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash fd8bd671395d8fe27fc8e2dc5cad0d0d
1b35ab447fd2d486938d7dd0e3f1ff93ce9a0958
3c2e344dfbf4c1376cc21bc87034af844d4e8cca96588cccb949bfeea35d119b
GET /-uZ3lBx0aJ2k/TkkyS5MruJI/AAAAAAAAACA/1i21HiS5sfw/s45-c/eza2.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="eza2.JPG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2059
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:46 GMT
expires: Sun, 23 Oct 2022 10:52:35 GMT
cache-control: public, max-age=86400, no-transform
etag: "v20"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 12:31:58 GMT
expires: Sun, 22 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 397969
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-cckZjLlDrLs/T8SKWvuaHKI/AAAAAAAAACA/QiKM-Fxc8fM/s45-c/images%25252B%2525252817%25252529.jpg
142.250.74.161200 OK 1.4 kB URL HTTP/2 3.bp.blogspot.com/-cckZjLlDrLs/T8SKWvuaHKI/AAAAAAAAACA/QiKM-Fxc8fM/s45-c/images%25252B%2525252817%25252529.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 51160962fbca12b64aedb54e6af83fb5
396927f98aa8a33faa5960ea576268eb58dafc6c
865398aa89db72ef961750f2c1106207bda3e3fc2eccb1d401d11766c829e414
GET /-cckZjLlDrLs/T8SKWvuaHKI/AAAAAAAAACA/QiKM-Fxc8fM/s45-c/images%25252B%2525252817%25252529.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20"
expires: Fri, 28 Oct 2022 03:04:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="images%2B%252817%2529.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:47 GMT
server: fife
content-length: 1426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 00:48:31 GMT
expires: Sat, 21 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 526576
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu911R8NxLSFCoKD1rZivC1GjW7WQooeU0PRvGF2WA=s96-p
142.250.74.33200 OK 5.3 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu911R8NxLSFCoKD1rZivC1GjW7WQooeU0PRvGF2WA=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 46f68598cd5de37e692494a37ae14f1a
4bcd5bc6003db8055af19389e4f0fbc3aaee880d
fa95dbc2ea2f936234e0add128d5eb8870dd288edb62763bb2405bfba6d0e431
GET /a-/ACNPEu911R8NxLSFCoKD1rZivC1GjW7WQooeU0PRvGF2WA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5304
x-xss-protection: 0
date: Thu, 27 Oct 2022 03:04:47 GMT
expires: Wed, 26 Oct 2022 03:52:20 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2ba0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOrwGZwnB4qzQlx0BSwm9CREazPMVnPNZavbiI8=s45-c?key=CPToo7-lsLLVygE
142.250.74.33200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOrwGZwnB4qzQlx0BSwm9CREazPMVnPNZavbiI8=s45-c?key=CPToo7-lsLLVygE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 9f5a11bdb87b360d13fc2c7ff9584ec7
e6c0fee327ff66c3c42bfc7f48fbc0701fd7ba66
64cfe7db1f474e676b62c9bbbc71e3bdb4e46bd73f97afc48c3933f64d09eb08
GET /p/AF1QipOrwGZwnB4qzQlx0BSwm9CREazPMVnPNZavbiI8=s45-c?key=CPToo7-lsLLVygE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb7d"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:04:47 GMT
server: fife
content-length: 4687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
goldilicious.blogspot.com/b/csi.do
142.250.74.161200 OK 37 B URL HTTP/1.1 goldilicious.blogspot.com/b/csi.do
IP 142.250.74.161:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 611fb6bad789dc4f90f0f0f1a2dbb848
a3cb8c5d355d7eb970058d8fcd2ff97e2237d340
659e314d9bdeb0a0309b6ad87647241e4be1d50a3670f27df64b920f70b8d282
Analyzer Verdict Alert fortinet Phishing
POST /b/csi.do HTTP/1.1
Host: goldilicious.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1013
Origin: http://goldilicious.blogspot.com
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/2014/09/imunisasi-1-tahun-6-bulan-umyarah.html
Cookie: HstCfa1192007=1666839885418; HstCla1192007=1666839885418; HstCmu1192007=1666839885418; HstPn1192007=1; HstPt1192007=1; HstCnv1192007=1; HstCns1192007=1
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 27 Oct 2022 03:04:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 37
Server: GSE
bdv.bidvertiser.com/BidVertiser.dbm?pid=589992&bid=1473873&RD=89425451860244&DIF=1&bd_ref_v=goldilicious.blogspot.com&tref=1&win_name=null&docref=&jsrand=89425451860244&js1loc=-&loctitle=%20Imunisasi%201%20tahun%206%20Bulan
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=589992&bid=1473873&RD=89425451860244&DIF=1&bd_ref_v=goldilicious.blogspot.com&tref=1&win_name=null&docref=&jsrand=89425451860244&js1loc=-&loctitle=%20Imunisasi%201%20tahun%206%20Bulan
IP 54.241.51.109:0
GET /BidVertiser.dbm?pid=589992&bid=1473873&RD=89425451860244&DIF=1&bd_ref_v=goldilicious.blogspot.com&tref=1&win_name=null&docref=&jsrand=89425451860244&js1loc=-&loctitle=%20Imunisasi%201%20tahun%206%20Bulan HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thursday, 27-Oct-2022 03:04:45 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 27-Oct-2021 03:04:45 GMT
Set-Cookie: bdv_c10p=244; domain=.bidvertiser.com; path=/; expires=Fri, 28-Oct-2022 03:04:45 GMT
bdv_c10p=1_1_1; domain=.bidvertiser.com; path=/; expires=Fri, 28-Oct-2022 03:04:45 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 4161
CONNECTION: Close
www.carimember.com/banner.png
149.127.138.231404 Not Found 0 B URL HTTP/1.1 www.carimember.com/banner.png
IP 149.127.138.231:0
ASN #140107 CITIS CLOUD GROUP LIMITED
GET /banner.png HTTP/1.1
Host: www.carimember.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldilicious.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
Date: Thu, 27 Oct 2022 03:04:47 GMT
Content-Length: 4715