www.onlinelearninga77.blogspot.com/
142.250.74.161301 Moved Permanently 185 B URL HTTP/1.1 www.onlinelearninga77.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 544f92c7450ac7e1d221d79b894abb55
9ffed7b2dcf8c0b9110817db4f31dad4dd41b2db
90bcaab01b994e3c77a13cbc9da1aa9762a5a026ab829b4c968aa29651e82fc2
GET / HTTP/1.1
Host: www.onlinelearninga77.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://onlinelearninga77.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 09 Sep 2022 05:07:27 GMT
Expires: Fri, 09 Sep 2022 05:07:27 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 185
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69b2178640638b4eba96ce12799a69a5
38706b536d3425af21189f5a34475ad559b153b1
a7e485971a2d371fb4a9e9425c4199c8b0ecb6ba0a88e83ebb87688e42d18aef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7E485971A2D371FB4A9E9425C4199C8B0ECB6BA0A88E83EBB87688E42D18AEF"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10086
Expires: Fri, 09 Sep 2022 07:55:33 GMT
Date: Fri, 09 Sep 2022 05:07:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16430
Expires: Fri, 09 Sep 2022 09:41:17 GMT
Date: Fri, 09 Sep 2022 05:07:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 01:34:32 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QexJMJhgHihhqIz4jTfEk6P7scp-opeiKpHVKrX_G636kL7dfE6hfw==
age: 13522
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 45 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a551c8de5aeefb96287433934fcba5b0
6601c2fdf5129825fa03b76f250c3db50eaaf108
406f198c74920a3252d27d07dfca1ccfd5f15fd7feb2f8fe18b3047c10d3d52b
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: T7tgZTHDkrt_zU7lofNxS4Nt3jme44n379ziFJAXm2u1diWDbZfwcQ==
content-encoding: gzip
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 05:02:54 GMT
content-type: application/json
content-length: 45262
age: 274
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 05:05:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7MoH8Eo8qE4bxC4w797kw1flpddUrvcLvDh8Ip68EjLwrDc4d9Zd-Q==
Age: 105
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eda247a5bd191442ceecca9a08e4af47
fbf1da7c4ac5a77d607362474f1a311bbbb6ff2e
4b620229123112da7e2ef2e646da13186466cbafe053061f45748a88234789c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 05:07:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 08 Sep 2022 15:02:22 GMT
Age: 50706
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 59d177843181882be7aa82ddfd108fff
01460b47b518d7fa007af1600e6d88273aa55ef7
ba85249815736235b7749889dec432db5c2223cf8c1158f4777ae5d127f924b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5719
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Last-Modified: Fri, 09 Sep 2022 03:32:09 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eda247a5bd191442ceecca9a08e4af47
fbf1da7c4ac5a77d607362474f1a311bbbb6ff2e
4b620229123112da7e2ef2e646da13186466cbafe053061f45748a88234789c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (57726)
Hash 6b4c33756cd8bbab435e3a0cfc6bc86f
81353a4bf33e0ab40f78e191fdfc6a66c9262d2d
9209dd242371ba27f879d76e8761d77434beacb1613b4a88d936fec9eb62df1b
GET /ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:28 GMT
content-type: text/css; charset=utf-8
content-length: 10256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-e238"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3039604
expires: Wed, 30 Aug 2023 05:07:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLAmxvqRquUyFcKFzFeXPozvZdOqvQAvDDZ%2FI4NcG3mTBDtAkVgyiObZDtjZ3FT17FLZLIS%2FxJgz9WBKcS%2BjkjlabTBb9ANuaRxu4Yd2pF2u%2FQxbrhS8JRywFFUZMzzUEj%2BqsEK%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 747d66886b33b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onlinelearninga77.blogspot.com/
142.250.74.161200 OK 39 kB URL HTTP/2 onlinelearninga77.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1361)
Hash ab08e4bc87fb50b296ba772b4144ae5a
ff3926270fef1cd6c59de4ad8cb9ebe24ba416a8
3598ba447870adcea53b4a4a710a1b7fe4134fc11320b74605b306a04eaa8687
GET / HTTP/1.1
Host: onlinelearninga77.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 09 Sep 2022 05:07:28 GMT
date: Fri, 09 Sep 2022 05:07:28 GMT
cache-control: private, max-age=0
last-modified: Thu, 18 Aug 2022 19:28:08 GMT
etag: W/"f55100c2638e002d300c061983360ca34f047a38a1bdf4d57840844c61c78087"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 39013
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8143752
expires: Wed, 30 Aug 2023 05:07:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbC866qznhvb1ETOo8ww5UbTHuQPes7Dq1bY%2Fs%2FOLgZYp%2Bf%2F%2FFl739E%2Bkb%2FYzWKq2qoGkkJbtDyxxp4%2FBSklV2LY%2Bcn0E5tdF3%2FXHhhg8%2FIUF6S7zdGy8L6JEkkWbsVCZ0oQZFDO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 747d6688bb5eb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ae2329f5fe60faefad5bb59440e71946
f1df1a5f493d3a9d1803daad2134ce867c6656b8
df5c0d6f1287e52827f4a076313735a91be0cd17ec36de3627db0250f9965a93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-B8NNMRLXE5
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-B8NNMRLXE5
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash ed65dbff2d4b4309a9340799f55a0e05
363f9579663bf76512be99f81eb2f7d505724127
bbce0bf6cb37fe808b9c60a7d76fad8968aa052720e77a75f21b3b5098dd1577
GET /gtag/js?id=G-B8NNMRLXE5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 05:07:28 GMT
expires: Fri, 09 Sep 2022 05:07:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2127
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Last-Modified: Fri, 09 Sep 2022 04:32:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ff7a80bbd9705147b60a7fc94751c2d0
d322747d24c84eff1deec0803d779eb943353688
899386858551a5849129f3612f08964d4f08d9d1e7a46f33cad6e8ddd1040e65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3753684042-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3753684042-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 9310029f33929201831992bd74c13953
092fc9b60b0fcc7e24b80eb89f40178e91effb98
ed0ad17efb3c922e7bc8feffa0a5718d2ad226c44f2bb183b6ad163684f3b982
GET /static/v1/widgets/3753684042-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57039
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 01:53:39 GMT
expires: Fri, 08 Sep 2023 01:53:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 22:51:39 GMT
content-type: text/javascript
age: 98029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ff7a80bbd9705147b60a7fc94751c2d0
d322747d24c84eff1deec0803d779eb943353688
899386858551a5849129f3612f08964d4f08d9d1e7a46f33cad6e8ddd1040e65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
44.228.90.169200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 44.228.90.169:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Fri, 09 Sep 2022 05:07:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 18Vwi8avsLASwklSZOVcvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Tll8up6LGzW1cmKKorrZXEegISM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f92b262059b110e72be3b8fc5447e827
aa7c57ca8b306a7f6e453a4813561b878484fb46
2aa64e51787cc28fdad10cc00b6b5b31398050ed0bb3fdd4c5ebb11a0f3b0907
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AA64E51787CC28FDAD10CC00B6B5B31398050ED0BB3FDD4C5EBB11A0F3B0907"
Last-Modified: Thu, 08 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20564
Expires: Fri, 09 Sep 2022 10:50:13 GMT
Date: Fri, 09 Sep 2022 05:07:29 GMT
Connection: keep-alive
ajfnee.com/p/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDIsInNyYyI6Mn0=eyJ.js
104.21.82.164200 OK 25 kB URL HTTP/2 ajfnee.com/p/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDIsInNyYyI6Mn0=eyJ.js
IP 104.21.82.164:0
File type ASCII text, with very long lines (63866), with no line terminators
Hash 1353dd3716a8db44b3d4ae2b89982103
e6fb2eb81a5dd81f9f614be2da087ba8953b6e18
d3064083af79d84b0b7208146333e8c5f5ef85acb30db97b428947f6f8ae3e58
GET /p/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDIsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: ajfnee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://onlinelearninga77.blogspot.com
e-tag: 6476297a996e43a61a200dcecfabb6f2
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 09 Sep 2022 05:07:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNuQevXTVo2dF8YwIjeHy96onZyOC2hVNROpJCv%2Fz3lE%2BnOcFRKYHaaUF9AVBC8Sb%2F5SK4vIhXCzMILc6Kxv%2FsKLnVpqA7CfVx6CgExGjjPhcO48QIdXxq9AnhEJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747d66892b8d1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvypar.com/na/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDksInNyYyI6Mn0=eyJ.js
104.21.54.227200 OK 30 kB URL HTTP/2 dvypar.com/na/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDksInNyYyI6Mn0=eyJ.js
IP 104.21.54.227:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 918bd06af6b849afa559ea4776b8da64
5e5dc17887140cae17bb4da09635725cf2d5f4b5
9ea0410ce74a9ebff55f8c09f94b4bfe886743126ae0233ded4a8a672bbe3844
GET /na/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDksInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: dvypar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://onlinelearninga77.blogspot.com
e-tag: 16a1d6460ec30b7e6c6c68ac1b4e57b8
cache-control: public, max-age=14400, proxy-revalidate
cf-cache-status: MISS
last-modified: Fri, 09 Sep 2022 05:07:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfybYNFth%2BoD87BKASuDCyQ7ZbnL%2FJCg3qydtKzQCPRq0GHooGx8KBGDHhNg9TyGLJn8rt2qWhWqmwrMeX1UcCjPMJj3jVbnllqtD39dnvkcIbwfRq1xZIcJ6nDX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747d66896ed30b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662683838451&_since=%221653914271178%22
143.204.55.115200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662683838451&_since=%221653914271178%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 17408c9519b5f281127b53ae1cdd2c1f
8437f3b97c662bc8526b86a747fa124638fdf424
843466bea7f6dafe736dd1475f8ac8fc055d1c0f08b34e80e9088b5cfac399f3
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662683838451&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 09 Sep 2022 00:37:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 05:07:29 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GlXjKjmG1QRk8228RAivcH8rAqU_lGZs2eKTefJ7HtNKa58_IX64bg==
Age: 479
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0JSR3xreKWt_jpsR5XqjQsXk4XqxBhIwkNqkJaDm3-jwtBngvlE-Xg==
age: 4855
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 05:05:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aWAtFU2sHhXTcZKWHXyZw9KrpMySmKlm2n4oulPwxmqkZcafgQGBcg==
Age: 106
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
143.204.55.5200 OK 796 kB URL HTTP/1.1 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
IP 143.204.55.5:0
Size 796 kB (795699 bytes)
Hash 9b95765b0e26af76116a95a966d61354
3f7c1b40fc999b83f3696f455402e49ab484b027
34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 09 Sep 2022 02:13:22 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GFpyCK6uC4b63ntDDOGiVF0jwIyHeUy678Kqor2Gkh_KijopUnWE-w==
Age: 13707
pl17519733.highperformancegate.com/80/f1/a8/80f1a8967868bfe8aad09f7b10fb884b.js
192.243.59.20200 OK 20 kB URL HTTP/1.1 pl17519733.highperformancegate.com/80/f1/a8/80f1a8967868bfe8aad09f7b10fb884b.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59407), with no line terminators
Hash e489fe1d43f3e65d2070e1f9b82d824c
a3f2c3a3fd21344979d8a2ccde118eb26f0d22ca
ff17970cc4b081c4aa6a294d08f73bc0c738b8f24aa11106b04976823b0b0c89
Analyzer Verdict Alert quad9 Sinkholed
GET /80/f1/a8/80f1a8967868bfe8aad09f7b10fb884b.js HTTP/1.1
Host: pl17519733.highperformancegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 09 Sep 2022 05:07:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c87c19ffa43867c5fdf5ddb1d2fea01c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662667723810&_since=%221654636467710%22
143.204.55.115200 OK 5.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662667723810&_since=%221654636467710%22
IP 143.204.55.115:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6c049c24dc7ea534825179965a42363b
4b3b97ed48fb2644179fa793d67561c649a94e6b
97b6177c191e0f8292164981e0b59d0b61871358b3e4f190589df4427d12de22
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662667723810&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 08 Sep 2022 20:08:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 05:07:29 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2SgB-VptBaR_2d3qmqbG2PoJi1tz8yx8mZL1SGrxOoKG5T1c_a983A==
Age: 360
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nBrXw.woff2
142.250.74.163200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nBrXw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 35752, version 1.0\012- data
Hash c60ea76cc216df040231d5351a254c11
0a8193cb6a75dc60d8a8dc86dbda8118c0d59808
d3f198bdc0f8309cf2a7d5bf1458d6b7b94f53ee61e4aa9fc4af271bea0b13fe
GET /s/rubik/v11/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 07:08:12 GMT
expires: Wed, 06 Sep 2023 07:08:12 GMT
cache-control: public, max-age=31536000
age: 251957
last-modified: Mon, 28 Sep 2020 22:16:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEhct53mmWNAR_nivM3PJgHRXOt0qw47qU9b9X2RTwEJlfxlJk-EgQcOEVPIMSHwuKiZlKKiJ_tPX1o_3Uv_I4Jj9VSmGaGjI9okWIrkuRzBV1o79P7wUnIg7pB7YUTi85A2moRaRlZRFrymhEo_Lmic_2istNp2IQXpDAG--pkokXOYo_LnOnsV0Vc=s150
142.250.74.1200 OK 7.0 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEhct53mmWNAR_nivM3PJgHRXOt0qw47qU9b9X2RTwEJlfxlJk-EgQcOEVPIMSHwuKiZlKKiJ_tPX1o_3Uv_I4Jj9VSmGaGjI9okWIrkuRzBV1o79P7wUnIg7pB7YUTi85A2moRaRlZRFrymhEo_Lmic_2istNp2IQXpDAG--pkokXOYo_LnOnsV0Vc=s150
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 150x84, components 3\012- data
Hash 94dfbfdbc65bcda0762f7f52a8d0ee93
d437672df934bd198c45f4b71e5b5282aca2ca4c
a41a5dc6faa6ae1d7066672292dca50cd88ad3c8bf34792fd4a877755851945c
GET /img/a/AVvXsEhct53mmWNAR_nivM3PJgHRXOt0qw47qU9b9X2RTwEJlfxlJk-EgQcOEVPIMSHwuKiZlKKiJ_tPX1o_3Uv_I4Jj9VSmGaGjI9okWIrkuRzBV1o79P7wUnIg7pB7YUTi85A2moRaRlZRFrymhEo_Lmic_2istNp2IQXpDAG--pkokXOYo_LnOnsV0Vc=s150 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v14b"
expires: Sat, 10 Sep 2022 05:07:29 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="download (1).jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Fri, 09 Sep 2022 05:07:29 GMT
server: fife
content-length: 6987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 0eaa482920c47bd42030d69b28e5e08c
a59d707d2339350a0d681acf3d1e7bcb5e67bfae
0dae39030f55d48f02b69ee4d1d4b728128b8559a8bd8a0ea43abac1c42e7a70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: close
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 05:07:29 GMT
Last-Modified: Fri, 09 Sep 2022 03:28:34 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EKpSV4iGaI_rzBVkXdcxqBNa6yraD0dnnacMM2CC0cXIF5lLhmZcmw==
Age: 5935
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash 559f0f7c97f471fceaaccaeeed150536
e7bc0f1a245a62f163551b8ce47e383c16deb7a0
229f7db9586b17791ae510243df28f3e08201be79f0a8913541ccd7d71007e20
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://onlinelearninga77.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=7c23caff-2e8b-438b-96f3-6b929001b5c5:2:1; expires=Mon, 06 Sep 2032 05:07:29 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
143.204.55.115200 OK 5.9 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Hash f28e40410916597002bfaca8b80cd143
386751dbd0839587f0be429fee8a33552d8d1d96
eb0711e7aa1efa94e639dac7b3f62f4c3f80cc0d6aa611a8f23c94876d58ec11
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 09 Sep 2022 05:02:45 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z4BejawBAkFd4rLHdG5mJyLMDHY9FkEA5xnbxtO7JnlF11a9fUm3ZQ==
Age: 354
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ae2329f5fe60faefad5bb59440e71946
f1df1a5f493d3a9d1803daad2134ce867c6656b8
df5c0d6f1287e52827f4a076313735a91be0cd17ec36de3627db0250f9965a93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kiynew.com/er?a=1
185.162.85.4200 OK 0 B IP 185.162.85.4:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /er?a=1 HTTP/1.1
Host: kiynew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlinelearninga77.blogspot.com/
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 09 Sep 2022 05:07:30 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662595265893&_since=%221654732864402%22
143.204.55.115200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662595265893&_since=%221654732864402%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (59437), with no line terminators
Hash 560aed9b73a92e921124c87033ed8aaf
0e98248b1797a143777a2e2e181527eb6a76655c
fbc2af995e8fc188d4fe6e2f239528ee98d944b173f1ab171b1d9b00cf719af7
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662595265893&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 08 Sep 2022 00:01:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 04:47:17 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TqaE4NtqnwUE3fdJFEiakzhQByYZ2zQs0W-JbFT8XqV1AXIwGenbgw==
Age: 1579
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 313a68b511db26df730c1ac4672bebb6
cda1e704426b6a31362bd85fe37334980ab89e73
52a827b6061b7c367ddafcfe4069c9c97179e48f7b77c7232311b609c460d0d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A827B6061B7C367DDAFCFE4069C9C97179E48F7B77C7232311B609C460D0D9"
Last-Modified: Thu, 08 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=916
Expires: Fri, 09 Sep 2022 05:22:46 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93a115cd71ded4b966c283afaa04bb2e
16a96e4b30ef030d7d0b6aaf4cf3fe73843beeac
b6356ca3d2c56c5c037cccd61db43db246f0b64a68ae596c51002955c19bbf0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6356CA3D2C56C5C037CCCD61DB43DB246F0B64A68AE596C51002955C19BBF0E"
Last-Modified: Thu, 08 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4249
Expires: Fri, 09 Sep 2022 06:18:19 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
143.204.55.115200 OK 779 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (1392), with no line terminators
Hash feb548016d67969c8408dc4afd03a12e
9449c0b40446e2fff553406270b879b40c8bbd2a
4384cca875647f7bf975f9ac51298bbe5e632e54597284d0a6a49971bc8f2798
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 04:50:54 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kBB7mTEmNnTOgN0jRIpREmQhSlYrZZGGR2a1pzUYZS8tKA5trkr-7w==
Age: 1114
firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
143.204.55.115200 OK 3.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Hash cb546ddfc075945fc3edcc0a08714230
d0c184b28768e0b60712ebfb2a1d7efed49ec5e7
1140ff372948c06d0577eb7a7299c2d95c87b4d47839defef7307486f9f7ea21
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 05:06:42 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Gi3s9yln4w9xB_3GahDfKarFXLxEy4Ja8SJCk1kbJza0w69ntPSYNQ==
Age: 70
kiynew.com/trt?a=1&t=462
185.162.85.4200 OK 0 B IP 185.162.85.4:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trt?a=1&t=462 HTTP/1.1
Host: kiynew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlinelearninga77.blogspot.com/
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 09 Sep 2022 05:07:30 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3280
Expires: Fri, 09 Sep 2022 06:02:10 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-B8NNMRLXE5>m=2oe970&_p=70602744&cid=1588635763.1662700042&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662700042&sct=1&seg=0&dl=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&dt=Online%20Learning&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-B8NNMRLXE5>m=2oe970&_p=70602744&cid=1588635763.1662700042&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662700042&sct=1&seg=0&dl=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&dt=Online%20Learning&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B8NNMRLXE5>m=2oe970&_p=70602744&cid=1588635763.1662700042&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662700042&sct=1&seg=0&dl=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&dt=Online%20Learning&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://onlinelearninga77.blogspot.com
date: Fri, 09 Sep 2022 05:07:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
143.204.55.115200 OK 3.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (14030), with no line terminators
Hash 9498433bbbcad841ef1b67c31e9e19f7
bc89dbd1261594949ebc09eb0978e22d14fb5c3f
01a250849ba7c6b099e5e2e85059f7657041d3997a5a0118b85aea782aa408b2
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 09 Sep 2022 05:02:50 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UYfb43lTNrG0JyYd5yZEm0IkSEoA0SPJGKSJ655eE1uDOcXaJAGG4Q==
Age: 355
www.effectivecreativeformats.com/cc90b8bec036179c619799a372bcf19e/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformats.com/cc90b8bec036179c619799a372bcf19e/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26961), with no line terminators
Hash 352345af24046b67fb921c43bde72b06
3b35cf35236e203d0a8ab4f2dc4dbe7af42eda5e
e326853a87bafa2caa9f54645dd7b47432106355aace2e6de2a26ee49206b4ba
Analyzer Verdict Alert quad9 Sinkholed
GET /cc90b8bec036179c619799a372bcf19e/invoke.js HTTP/1.1
Host: www.effectivecreativeformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 05:07:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0e95cc7171ef9141ab600025d2fc7050
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5395aa3be616723510186b23135799c3
39c5c5edeba1195a2873f07945a8804417ecd5ae
f237a31339e27dec1af7e00a76c5315e64b235d0e43fbe4d9910c67254dc379b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:07:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tgpsew.com/ntload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDksImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6OH0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v
185.162.85.20200 OK 379 B URL HTTP/2 tgpsew.com/ntload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDksImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6OH0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v
IP 185.162.85.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (987), with no line terminators
Hash cd45f9801aee61e2831130f6786fd43e
40eb9a8fbc46655ec0debb0ed6022c69d849900b
2b7bb28bfcc5ba76b1f734d2d39fda6d1134b994619c516496054596cbf05439
GET /ntload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDksImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6OH0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v HTTP/1.1
Host: tgpsew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlinelearninga77.blogspot.com/
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
yqmxfz.com/pw/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDMsInNyYyI6Mn0=eyJ.js
104.21.233.137200 OK 46 kB URL HTTP/2 yqmxfz.com/pw/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDMsInNyYyI6Mn0=eyJ.js
IP 104.21.233.137:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a13823558c1394427e119c252697d0f
b9f340383adc4d228e4f4205bfc6396d7a1eb70b
c799b78e1ba0d4a2dc9ff15db4ce71dbf1ab059860c5d7b8941db4bc2a170db9
GET /pw/waWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDMsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: yqmxfz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://onlinelearninga77.blogspot.com
e-tag: 71d152e9437d2bf74511c695c7362054
cache-control: max-age=3600
cf-cache-status: MISS
last-modified: Fri, 09 Sep 2022 05:07:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eo8DCe6j%2FhgGdr9BZdVw4ZzYa3H4sNR01JYPWDP2DO2bQwWgdLGFPpdyd8LYYdI0hvB1UZLFFOTbtmBRgKzF5beU8QR1p7ODS5sdPbecXsNJtOgLAPvgiydeFbwk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747d66896d7b731e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
143.204.55.115200 OK 681 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash 747f384efea12ce5dab98117b84a36d8
3bfa87d8ca19bf259e1b28f5d8484560bc4aa59f
674580bbd668da2fccee5bd78cd11bdb237a800ec945160353537b15c3e924f2
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 681
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, ETag, Last-Modified, Backoff, Cache-Control, Retry-After, Expires, Pragma, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sat, 03 Sep 2022 16:36:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 04:51:24 GMT
Cache-Control: no-cache, no-store
ETag: "1662223014803"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AziigAOdGwGrtS82NMsFU_xOxYvYKKZTnyiIG07bhyCYYlL-2fwNyg==
Age: 1044
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
143.204.55.115200 OK 897 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Hash 2ef700623eb0b783e8a583fb14fcbb80
c6b6cbb847d3a5e5c6d991c8d6dce6e9b9c902cf
b2a5ecbd87cc70c34c20d9470de54751cc1f48c8945e2239f12874ed35839983
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 04:29:10 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2ohrFBcUU_mbMqwFTUIBDo19LbkP44-KauCblElN71TI9AAjR0tlWw==
Age: 2324
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8703cde24b6afd7f78d973e3094062a7
96511b3a1385fee44cc420d8b2bf33584d3b3ffd
00c23f057514b0ac97d7693afa87fae61b43216c4d3d1964040eca10a30411b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00C23F057514B0AC97D7693AFA87FAE61B43216C4D3D1964040ECA10A30411B6"
Last-Modified: Thu, 08 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8821
Expires: Fri, 09 Sep 2022 07:34:31 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8703cde24b6afd7f78d973e3094062a7
96511b3a1385fee44cc420d8b2bf33584d3b3ffd
00c23f057514b0ac97d7693afa87fae61b43216c4d3d1964040eca10a30411b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00C23F057514B0AC97D7693AFA87FAE61B43216C4D3D1964040ECA10A30411B6"
Last-Modified: Thu, 08 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8821
Expires: Fri, 09 Sep 2022 07:34:31 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
143.204.55.115200 OK 1.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (2195), with no line terminators
Hash ea7be8630c2ab64565dcf909ddd6b1e9
99b5c68aea2e5c3f498290bca5affa8c4d5ccaee
46a7bd4666db075b42064484105f0381c5cd8ff11ce5a9a555711ad03f83b38c
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 09 Sep 2022 04:32:38 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CCpDmuXctPbVCud1LdKhls3JM62u64C30eN_BlAqPkfYPVXzQ2QH2A==
Age: 2676
graduatewonderentreaty.com/watch.1503810827604.js?key=cc90b8bec036179c619799a372bcf19e&kw=%5B%22online%22%2C%22learning%22%5D&refer=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5%3A2%3A1
209.192.156.100307 Temporary Redirect 0 B URL HTTP/1.1 graduatewonderentreaty.com/watch.1503810827604.js?key=cc90b8bec036179c619799a372bcf19e&kw=%5B%22online%22%2C%22learning%22%5D&refer=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5%3A2%3A1
IP 209.192.156.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1503810827604.js?key=cc90b8bec036179c619799a372bcf19e&kw=%5B%22online%22%2C%22learning%22%5D&refer=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5%3A2%3A1 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 05:07:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://onlinelearninga77.blogspot.com
Access-Control-Allow-Origin: https://onlinelearninga77.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://graduatewonderentreaty.com/watch.1503810827604.js?key=cc90b8bec036179c619799a372bcf19e&kw=%5B%22online%22%2C%22learning%22%5D&refer=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5%3A2%3A1&shu=4592aa26ec62bc6c5e9b83adcabcfef1d916a8b445a61745ff7cce196b2752774cf4f31a042ed58a8b1569b1080472626f81b5bddfbea56a975ec9425f19eb081ab25d45b62ea005c8d1e937831840f7905d3893e423f11061c87d9fb4e5455d4cc2&pst=1662700110&rmtc=t
Set-Cookie: u_pl=17419243; expires=Sat, 10 Sep 2022 05:07:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQxOTI0MywiayI6ImNjOTBiOGJlYzAzNjE3OWM2MTk3OTlhMzcyYmNmMTllIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTA3MDgyLCJwaWQiOjQ5NTA5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyNywicHQiOjQsInBrIjoibm1kajRoa3g2eSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20vIn19.NtN_T5kb-uED6HjAIP2H7m-DFSHEMVnC7ncO_iAkNz8; expires=Fri, 09 Sep 2022 05:08:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5944c57843a4e08d0ddaaa77c8a8a9c1
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3280
Expires: Fri, 09 Sep 2022 06:02:10 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
143.204.55.115200 OK 1.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (3677), with no line terminators
Hash 7c2cf5e6216dc47511f819acd70197a5
f8f556d7600b3e74941bc4d3100463e054879170
0b13a9837661102f8e1ee4647007e78ddff90738b62eeb2df69713ed0c2be6bd
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 04:45:53 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vVXlh3qS_PBbm7eYL8cVjP9_tSqeV6F5rJv4lHbD6zru17UoiWbeSA==
Age: 1487
prhzxq.com/wnrw?aid=1590078455040263462&t=1662700050&a=1
185.162.85.19200 OK 0 B URL HTTP/2 prhzxq.com/wnrw?aid=1590078455040263462&t=1662700050&a=1
IP 185.162.85.19:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wnrw?aid=1590078455040263462&t=1662700050&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlinelearninga77.blogspot.com/
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 09 Sep 2022 05:07:30 GMT
content-length: 0
access-control-allow-origin: https://onlinelearninga77.blogspot.com
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4145
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4145
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4145
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4145
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4145
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:04:02 GMT
age: 25408
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 356d258ee8fe7dd3a49d6e910ad4e6d1
69582548ae31d56ebd4a140e000ae6ab1a6a399b
32394386d1762e03f6ee1cbc5c6ed40a0a745745da646d8879fc8b59a089b887
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7787
x-amzn-requestid: 3dba260f-c87d-40ac-b840-ec3ce2f315d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRjNF5RIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a62e1-5e73894d42ccca495868d250;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:47:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: zrQLwxeZFERUfVE9TRzCEiDp1VX--enE-R7_gjebT-8VyW4lkDVstg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:57:04 GMT
age: 25826
etag: "69582548ae31d56ebd4a140e000ae6ab1a6a399b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d3752fb9bfaa323218e5a7b93aa5c6
08b4d519a099b04a9f1515377d02e51575f3321f
fa33f2240aea7395b0be62683743523beb1f0f11cb390f4d532e3474610a812c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7646
x-amzn-requestid: 1f48393e-8665-4591-a2a6-07953a68bb16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEaGTGwdIAMF47A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63180a28-1116d4bf11e2133503ac1429;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 03:04:08 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: S1y8if_u-ZqeKT0Wx9eyOaKNOmhcaydzfxwQeBQ-hArLtQG6ckJ8EQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 03:38:26 GMT
age: 5344
etag: "08b4d519a099b04a9f1515377d02e51575f3321f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:15:21 GMT
age: 24729
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 2110
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e230d551ceb1384798029c68da3620dd
2ad873b5c8013cc9e93f06fb0b7711a340eb4a72
46c0046dbaeb8445898b6e2a5e88ba3994b7ebb56b02be71acab733e8ad40e07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46C0046DBAEB8445898B6E2A5E88BA3994B7EBB56B02BE71ACAB733E8AD40E07"
Last-Modified: Thu, 08 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Fri, 09 Sep 2022 07:40:56 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf8614d876156699bdf11897c45e9ae8
ff2c27cf141c68259e6e85020b01efc5d41730a6
c89d6a2fdc789fc725e8bac99774f9f9f0b22000f57d32f5611525bca30002d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: dc414175-8174-4fa8-812b-1f72de48d5f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRBYEt8oAMFmyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6208-1c2417b120725a9a0642620a;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 8Bvag9DT9hfKBaEhvBZ3UOna0tA_z7uvExg_2VVhd5yHy9BiJAkHbQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:54:52 GMT
age: 25958
etag: "ff2c27cf141c68259e6e85020b01efc5d41730a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e230d551ceb1384798029c68da3620dd
2ad873b5c8013cc9e93f06fb0b7711a340eb4a72
46c0046dbaeb8445898b6e2a5e88ba3994b7ebb56b02be71acab733e8ad40e07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46C0046DBAEB8445898B6E2A5E88BA3994B7EBB56B02BE71ACAB733E8AD40E07"
Last-Modified: Thu, 08 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Fri, 09 Sep 2022 07:40:56 GMT
Date: Fri, 09 Sep 2022 05:07:30 GMT
Connection: keep-alive
graduatewonderentreaty.com/watch.1503810827604.js?key=cc90b8bec036179c619799a372bcf19e&kw=%5B%22online%22%2C%22learning%22%5D&refer=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5%3A2%3A1&shu=4592aa26ec62bc6c5e9b83adcabcfef1d916a8b445a61745ff7cce196b2752774cf4f31a042ed58a8b1569b1080472626f81b5bddfbea56a975ec9425f19eb081ab25d45b62ea005c8d1e937831840f7905d3893e423f11061c87d9fb4e5455d4cc2&pst=1662700110&rmtc=t
209.192.156.100200 OK 2.1 kB URL HTTP/1.1 graduatewonderentreaty.com/watch.1503810827604.js?key=cc90b8bec036179c619799a372bcf19e&kw=%5B%22online%22%2C%22learning%22%5D&refer=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5%3A2%3A1&shu=4592aa26ec62bc6c5e9b83adcabcfef1d916a8b445a61745ff7cce196b2752774cf4f31a042ed58a8b1569b1080472626f81b5bddfbea56a975ec9425f19eb081ab25d45b62ea005c8d1e937831840f7905d3893e423f11061c87d9fb4e5455d4cc2&pst=1662700110&rmtc=t
IP 209.192.156.100:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2636)
Hash c448d5d6bf0909a9fb5d73e93467ff2d
40791db04bd0ed83b803a27951e427df5752ff78
dd6d6a8bfef8be2b6c355c74aa7044198ccd755d1726473aaf06cca21475a090
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1503810827604.js?key=cc90b8bec036179c619799a372bcf19e&kw=%5B%22online%22%2C%22learning%22%5D&refer=https%3A%2F%2Fonlinelearninga77.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5%3A2%3A1&shu=4592aa26ec62bc6c5e9b83adcabcfef1d916a8b445a61745ff7cce196b2752774cf4f31a042ed58a8b1569b1080472626f81b5bddfbea56a975ec9425f19eb081ab25d45b62ea005c8d1e937831840f7905d3893e423f11061c87d9fb4e5455d4cc2&pst=1662700110&rmtc=t HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onlinelearninga77.blogspot.com
Referer: https://onlinelearninga77.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17419243; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQxOTI0MywiayI6ImNjOTBiOGJlYzAzNjE3OWM2MTk3OTlhMzcyYmNmMTllIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTA3MDgyLCJwaWQiOjQ5NTA5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyNywicHQiOjQsInBrIjoibm1kajRoa3g2eSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20vIn19.NtN_T5kb-uED6HjAIP2H7m-DFSHEMVnC7ncO_iAkNz8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 05:07:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://onlinelearninga77.blogspot.com
Access-Control-Allow-Origin: https://onlinelearninga77.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7c23caff-2e8b-438b-96f3-6b929001b5c5:2:1; expires=Fri, 16 Sep 2022 05:07:30 GMT; secure; SameSite=None
iprc4f49bd7959ad0dea962a336261ae5af5=3569807; expires=Fri, 09 Sep 2022 09:07:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 05:07:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 05:07:30 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 10 Sep 2022 05:07:30 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 10 Sep 2022 05:07:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c3b20a8cfe456f5dcc4fe392605e0c46
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
45.133.44.36200 OK 7.7 kB URL HTTP/2 i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
IP 45.133.44.36:0
ASN #39572 DataWeb Global Group B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 311dea4d14f115d233335c6e836384b4
8b92a31d5f07440ea67469f1b2827fe1bde271e4
8136f9d883af8abb2895a1c5946063fc41ed4b3a7f7226ffe2f49e49a3d0c961
GET /auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: image/webp
content-length: 7712
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Fri, 23 Sep 2022 05:07:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp
45.133.44.36200 OK 10 kB URL HTTP/2 i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp
IP 45.133.44.36:0
ASN #39572 DataWeb Global Group B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68329d624a42af6145117bed5c9a2f03
4439b8d8b7e2dc706b5e9a417852bf16e6eb17dd
ede7a9f931abc7e53d07dbf4a82e992cfc38ebb280158f7fa4d12d00cab03bc6
GET /auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: image/webp
content-length: 10348
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Fri, 23 Sep 2022 05:07:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29ed18931467e0c214b5e11f62526e0d
f74327003408cfc636f227c0544a5515c5c88698
9e38f2d1e2c14a729126101d6ac73e8c4afa68af5b02ffc26016c2e33ba9ed85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E38F2D1E2C14A729126101D6AC73E8C4AFA68AF5B02FFC26016C2E33BA9ED85"
Last-Modified: Thu, 08 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20434
Expires: Fri, 09 Sep 2022 10:48:05 GMT
Date: Fri, 09 Sep 2022 05:07:31 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.59.12200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 05:07:31 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 26d0fa58377efe3c63ce3efabf52bcf7
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12058
Expires: Fri, 09 Sep 2022 08:28:30 GMT
Date: Fri, 09 Sep 2022 05:07:32 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=80f1a8967868bfe8aad09f7b10fb884b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=80f1a8967868bfe8aad09f7b10fb884b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=7c23caff-2e8b-438b-96f3-6b929001b5c5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=80f1a8967868bfe8aad09f7b10fb884b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 09 Sep 2022 05:07:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f47cc4029a0589e3d62eea1b4098be35
Strict-Transport-Security: max-age=0; includeSubdomains
yqmxfz.com/template/classic.html
104.21.233.137200 OK 0 B URL HTTP/2 yqmxfz.com/template/classic.html
IP 104.21.233.137:0
GET /template/classic.html HTTP/1.1
Host: yqmxfz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlinelearninga77.blogspot.com/
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://onlinelearninga77.blogspot.com
cache-control: max-age=3600
cf-cache-status: MISS
last-modified: Fri, 09 Sep 2022 05:07:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcHIJZ3zW5aMc%2BsB0hc1pCJ4Vj9LoQggEStHJIMKuRU0mw461qsqV2m3XTFiB8TVrDphvPJTHDHUfU1CciIvq7SnNBalyKp0qjdnEWPH9IYuD5CX5Y7ywjPlUKIW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747d669408fe731a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDMsImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v
185.162.85.19200 OK 0 B URL HTTP/2 prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDMsImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v
IP 185.162.85.19:0
ASN #39572 DataWeb Global Group B.V.
GET /wnload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDMsImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlinelearninga77.blogspot.com/
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.235.2200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 48bc8466090fd227c03d671ec9ed2367
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Sep 2022 05:07:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5W8ypQ9STbFrxUfjbWDLlrHjwF3wb1qdc89wPpM7nhLSwV%2F2hhem%2B0qZZBKDkTYPTMXl%2B6ddrmRExefAlmrb6I%2F8W%2FiCOnKIMBQ%2FKDefLKScjkF%2Fy9kGDBNxrIuK8ykOdpkasxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d6693ab1dd168-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.wmgtr.com/cim/X6mOWptDHktjf7tnmZf3wTtCzhoWgjhA.png
45.133.44.32200 OK 0 B URL HTTP/2 i.wmgtr.com/cim/X6mOWptDHktjf7tnmZf3wTtCzhoWgjhA.png
IP 45.133.44.32:0
ASN #39572 DataWeb Global Group B.V.
GET /cim/X6mOWptDHktjf7tnmZf3wTtCzhoWgjhA.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: image/png
server: nginx/1.17.6
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=43200
expires: Fri, 09 Sep 2022 17:07:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinelearninga77.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:07:28 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3406
expires: Mon, 12 Sep 2022 05:07:28 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 747d66891c7cb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
kiynew.com/cuload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDIsImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v
185.162.85.4200 OK 0 B URL HTTP/2 kiynew.com/cuload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDIsImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v
IP 185.162.85.4:0
ASN #39572 DataWeb Global Group B.V.
GET /cuload?a=1&e=aeyJwaWQiOjExMjk0MjcsInNpZCI6MTE1MTI5Miwid2lkIjozNjEwNDIsImQiOiJvbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20iLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly9vbmxpbmVsZWFybmluZ2E3Ny5ibG9nc3BvdC5jb20v HTTP/1.1
Host: kiynew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlinelearninga77.blogspot.com/
Origin: https://onlinelearninga77.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 09 Sep 2022 05:07:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2