indahjiwadanrupa.blogspot.de/2013/08/selambagadis-cantik-ini-telanjang-dalam.html
172.217.21.161302 Moved Temporarily 224 B URL HTTP/1.1 indahjiwadanrupa.blogspot.de/2013/08/selambagadis-cantik-ini-telanjang-dalam.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a05b252f641d42c86fdf6e03931218c7
2fa444f3cb215a0b1dab87478996d916dab3d4ed
4f03b386c74b397b9b227d58ce2e70b8c9dbe1df693a6ac0d2ef5e0b4142e175
Analyzer Verdict Alert fortinet Malware
GET /2013/08/selambagadis-cantik-ini-telanjang-dalam.html HTTP/1.1
Host: indahjiwadanrupa.blogspot.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 22:37:17 GMT
Expires: Thu, 01 Dec 2022 22:37:17 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 224
Server: GSE
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3703
Expires: Thu, 01 Dec 2022 23:39:00 GMT
Date: Thu, 01 Dec 2022 22:37:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 315
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:17 GMT
Last-Modified: Thu, 01 Dec 2022 22:32:02 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3046
Expires: Thu, 01 Dec 2022 23:28:03 GMT
Date: Thu, 01 Dec 2022 22:37:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 22:19:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1048
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 85oR+H//NV6YqBoq5Sk6S/5ZzVrLUwjm2F34Tr4Npdha9ZCNuG5eTQqBukgRObnrHfmOqYzenQ3VqxrIv39+IA==
x-amz-request-id: Q5PTRMTTEHJVRFX8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 21:45:49 GMT
age: 3088
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 22:37:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 22:11:15 GMT
cache-control: public,max-age=3600
age: 1563
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html
172.217.21.161200 OK 30 kB URL HTTP/1.1 indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6112)
Hash 9f167ae66bc39021d9cef84822e0dfa2
353bb9f5a0404081fc86529bbcd8c4341ccc48c1
c39d7d42e0db8c1aed96df1ec657db96814e7abdddedb44d61b4414f7dbe79ad
Analyzer Verdict Alert fortinet Malware
GET /2013/08/selambagadis-cantik-ini-telanjang-dalam.html HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 2022 22:37:18 GMT
Date: Thu, 01 Dec 2022 22:37:18 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 22 Nov 2022 15:14:41 GMT
ETag: W/"ecbad70b21d766f29b6cf283af936d9cabbba864bb23876d2055a88b5952c74b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 29730
Server: GSE
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 142.250.74.138:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 12:49:09 GMT
Expires: Fri, 01 Dec 2023 12:49:09 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 35289
assets.pinterest.com/js/pinit.js
151.101.244.84200 OK 290 B URL HTTP/1.1 assets.pinterest.com/js/pinit.js
IP 151.101.244.84:0
File type ASCII text, with very long lines (361), with no line terminators
Hash 82bfd941d2c9b3b9e0650a27c9d11737
2eb742a101e79067c9df4d15b518bde85e8eeb2e
3f6e9b85ad3ee165ec6c9587d98d2a43588f7ba0f63d31ad019a0d4cbfd3f3d1
GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 290
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
X-CDN: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Thu, 01 Dec 2022 22:37:18 GMT
indahjiwadanrupa.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 indahjiwadanrupa.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 00:09:56 GMT
Expires: Wed, 07 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 18:54:36 GMT
Content-Type: text/javascript
Age: 167242
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 313
Cache-Control: max-age=124484
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:18 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:12:02 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
w.sharethis.com/button/buttons.js
54.230.111.82301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/buttons.js
IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 01 Dec 2022 22:37:18 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/buttons.js
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D9emLk7EJl4QTCHQgWDMUrXAyPjPJleuVSGKuQjiMDNPOxvMAgGQYA==
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/250/addthis_widget.js
Date: Thu, 01 Dec 2022 22:37:18 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
w.sharethis.com/button/buttons.js
54.230.111.82200 OK 17 kB URL HTTP/2 w.sharethis.com/button/buttons.js
IP 54.230.111.82:0
File type ASCII text, with very long lines (60851), with no line terminators
Hash 6df1e6fb302d1bcb35d898105f0327de
2336688fde43d37fc38dbd842b76f728d7423034
3acec848060440ee2c01f063023d2cc0122ad46f1de910ca0738e6715a6c2e67
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 16989
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Tue, 29 Nov 2022 02:30:12 GMT
cache-control: max-age=259200
expires: Fri, 02 Dec 2022 02:30:10 GMT
etag: W/"634f1855-edb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BZR2gAGd69G839fRkVTUU7VnJ3K4sutbYiCSO8vIDlPfJ_GkhjI_6Q==
age: 245228
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash 0c769eddae14a239b2e0dd5575f17e6c
c63758cba74aed62922b019c362943124af3943d
7997473e7ef6b8cb282a9aab95ecd8068dd9f72142496b2d203f1674bda09ed4
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 01 Dec 2022 22:37:18 GMT
Expires: Thu, 01 Dec 2022 22:37:18 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 6766230234013224200
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 51582
X-XSS-Protection: 0
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116414 bytes)
Hash 14e2e0006b364c6ad29237c051a7135a
c00bd5f066026989a29d7c8cfcb9922141377c4e
ed876ac813786bdb92dc732bf7a4209d619ce7e01d4c99f7e4b6be19600b0860
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116414
date: Thu, 01 Dec 2022 22:37:18 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
52.210.174.128404 Not Found 0 B URL HTTP/1.1 lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
IP 52.210.174.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1
Host: lazada.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 22:37:18 GMT
Content-Length: 0
Connection: keep-alive
www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
188.114.96.1403 Forbidden 4.2 kB URL HTTP/1.1 www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1071)
Hash 8d5b65440262849aaffa4d448a462e1a
968f974e397b4f0ce47a8bd844f80704710d6dea
5c1b93a5e622cbb195a6fd0311f184372f3173074822dd4555dcdca374bf56c8
GET /widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3 HTTP/1.1
Host: www.apesal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Thu, 01 Dec 2022 22:37:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSSHTMpi1NNGenDwjuBJvtJylvt%2B0ADxJexJ187MEZ%2FUe%2FtDld4EqkrSg0EM%2FrUIp7zAqFxJh1Md6xiT23mFsiJHInzhym44i1mFTAtTA5CTx7YkZ5aUqLBnoH%2F5yqVpFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f4e7ecd07b51d-OSL
Content-Encoding: gzip
www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
93.115.28.104200 OK 476 B URL HTTP/1.1 www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
IP 93.115.28.104:0
ASN #16125 UAB Cherry Servers
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (476), with no line terminators
Hash b24936edc393e46a488f5f75c59eca42
cd3896b1d4ca62727e1dfcc0f2cea9b78d7f360b
ce39d6ffe35ee2c9cf84af1aff7f039a437e4139aa87293518bcfb32640e6d8a
GET /widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3 HTTP/1.1
Host: www.guablog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 476
content-type: text/html; charset=utf-8
date: Thu, 01 Dec 2022 22:37:18 GMT
server: nginx
set-cookie: sid=b6614a38-71c8-11ed-b807-bd56cb7849df; path=/; domain=.guablog.com; expires=Wed, 20 Dec 2090 01:51:25 GMT; max-age=2147483647; HttpOnly
www.widgeo.net/geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante
104.26.11.22200 OK 2.0 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante
IP 104.26.11.22:0
File type ASCII text, with very long lines (2149)
Hash f7c32e2c664ff6371ccc9917bf3e7968
0fcd41e0e3804df85c24da21a360ab63a3aaa6d7
26b569269368a09e9cb7e1f3948b059e83aeb9405becc0195ffa249a20176c88
GET /geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:18 GMT
Content-Type: application/javascript
Content-Length: 2036
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Wed, 07-Dec-2022 22:37:17 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 22:37:17 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vN19ZNTrBgJH89oGHAT3GVP8Df5hxGEY8uX1ppv3aS5%2BunV6MtWvOaqXs6YXec6raQHWUm%2BNgCwTVx7%2FSfP8JuHZA59bwUj1iwxC0HraJ7%2F1cqDzNtUMV4ZjSM813S49"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f4e7e5aa2b505-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab66815736b3f17344f988cafe5c17e6
648f92ae0805f05f819c6d4df596ae69f6b4d2d5
acb18f4c864114e7b86945b5953015e9710d1a878dba4d912b9edb7885ff5775
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0c418a5bc285d3b90a530fa83a523eb0
56684bd1424ffea9231dc1d656fcb16145797dc3
65ba7358d48a889546dd310973f8bc8855db01ef53c6d3861791fec926dc8395
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab66815736b3f17344f988cafe5c17e6
648f92ae0805f05f819c6d4df596ae69f6b4d2d5
acb18f4c864114e7b86945b5953015e9710d1a878dba4d912b9edb7885ff5775
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab66815736b3f17344f988cafe5c17e6
648f92ae0805f05f819c6d4df596ae69f6b4d2d5
acb18f4c864114e7b86945b5953015e9710d1a878dba4d912b9edb7885ff5775
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.41200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 175765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:44:05 GMT
expires: Wed, 29 Nov 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 204793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 01 Dec 2022 22:37:18 GMT
expires: Thu, 01 Dec 2022 22:37:18 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W+n9Fmq2QP4QAso1rgxYVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0+lA3JmM/h1fC6IVEfP25UhyMHA=
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.41200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 233629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif
142.250.74.161200 OK 1.3 kB URL HTTP/1.1 1.bp.blogspot.com/-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 80 x 15\012- data
Hash d1ee1ccdf97f9a91080d32c8c8593cd6
41deb789d73a2151e534c7256c23ee829f445119
00f9b7d4e1ff1f577ae24bd150629fbb15fcc15b0f418e5c4bed0907bcc5dd4c
GET /-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kedai_backlink.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1265
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:18 GMT
Expires: Sun, 27 Nov 2022 14:34:53 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v110b"
Content-Type: image/gif
Age: 0
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.41200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:01 GMT
expires: Tue, 06 Dec 2022 14:19:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 19:53:31 GMT
content-type: image/gif
age: 202697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 13:15:32 GMT
Expires: Thu, 15 Dec 2022 13:15:32 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 33706
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:47:40 GMT
expires: Wed, 29 Nov 2023 19:47:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 182978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg
142.250.74.161404 Not Found 1.7 kB URL HTTP/1.1 2.bp.blogspot.com/-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
GET /-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Thu, 01 Dec 2022 22:37:18 GMT
Server: fife
Content-Length: 1742
X-XSS-Protection: 0
www.blogger.com/img/share_buttons_20_3.png
142.250.74.41200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 142.250.74.41:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:28:12 GMT
expires: Tue, 06 Dec 2022 17:28:12 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 14:52:29 GMT
content-type: image/png
age: 191346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1
Host: i3.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 01 Dec 2022 22:37:18 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
X-Cache: Redirect from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j09426xhkGYybX72ap3xxj-iYRvGnr3HES9sRQntH8beRzrBUT1I0w==
Vary: Origin
www.blogger.com/dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8
142.250.74.41200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8
IP 142.250.74.41:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Dec 2022 22:37:18 GMT
last-modified: Thu, 01 Dec 2022 22:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/img/logopm.png
104.26.11.22200 OK 847 B URL HTTP/1.1 www.widgeo.net/img/logopm.png
IP 104.26.11.22:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e34866014e9f89c5e2266c093c1f757
a5cbf8aec733f3d476d47db2d7d2f9784130d8b8
f6ce56e3b22a6957c54d515a96d4b653982bdbe0fd7e3685a95a80cfddd30b65
GET /img/logopm.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:18 GMT
Content-Type: image/png
Content-Length: 847
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sat, 31 Dec 2022 22:37:17 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzfhVW7w61%2BIA2OkvTz3TNAxyX4e527K7vg%2Fh0qrqcRIvd71Gc6wXwFzQCKOFr55TcJMAoTC467TBOJxF%2F0VVRzjRzHSh58InEJxe5pBkvReravutEYvoVZISDDB7xSv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f4e801ca4b505-OSL
alt-svc: h2=":443"; ma=60
www.exactseek.com/images/exactbutton1.gif
70.35.204.181301 Moved Permanently 257 B URL HTTP/1.1 www.exactseek.com/images/exactbutton1.gif
IP 70.35.204.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48c98997d6fa28d700b855f077bce633
21b78f14da526ba1f9884d0e8ce3466d7be19e98
30a024c030c55b3d900f54cf963d1832bfd536f5aa7b3be9c72010804e7f7371
GET /images/exactbutton1.gif HTTP/1.1
Host: www.exactseek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 22:37:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Location: https://www.exactseek.com/images/exactbutton1.gif
Content-Length: 257
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
52.210.174.128404 Not Found 0 B URL HTTP/1.1 lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
IP 52.210.174.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1
Host: lazada.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 22:37:18 GMT
Content-Length: 0
Connection: keep-alive
img1.blogblog.com/img/icon18_email.gif
142.250.74.41200 OK 164 B URL HTTP/1.1 img1.blogblog.com/img/icon18_email.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 164
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:01:58 GMT
Expires: Tue, 06 Dec 2022 14:01:58 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 01:54:20 GMT
Content-Type: image/gif
Age: 203721
magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
103.224.212.222404 Not Found 196 B URL HTTP/1.1 magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
IP 103.224.212.222:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Malware
GET /FCUCOMMUNITY/fcuwidget.js HTTP/1.1
Host: magazine.sepakuhosting.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 22:37:18 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
freewebsubmission.com/images/fwsbutton10.gif
74.208.47.213301 Moved Permanently 264 B URL HTTP/1.1 freewebsubmission.com/images/fwsbutton10.gif
IP 74.208.47.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7221f96d857c7b9834679c5b1e9506a5
7db481e963cbeb932e52542a507c18064a3c52e8
a63b8e8095f8993b68e0996813cc5e9a672ae063b25adaffc106b97ec6215262
GET /images/fwsbutton10.gif HTTP/1.1
Host: freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 22:37:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://www.freewebsubmission.com/images/fwsbutton10.gif
Content-Length: 264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
babab.net/banner.jpg
188.114.97.1301 Moved Permanently 0 B IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner.jpg HTTP/1.1
Host: babab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 22:37:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Dec 2022 23:37:19 GMT
Location: https://babab.net/banner.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw9zGlp7WZw88fmThGkpyWhfSiXQM7TApHJA9JgTiq9%2B8nmKkMIa3lyrHguS%2BVWqcyiuQBOMkrHJSAeEp%2FsVxYYuqvxDpdQQC1HttQ3zWTGDjGB3aWVObQy7n7g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f4e81ee890af6-OSL
alt-svc: h2=":443"; ma=60
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.1t2aAGU53UU.es5.O/am=MxwAQQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3eD9IevHleYJcjPCVKypD2Q4ZUeg/m=_b,_tp,_r
142.250.74.41200 OK 63 kB URL HTTP/2 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.1t2aAGU53UU.es5.O/am=MxwAQQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3eD9IevHleYJcjPCVKypD2Q4ZUeg/m=_b,_tp,_r
IP 142.250.74.41:0
File type ASCII text, with very long lines (563)
Hash 9c94f3ce322f4d1215712393ea06eb45
40346cd4ac30a69c3f052538464c387c416f3bfc
00d3cf4a657c25ab177c6624b51c99add84b1b2e07b46c6916cc574360fe0e2b
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.1t2aAGU53UU.es5.O/am=MxwAQQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3eD9IevHleYJcjPCVKypD2Q4ZUeg/m=_b,_tp,_r HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 63422
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 03:54:01 GMT
expires: Thu, 30 Nov 2023 03:54:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 29 Nov 2022 03:12:41 GMT
content-type: text/javascript; charset=UTF-8
age: 153798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab66815736b3f17344f988cafe5c17e6
648f92ae0805f05f819c6d4df596ae69f6b4d2d5
acb18f4c864114e7b86945b5953015e9710d1a878dba4d912b9edb7885ff5775
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hosting.tinjau.net/aff-banner/aff_hosting.gif
162.215.231.71301 Moved Permanently 0 B URL HTTP/1.1 hosting.tinjau.net/aff-banner/aff_hosting.gif
IP 162.215.231.71:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff-banner/aff_hosting.gif HTTP/1.1
Host: hosting.tinjau.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://hosting.tinjau.net/aff-banner/aff_hosting.gif
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab66815736b3f17344f988cafe5c17e6
648f92ae0805f05f819c6d4df596ae69f6b4d2d5
acb18f4c864114e7b86945b5953015e9710d1a878dba4d912b9edb7885ff5775
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
216.58.207.225301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
IP 216.58.207.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 01 Dec 2022 22:37:19 GMT
Location: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7e19607943d3a3770dd76e619af315d
78a4ef394f6fcbaa6b5abaa41f80eb9bce6bf06e
bafb86050e74ea34fc7206ec495f56d82f536245a1f23502eef3f3b7871ffea3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7e19607943d3a3770dd76e619af315d
78a4ef394f6fcbaa6b5abaa41f80eb9bce6bf06e
bafb86050e74ea34fc7206ec495f56d82f536245a1f23502eef3f3b7871ffea3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/1kt/travel/bg_container.png
142.250.74.41200 OK 250 kB URL HTTP/1.1 www.blogblog.com/1kt/travel/bg_container.png
IP 142.250.74.41:0
File type PNG image data, 860 x 460, 8-bit/color RGBA, interlaced\012- data
Size 250 kB (249501 bytes)
Hash 016de5d2fb137736ea0d36709f5031cb
67c199e0bc1ea199e91645dc31391d8ccd49c997
2c77b04f02316141ac67884a7708912b4d1e0313dd9e6a4e86f2f5cee551652b
GET /1kt/travel/bg_container.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 249501
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:47:29 GMT
Expires: Tue, 06 Dec 2022 17:47:29 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 16:53:51 GMT
Content-Type: image/png
Age: 190190
3.bp.blogspot.com/_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 3.bp.blogspot.com/_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3d42f7f33e453573f41f6cc2c6eda1b8
eafc5470ca0afaef11e69fa85a11c2d4fedfec75
a7086bee3ff1c2dce04fd97ff379dd1804a877d2d34108745bd4e8b27d8f8824
GET /_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="DSC01119.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3179
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v366"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-smxKvMM08co/Uhm2k7vrJDI/AAAAAAAAs8A/seoStxmZ9qM/s400/cheyenne+lutek.jpg
142.250.74.161200 OK 41 kB URL HTTP/1.1 1.bp.blogspot.com/-smxKvMM08co/Uhm2k7vrJDI/AAAAAAAAs8A/seoStxmZ9qM/s400/cheyenne+lutek.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x369, components 3\012- data
Hash 440ab99979df281a3c5e91f0b8614797
81d00e99fc548f29ee6968f53dffc0bb9df335e1
927d414de615216bd033581e57848c04cf1887848bf1697342f148b91be0bf78
GET /-smxKvMM08co/Uhm2k7vrJDI/AAAAAAAAs8A/seoStxmZ9qM/s400/cheyenne+lutek.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb3c1"
Expires: Fri, 02 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cheyenne lutek.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 01 Dec 2022 22:37:19 GMT
Server: fife
Content-Length: 41200
X-XSS-Protection: 0
googleping.com/wp-content/uploads/2011/04/logo.png
104.219.251.211200 OK 4.7 kB URL HTTP/1.1 googleping.com/wp-content/uploads/2011/04/logo.png
IP 104.219.251.211:0
File type PNG image data, 214 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash bcb4a47cb86d2a1911360d037df41533
140477c387e054d860e1c89945abad7d05403b91
0529dbd436a56c0dfed63a6d2907edbc3f06d98568de4eadaa19220b792f369a
GET /wp-content/uploads/2011/04/logo.png HTTP/1.1
Host: googleping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:18 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2016 17:23:25 GMT
Accept-Ranges: bytes
Content-Length: 4749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
tinjau.net/banner.gif
162.215.231.71301 Moved Permanently 0 B IP 162.215.231.71:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner.gif HTTP/1.1
Host: tinjau.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://tinjau.net/banner.gif
checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
96.30.9.108301 Moved Permanently 265 B URL HTTP/1.1 checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
IP 96.30.9.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0073ca79e85d68cb2fab8e7e5c4a480d
f642f89381d48bdaad1ce223a8e703e016135a20
568581d906f2f2bb96004e47003bb48e46ff0d0f075b3bb3920f2fbe5e03b62b
GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1
Host: checkpagerank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 22:37:19 GMT
Server: Apache
Location: https://checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
Cache-Control: max-age=2592000
Expires: Sat, 31 Dec 2022 22:37:19 GMT
Content-Length: 265
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
onlinelinkscan.com/files/images/threat_free.gif
172.67.217.203200 OK 259 B URL HTTP/1.1 onlinelinkscan.com/files/images/threat_free.gif
IP 172.67.217.203:0
File type GIF image data, version 87a, 73 x 15\012- data
Hash 082d6d408eed111f03feb4d9f0b03dd7
f5a6a105f52a02f0d3f5363877697ed64e2b232b
754f6a7442e7ddea1af649b273dc228b77c221ab9ca8b1857b6911451675bd91
GET /files/images/threat_free.gif HTTP/1.1
Host: onlinelinkscan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: image/gif
Content-Length: 259
Connection: keep-alive
Last-Modified: Wed, 29 May 2013 03:03:31 GMT
Cache-Control: max-age=31536000
Expires: Fri, 01 Dec 2023 22:37:19 GMT
Vary: User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjb9uIFVDTP0pmgXcZpThRPHtBzV9WbHv%2BTuoBQC1mbghN6I%2B7NrXxX09bYqkx7ZwovJoZv1BB2JDyT5GOhb1ZsJXHnMrP3%2BlM1310VXZ8mB2ipKytLhlY9PLHAjC%2BXGle2mPfs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f4e81bac5b50b-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7e19607943d3a3770dd76e619af315d
78a4ef394f6fcbaa6b5abaa41f80eb9bce6bf06e
bafb86050e74ea34fc7206ec495f56d82f536245a1f23502eef3f3b7871ffea3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg
142.250.74.161200 OK 2.4 kB URL HTTP/1.1 1.bp.blogspot.com/-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 878056a4a5598f49e66c126eb4e492f3
53d9105ef859a54a868c98309f67ad64e4c43091
9ddafdc2ce783f420e97f41407f7f3b5eb328751e563cf311f2e2ae104edf712
GET /-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kamas.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2372
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v35a"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg
142.250.74.161200 OK 9.7 kB URL HTTP/1.1 2.bp.blogspot.com/-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 284x177, components 3\012- data
Hash a4f70db5d17a415d936729a57c35fc8c
71cd207a6cffcfabfac4244f792b36fbe4f1d03e
f95ee4f7906c6bae688b0dd2857f1fa35eecfff4fd28bfc48fa0cf2da9200404
GET /-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="download.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9735
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v374"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 2.bp.blogspot.com/_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 519483ab971efd4913cb2731c732e3c6
f23b4e7698deefe74bf5eb4416d4f95151242cc6
80cea1fb00e70b100b87963109749614a7513670855e97c20e306d85d2e6515a
GET /_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="DSC01782.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4003
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Fri, 02 Dec 2022 10:50:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v361"
Content-Type: image/jpeg
Age: 0
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3v_LeN2ce-9uuwo8szF-gpntF4fZ-9eCGsHT4p2YVrJ2nfnKzn7r7X8h1_PYUeDH330CdgzwfFzY1yB8iU57JA1bGcQhPN44aM9z_Rv6gjL1a_Hj0U8n4PZjzxAMnF0E0cLFFTjoYZQYnf0g2oFGc=w72-h72-p-k-no-nu
142.250.74.97404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3v_LeN2ce-9uuwo8szF-gpntF4fZ-9eCGsHT4p2YVrJ2nfnKzn7r7X8h1_PYUeDH330CdgzwfFzY1yB8iU57JA1bGcQhPN44aM9z_Rv6gjL1a_Hj0U8n4PZjzxAMnF0E0cLFFTjoYZQYnf0g2oFGc=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash f7c3bb9d310c5b09f5cbf20abcad4837
13e9ccbccbca27fc0d02c696599108c2a6d83d4d
484e316831866cf0c4f0d7f03e89f614a3950ab6a740cc8f2ff69698a1f5fb37
GET /blogger_img_proxy/ANbyha3v_LeN2ce-9uuwo8szF-gpntF4fZ-9eCGsHT4p2YVrJ2nfnKzn7r7X8h1_PYUeDH330CdgzwfFzY1yB8iU57JA1bGcQhPN44aM9z_Rv6gjL1a_Hj0U8n4PZjzxAMnF0E0cLFFTjoYZQYnf0g2oFGc=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 22:37:19 GMT
server: fife
content-length: 1752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh6.googleusercontent.com/-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh6.googleusercontent.com/-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png
IP 142.250.74.97:0
File type PNG image data, 80 x 17, 8-bit/color RGB, non-interlaced\012- data
Hash bb0651bbbfd9c2e79199ca92ec68d70c
33d6ae10e2e42ed379492e0c39c7404052ab1bdd
325dabd04cf57c8027e711e5c667284c7f11412e6c1543269757c5b50196c2b1
GET /-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="pingje.org1.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2166
x-xss-protection: 0
date: Thu, 01 Dec 2022 22:37:19 GMT
expires: Fri, 02 Dec 2022 03:44:41 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3aec"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f222a50a2f186446ebf219f86c3be95a
9c333d8ae1fc2cc5cb692c612016048e659e4da6
f1eeb70781dca69c4ae617a6b9c96749ce1a4d4f214e4cb9ee636bdf3c1f3bd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1702
Cache-Control: max-age=157911
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Etag: "6388ebd1-117"
Expires: Sat, 03 Dec 2022 18:29:10 GMT
Last-Modified: Thu, 01 Dec 2022 18:00:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
4.bp.blogspot.com/-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 4.bp.blogspot.com/-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0b48f23c4ecd71b36abac5e8a55a2c91
9491834eb4194daf80830d6f14541ce6fe3b6806
39f008537ec28d821a52f106849448623c1ea6424648ce0bc801d2f43b223fd3
GET /-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3226
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3fce"
Content-Type: image/jpeg
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 01 Dec 2022 11:45:52 GMT
expires: Thu, 15 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
age: 39087
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7e19607943d3a3770dd76e619af315d
78a4ef394f6fcbaa6b5abaa41f80eb9bce6bf06e
bafb86050e74ea34fc7206ec495f56d82f536245a1f23502eef3f3b7871ffea3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f6a5cf3cc54084e27baaca43494f82e2
95f1661e8af86eb81602b1eeca4d242e2ba2072b
3071878638de9999958294f532f68c4986078608e215675b4c5fb002ba1a4d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4475
Cache-Control: max-age=129012
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Etag: "63887018-117"
Expires: Sat, 03 Dec 2022 10:27:31 GMT
Last-Modified: Thu, 01 Dec 2022 09:12:56 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 279
4.bp.blogspot.com/-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg
142.250.74.161200 OK 1.8 kB URL HTTP/1.1 4.bp.blogspot.com/-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d9ed42e49fc7117ef9148e059c33c3d0
d227b1a97f8e0a73320922de002c9d52d0bc0792
d5fb13a526c7c1bfb45ee4f177ddc33b71f0f7b461a722af45ffdc18aaf08d27
GET /-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1777
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v6a1"
Content-Type: image/jpeg
Age: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f6a5cf3cc54084e27baaca43494f82e2
95f1661e8af86eb81602b1eeca4d242e2ba2072b
3071878638de9999958294f532f68c4986078608e215675b4c5fb002ba1a4d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124537
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Etag: "63887018-117"
Expires: Sat, 03 Dec 2022 09:12:56 GMT
Last-Modified: Thu, 01 Dec 2022 09:12:56 GMT
Server: nginx
Content-Length: 279
magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
103.224.212.222404 Not Found 196 B URL HTTP/1.1 magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
IP 103.224.212.222:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Malware
GET /FCUCOMMUNITY/fcuwidget.js HTTP/1.1
Host: magazine.sepakuhosting.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 22:37:19 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
4.bp.blogspot.com/-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 4.bp.blogspot.com/-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 22b94b698a7b8c15dc27c6fdc891e8de
40c89ab1626d971fc168d3c9d931966eb6d4dcab
344d177cb9bbe859df6d0927396df711de8193753cbd44b31002c547513f6546
GET /-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="cium.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3961
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v639"
Content-Type: image/jpeg
Age: 0
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com
142.250.74.66200 OK 119 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with very long lines (6148)
Size 119 kB (119181 bytes)
Hash e7c8dd1f1b383a376a4f66ca60dfd716
d7e2fc593432911a14ac3da962d0a738bd709364
273fa71b86e5056d49df6f80cd0719725b0fd32a4a4e089ec334ffb991f275f4
GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Dec 2022 22:37:19 GMT
expires: Thu, 01 Dec 2022 22:37:19 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 7155462846561710293
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f6a5cf3cc54084e27baaca43494f82e2
95f1661e8af86eb81602b1eeca4d242e2ba2072b
3071878638de9999958294f532f68c4986078608e215675b4c5fb002ba1a4d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124537
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Etag: "63887018-117"
Expires: Sat, 03 Dec 2022 09:12:56 GMT
Last-Modified: Thu, 01 Dec 2022 09:12:56 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.berita2.com/images/stories/cheyenne%20lutek2.jpg
38.49.35.22200 OK 0 B URL HTTP/1.1 www.berita2.com/images/stories/cheyenne%20lutek2.jpg
IP 38.49.35.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/stories/cheyenne%20lutek2.jpg HTTP/1.1
Host: www.berita2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
cfrom: img
x-powered-by: java
Server: img
Set-Cookie: PHPSESSID=3uhg6tiirn03r8bbvk1o6t4pi2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
www.widgeo.net/tcm_t_u.js
104.26.11.22200 OK 0 B URL HTTP/2 www.widgeo.net/tcm_t_u.js
IP 104.26.11.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcm_t_u.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: application/javascript
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 02:34:50 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 590548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I9m%2FJia3SajF2kHm%2BDX03bXlvF6o%2F0ccYl3kQrWOGQ3tm9VHcE4SYdhBt%2FTXKGxXOjlemAG7ZXITu01gnUZo44WOsQaMuqXqdRTlMf90iXWr4PCMLyIpyXY10%2Bu34qS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e84cd5cb4e8-OSL
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&targetPostID=7864484850325391998&blogPostOrPageUrl=http://indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html&vt=-539640021780499107&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.41200 OK 2.7 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&targetPostID=7864484850325391998&blogPostOrPageUrl=http://indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html&vt=-539640021780499107&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3170)
Hash 8c71dd3cc41db5be1a7f30f104e9f671
de50651487369dbe4d3bda9d219a433394a4761b
4d203b5f1daeb239ec21983bc9a0e096c9c8e2cd5a689a21fbded9b69a9579bb
GET /navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&targetPostID=7864484850325391998&blogPostOrPageUrl=http://indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html&vt=-539640021780499107&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Dec 2022 22:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2676
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.berita2.com/images/stories/shelby%20carter.jpg
38.49.35.22200 OK 0 B URL HTTP/1.1 www.berita2.com/images/stories/shelby%20carter.jpg
IP 38.49.35.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/stories/shelby%20carter.jpg HTTP/1.1
Host: www.berita2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
cfrom: img
x-powered-by: java
Server: img
Set-Cookie: PHPSESSID=504vbp5e3imtni90i76n8q9jh4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
www.berita2.com/images/stories/cheyenne%20lutek3.jpg
38.49.35.22200 OK 0 B URL HTTP/1.1 www.berita2.com/images/stories/cheyenne%20lutek3.jpg
IP 38.49.35.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/stories/cheyenne%20lutek3.jpg HTTP/1.1
Host: www.berita2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
cfrom: img
x-powered-by: java
Server: img
Set-Cookie: PHPSESSID=7feausf10nifsgmia04i63dnc3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash df2ebd88613ea4c9b36cd273d9d20341
440db53197294bbbebbd22714b593b3fee40be47
78be3006a1d920c8ad1b817062edf74b8e73bfb74b3c44061e702ffe18701692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113397
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Etag: "63884494-118"
Expires: Sat, 03 Dec 2022 06:07:16 GMT
Last-Modified: Thu, 01 Dec 2022 06:07:16 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 01 Dec 2022 22:37:19 GMT
date: Thu, 01 Dec 2022 22:37:19 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
216.58.207.225200 OK 143 kB URL HTTP/2 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1091, components 3\012- data
Size 143 kB (142821 bytes)
Hash 15b8c01b50ff9f8ff54aa69ccaabb864
ec9cc4339a62bd9be4accef1b8c1b25476c45ba5
4a183e57fcf4205d9d05b5b76ce7907b64d194def843598a4176ff55c36bfec9
GET /image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 02 Dec 2022 22:37:19 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 22:37:19 GMT
server: fife
content-length: 142821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
143.204.55.106200 OK 834 B URL HTTP/2 i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 576ebd4971b153fdc7099dc1258ceb33
a7c63a407b3cfe17c110fa62e36807dcf86114e5
3f56a5eb35a3b530c6d648f70be1bfaf8152fc95d18f1a87a712a19883678eac
GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1
Host: i3.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 834
date: Thu, 01 Dec 2022 22:37:19 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="bloggedmylink.webp"
expires: Fri, 01 Dec 2023 22:37:19 GMT
server: photobucket
x-amzn-trace-id: Root=1-63892c9f-4ab431a7121c3c42644a9653
x-request-id: lic-QxmB3MEgMS7NxMFZM
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: heGeHZfCbCy5AQR_YFHws2amlcSNH_xMlB6UUpi73nlEaflJt8Oh6A==
vary: Accept, Origin
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Selamba%2CGadis%20cantik%20ini%20telanjang%20dalam%20Restoran%20makanan%20segera&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html
104.26.11.22200 OK 2.1 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Selamba%2CGadis%20cantik%20ini%20telanjang%20dalam%20Restoran%20makanan%20segera&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html
IP 104.26.11.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (411)
Hash 623c8a3d5f7e27fecfbe4e2d79a6104f
888d433d43e415650c2c1d3c9dd4770270bd4280
4fa21fbb937e688104983f91369d2d448bcb9a0c95d61046dbcf81842d67622d
GET /geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Selamba%2CGadis%20cantik%20ini%20telanjang%20dalam%20Restoran%20makanan%20segera&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Wed, 01-Mar-2023 22:37:18 GMT; Max-Age=7776000; path=/
pays=Norway; expires=Wed, 01-Mar-2023 22:37:18 GMT; Max-Age=7776000; path=/
ville=Oslo; expires=Wed, 01-Mar-2023 22:37:18 GMT; Max-Age=7776000; path=/
idcompteurcc_1478332=done; expires=Fri, 02-Dec-2022 22:37:18 GMT; Max-Age=86400; path=/
online_idcompteurcc_1478332=done; expires=Thu, 01-Dec-2022 22:40:18 GMT; Max-Age=180; path=/
originecc_1478332=United%2BStates%2523United%2BStates%2BCity%25234711%257CUnited%2BStates%2523Boardman%25231184%257CCanada%2523Canada%2BCity%25231121%257CCanada%2523Burnaby%2523252%257CUnited%2BStates%2523Fort%2BLauderdale%2523186%257CUnited%2BStates%2523Raleigh%252383%257CNew%2BZealand%2523Auckland%252374%257CRomania%2523Romania%2BCity%252352%257CAustralia%2523Australia%2BCity%252352%257CGermany%2523Germany%2BCity%252344%257CUnited%2BStates%2523Los%2BAngeles%252337%257CNetherlands%2523Amsterdam%252336%257CFinland%2523Finland%2BCity%252331%257CGermany%2523Nurnberg%252327%257CUnited%2BStates%2523Dallas%252327%257CBangladesh%2523Bangladesh%2BCity%252324%257CNetherlands%2523Netherlands%2BCity%252323%257CUnited%2BStates%2523Duluth%252320%257CUnited%2BStates%2523Santa%2BClara%252319%257CJordan%2523Jordan%2BCity%252318%257CUnited%2BStates%2523Mountain%2BView%252317%257CUnited%2BStates%2523Washington%252316%257CUnited%2BStates%2523Dallax%252316%257CKorea%252C%2BRepublic%2Bof%2523Seongnam%252316%257CSlovakia%2523Slovakia%2BCity%252316%257CRussian%2BFederation%2523Russian%2BFederation%2BCity%252315%257CUnited%2BStates%2523New%2BYork%252314%257CUnited%2BStates%2523Herndon%252314%257CUnited%2BStates%2523Chicago%252313%257C; expires=Thu, 01-Dec-2022 22:40:18 GMT; Max-Age=180; path=/
online_1478332=1; expires=Thu, 01-Dec-2022 22:40:18 GMT; Max-Age=180; path=/
jour_1478332=6; expires=Thu, 01-Dec-2022 22:40:18 GMT; Max-Age=180; path=/
total_1478332=8576; expires=Thu, 01-Dec-2022 22:40:18 GMT; Max-Age=180; path=/
bonus_1478332=25390; expires=Fri, 02-Dec-2022 22:37:18 GMT; Max-Age=86400; path=/
bonus_j_1478332=1; expires=Thu, 01-Dec-2022 22:40:18 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Thu, 01 Dec 2022 22:40:18 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6RGGFFAx38F8qGEP%2FQmKBwqPX%2FD44zuc4f1I0c0Bseno639%2FBZ8fXQWd89DTup5jKnTXoUy0qHka5pujHQFEo%2BCBYpkp11gcVtevi36yrIJySH3ueloEdHFkyewjPRh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772f4e82bf2bb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 01 Dec 2022 22:37:19 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+662; expires=Sat, 30-Nov-2024 22:37:19 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 22:37:19 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 01 Dec 2022 22:37:19 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+740; expires=Sat, 30-Nov-2024 22:37:19 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 22:37:19 GMT
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_canada.png
104.26.11.22200 OK 886 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_canada.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dfda6415875b226812181f7ea64fcc8
6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
GET /geocompteur/shadow/flag_canada.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 29 Dec 2022 23:51:47 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 168331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqzohqGSdvuvBfXvSJkvlsn%2Fp%2FC%2BUvZALJsiyeGKlji%2B8UXuSBwDIQv7wRGtqwdmpYN6Viy3ZF9E%2BVQAb0KroRUQI7JSV0vSEKgQXz5NCwEVdlVguIijDFjAT7niff3s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85ae41b4e8-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_united%20states.png
104.26.11.22200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20states.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03d9bb2b449e6e964d86aec6d71b6856
e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1393091
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoeYXqEYDLpVsZgIzDYq977T9nJWslMcwcZ%2BfQZnpebFmMvFvYbSz%2F4ASg8BM7e65IKwG5X4ZrjxqIXPCpLskX4W12I%2BsYx5MgK1J4HEzVb%2Fih35Ci%2Bovc5M2NK0%2FrVN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85ae3fb4e8-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_romania.png
104.26.11.22200 OK 644 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_romania.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a2ef37e3cfe2119759469a219565c145
7d174bb96c9eb762a56b531e8c15a160773fe008
8f45100a446929b8ad38c886a1cc6d033a066a008f8268b6fa1ec8d3f4d74166
GET /geocompteur/shadow/flag_romania.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 644
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=842
content-disposition: inline; filename="flag_romania.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 31 Dec 2022 20:19:37 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 8261
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpaKlSU3NWp9ZOqFw7ZpPU62ytqDJt1rgNRtN%2B1OFtM3EeJWg%2FqObjJfH6UbPIuBDU0Av5a1hnwlew7OhHcU59aTH8C%2FIC3cMNxcK0HHPu6KPFMH2%2F%2BahMtMMc6cHKLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85be4cb4e8-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b33fdd230063e8f5211ea4110b7e04f1
0f2f32d274f5f35b221702b279e042b61755ae22
bc6dfec9813ad40dcd5402d951a480249d1b8ca7921c52cb159b409db2c01419
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 09:44:16 GMT
Expires: Thu, 08 Dec 2022 09:44:15 GMT
Etag: "0f2f32d274f5f35b221702b279e042b61755ae22"
Cache-Control: max-age=557815,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f4e847dad0b31-OSL
www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
104.26.11.22200 OK 940 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8719b63ac81155fd64422298ef8a8b25
c034b5869772ddf1675ebdbeb3c0d3c540738c24
b313f56a36c855a1a34a02b96910ee4307e553a28a6e52bc64e2ab1bc2cfdae5
GET /geocompteur/shadow/flag_new%20zealand.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 940
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1173
content-disposition: inline; filename="flag_new%20zealand.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 29 Dec 2022 23:51:47 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 168331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRxltDVbhWSBshApEiNKqN9HYYE%2FjLhZrBh5D3mj%2BI4Qu97R9Mqli0D0DnmrBHpRD30aL6gOzVe2piFf7ENMTnA0iWCczfZFTEtHDDIQIxkBhogani%2F0DItkGwRXwXLw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85be4bb4e8-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 84b8b1043a96c760a6b85bc0b3265b85
d9f0338ffcd6cfb3c96bc66966b898d33162f204
e24a64d19f091946caed011ebcf469be2d35168aa12f90b02d9c1c9326afd867
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E24A64D19F091946CAED011EBCF469BE2D35168AA12F90B02D9C1C9326AFD867"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15760
Expires: Fri, 02 Dec 2022 02:59:59 GMT
Date: Thu, 01 Dec 2022 22:37:19 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.11.22200 OK 3.9 kB URL HTTP/1.1 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.11.22:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Selamba%2CGadis%20cantik%20ini%20telanjang%20dalam%20Restoran%20makanan%20segera&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:31:41 GMT
ETag: W/"6387a18d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ube3fOVK3WxQmioHGeMIbuzmQQTbKtLp2d9iEM8ZPRsv%2F%2FellryaBEP6WkaO0D0PT7YWSrmw6fOXIjQ6HBgcjqZRvN5c1cBp6gEai7zq9tP73Ooqc1xfdImjN%2F7E%2F%2B1z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f4e85bc16b505-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 03 Dec 2022 22:37:19 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.widgeo.net/geocompteur/shadow/flag_germany.png
104.26.11.22200 OK 686 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_germany.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c667705cee250254b246ed54d521b22
ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
GET /geocompteur/shadow/flag_germany.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 26 Dec 2022 19:58:36 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 441522
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53GOjKUU5VPHd123HAEU7S59olGZ84z4tN9LhogQfd7uheO0wSKrni1XxDg1exPT2tYU6%2BAYQEkAApxZJTAZh3yALsvJ99jIG8sTfveI3pIPMsyzwUfKEWqmhuUQPc5t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85be4fb4e8-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_australia.png
104.26.11.22200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_australia.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 395fda4bf932944885ae2bad6bc94cbd
56579ba3f9e670a64a59fee1079028bf5bbc33ca
6869308fc918c3d6b972eacc5900d2e17ab9740e282d5b3f214f66fbd5b1d43e
GET /geocompteur/shadow/flag_australia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 1022
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1234
content-disposition: inline; filename="flag_australia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 07:08:28 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 314930
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYhlG5sJUzWMHGlch7wBBD%2B12hnKetFl8deRTKzZaao%2BoFbd%2BCMK3Beyw8tQqSTkpXqMVMU2mkbGBlt0ntykwGaTDHuSfHtAZ1B9aK6ie%2FNUQNdWs2YkbArZOgBHnnas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85be4eb4e8-OSL
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 22:37:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_netherlands.png
104.26.11.22200 OK 710 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_netherlands.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4d48534384964664d122ef558ebf1acd
8cbccb6b66f6161c329f9945b58e79e09640cc90
286ee399704cd53efeabbca51dfc8459fb9633265ae4e9e046610f7d61d087bb
GET /geocompteur/shadow/flag_netherlands.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 710
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=892
content-disposition: inline; filename="flag_netherlands.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 10 Dec 2022 23:05:41 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1812698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FAKAG9CsHKVEqnK7%2BCxj%2FPHxaFbj08HcW9fKMJZ82dM6LZ4GNDRUNkOhl36enDzuG0X20P0HIFtWFsaq0brMZP8EaSnFIedJ0imD0UoST1MgDxbttthYq5StMaz3lzg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85be51b4e8-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.11.22200 OK 4.6 kB URL HTTP/2 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.11.22:0
Hash ade683652121bc4a3c77532dc7737b59
5a7d9dbb2d0258fb4c80ca4b9b67a525f45b1dfd
35aa9fcfa8584680d31be6acfd0d745cb3a10f8f9e360eccbe55a527387cb344
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I06oEAmWUraQnyDpILme7IkSFLuEazcP%2FDW7yIe6OaVtSGTeaCjFiKTzMq4Yz4pjD3MlxL3DEjYOiAy05RpSOmaxIQRgCnCw2Tz27zBcIBy4Ib4gv1%2B8WYhHcddAdYq5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772f4e856df3b4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 03 Dec 2022 22:37:19 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/shadow/flag_bangladesh.png
104.26.11.22200 OK 824 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_bangladesh.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fda033492cc9954e333f12982d8b3a73
643379f831ee7bb9447262e326f759024bc3c196
93b2111e0009e79e40b18ac53ec7e49d3703956ddf9696f62140f098c219ace6
GET /geocompteur/shadow/flag_bangladesh.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 824
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1024
content-disposition: inline; filename="flag_bangladesh.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:26:20 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1253459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgcCTqg32HI4Ybs%2FeNuHhPc9K4Lw4Gb71vFgTFtXn6csecYtHEd6n7gzb83znxDclNXOk1DoXzsECGNH08iu5NgCnbWx1BIMque9S7VIpUrjbVtzZ5NQ3TOUQ2TmNJTG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85ce56b4e8-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
104.26.11.22200 OK 814 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ec4b0c854ec18061c7bafbe9ac9d1c3b
77c850ef6479e29a631dba64d06ccc1eefb1adc6
48f6236fb62cb417c5d00552052f378bfd1a82ca9f21f341c69390fd346fd439
GET /geocompteur/shadow/flag_korea,%20republic%20of.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 814
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1163
content-disposition: inline; filename="flag_korea,%20republic%20of.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:21:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1253719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaKwMuK3QnwT4q3%2BLLccfVC0FAz2oFNpcf4JS1ft7Bcpbt437riCsLLac5Zt75w%2Fox2VTicjEftjTbZrL%2B4EpYAegI75N6xY3ZhMwauKMTWj7UBJp%2F51E%2FDF7%2B4TyNSy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85ee87b4e8-OSL
X-Firefox-Spdy: h2
s05.flagcounter.com/count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/
66.154.110.218200 OK 79 kB URL HTTP/1.1 s05.flagcounter.com/count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/
IP 66.154.110.218:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 162 x 1376, 8-bit/color RGB, non-interlaced\012- data
Hash 9cad6a977b108c4eb2f639a94c452391
a906905e1d21ea4151044d57322e869bba88553d
ada300c336410573ad3804a61fa19b5f02740b78e5978746111700f8e0f44922
GET /count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/ HTTP/1.1
Host: s05.flagcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
www.widgeo.net/geocompteur/shadow/flag_jordan.png
104.26.11.22200 OK 856 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_jordan.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fab06f4814c4b3c0729efab034801d24
092532af1b8ef1d565e35fc7c0d220a9e04b6d40
d7827becd9dc8fe3a38a9fa6e24b3e05fdf9c0a47d391b47c578fbc12b3f8ca5
GET /geocompteur/shadow/flag_jordan.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 856
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1070
content-disposition: inline; filename="flag_jordan.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 27 Dec 2022 13:01:51 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 380128
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbsW4cPwZtcDU%2FhrYpKUpQyXAwKkl%2FAHz0nVP6idbBNUM1ngxFLaJvUbDwTghiQZnltVo%2Bdle%2FPe%2B13n%2FhLFLi1LwZ1wIgwvNlO6RStfj7tkAJZskD8T%2BZP%2FIkflWzM0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85ee84b4e8-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_slovakia.png
104.26.11.22200 OK 894 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_slovakia.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 129ccceec06ef21121373b3f01b1223e
2a65a61156488db26b939a6b3eb59b58558e8e73
be2278e310c722ee37932e45c66689ca942bf194939612796ddf468224534126
GET /geocompteur/shadow/flag_slovakia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 894
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1065
content-disposition: inline; filename="flag_slovakia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 30 Dec 2022 10:27:52 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 130165
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8axav0qvwB2nUBLmOIZ6%2FN3oC6gSXRvQozE76vrq3j2b2B6OyUmHV6kZ1kYgJtu7fDcYezNOiBD4QDXe0dasJBUdB4YzpO%2Fjx4ZGKbDF2b5odqhAtbI4oJcW1Z7Vejd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e860eabb4e8-OSL
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=indahjiwadanrupa.blogspot.com&callback=_gfp_s_&client=ca-pub-2863746284329625&gpid_exp=1
216.58.207.226200 OK 249 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=indahjiwadanrupa.blogspot.com&callback=_gfp_s_&client=ca-pub-2863746284329625&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 85e07660e56e802a96cf8cd6c52920b2
bcd1560d5a62751140ddbd2dfe9b490531b85cdf
5d27051beacf09d56311106512fdecd8c4b3533004b5fa37bbf11441733947f2
GET /gampad/cookie.js?domain=indahjiwadanrupa.blogspot.com&callback=_gfp_s_&client=ca-pub-2863746284329625&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 22:37:19 GMT
server: cafe
cache-control: private
content-length: 249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
104.26.11.22200 OK 680 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
IP 104.26.11.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 852881aef6d6a8bca3123c3201f64c74
0e5ef2c61383bb79c8a6ea068d9a688631d844fa
41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: image/webp
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 03:12:56 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 329062
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZPDh6lnhaTNIYPQjAHbZd2ynHNPtabMaKBErTIAtNj7jUcjE0tu8rJHIXkEeLXwlEWD7lnObDLBQv0YALDoK1p9UpTgnkMKqStoc5YtbmRybOsAuzMiFgLhcgd%2Fj0%2F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e861ed1b4e8-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 271642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
104.26.11.22200 OK 2.2 kB URL HTTP/2 www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
IP 104.26.11.22:0
Hash 5f2f9aacff5a5c4be8e95185ce9bab37
a968055d0710f10e165a060e0615d3e2b677d6cf
e875f5c6f3fb3a1a47e69ffbe8bc75977b4a8e7639fd16b2c934cb09bd782d94
GET /geocompteur/css/city_css.php?c=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 22:37:18 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwiovGGWWSrNIVRRt46tPBUM%2FQt9V18N6QyzOwvChu8sYv8%2BWtE2mL58yyqhyxVzDIoh%2BH%2BrXx26RWb%2BYzopoPLNWrAYMueMxdmMV60XgMnHRwgfRVtnkPn9LQL3Vz3B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e85ae3bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freewebsubmission.com/images/fwsbutton10.gif
74.208.47.213200 OK 2.2 kB URL HTTP/1.1 www.freewebsubmission.com/images/fwsbutton10.gif
IP 74.208.47.213:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash 6016bc8360a0f80b057623864a01c8b6
8136988f2c9a449b037363fc5bddce38963e4a88
198588f87288e60355833b7bba5b39721295f176889164613076722106359629
GET /images/fwsbutton10.gif HTTP/1.1
Host: www.freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 21 Apr 2020 21:52:19 GMT
ETag: "8b5-5a3d40794a733"
Accept-Ranges: bytes
Content-Length: 2229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
143.204.55.73301 Moved Permanently 167 B URL HTTP/1.1 i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
IP 143.204.55.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j7J_UbjFqJ93wBm0EJOzKUf9H81S9Gn1pPUGJLbwY_zb0V5YnoGHJA==
Vary: Origin
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2K0i7PZbOx-sdLOAOTTqmUTmt_OYVra8KEiFOklAc6JEiXRhS8wbc4u0Pz3P2tQhxoiEizWE9CqagblX04T9KV_fl9oyUaV1pnkyNlV_uU2-KzJ79RySYCJAg=w72-h72-p-k-no-nu
142.250.74.97404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2K0i7PZbOx-sdLOAOTTqmUTmt_OYVra8KEiFOklAc6JEiXRhS8wbc4u0Pz3P2tQhxoiEizWE9CqagblX04T9KV_fl9oyUaV1pnkyNlV_uU2-KzJ79RySYCJAg=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 69b51b73a46f750627f4da7cab7835f1
d1458e11e9c3cf51dcc4562762d01843e4953671
875de2246c2bf2a16d01fb678d3f9e6eccc8ca93ce78bb3f8ac0f87e44507ec3
GET /blogger_img_proxy/ANbyha2K0i7PZbOx-sdLOAOTTqmUTmt_OYVra8KEiFOklAc6JEiXRhS8wbc4u0Pz3P2tQhxoiEizWE9CqagblX04T9KV_fl9oyUaV1pnkyNlV_uU2-KzJ79RySYCJAg=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 22:37:19 GMT
server: fife
content-length: 1724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 41da4ff2e0bbfa30a4aaea1d64049315
c921b22673c25dc565fefd636b5424947cb1651a
8180b67db20d3e8a508e0253f1691e421a190fb4967853fcc0129b49b22467b3
GET /gtag/js?id=G-RP7FMTL79Y HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 22:37:19 GMT
expires: Thu, 01 Dec 2022 22:37:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
babab.net/banner.jpg
188.114.97.1200 OK 2.6 kB IP 188.114.97.1:0
Hash 0dc8498ede4408b84baf050d83fe3594
77a872f3cd240afa2b098c33829c8829fa17cb6f
09b481543d757873c21f172db863b888c42ee386ec2ad4e08be69f41a36e70c3
GET /banner.jpg HTTP/1.1
Host: babab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.3.3
set-cookie: PHPSESSID=00qnsefs0gj3reb7nmp3ure7k6; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0b0s80cW%2BPTp0V%2FCwjOKEBs4ln%2FGy1Q75uETrd7eS4QD2o%2Bg8nE8dXu12xn%2BEJCGf8ZxL7p7aBn6qV%2B4FGtA%2F9hcKAXih7RXIKKzulaFzvNtB3%2Bs5kY2stf9rrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e851ad4b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4e80f7c7881a59c803300394579662bb
93e63edf849efc9a88ee682c037f43d9a0e348ff
fa09b38bf3160a1f0bddfa4849d500ccedee9d0b48ff5c3497cfe3c6f39efb1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 18:31:19 GMT
Expires: Tue, 06 Dec 2022 18:31:18 GMT
Etag: "93e63edf849efc9a88ee682c037f43d9a0e348ff"
Cache-Control: max-age=416638,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f4e854e7d0b55-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash df2ebd88613ea4c9b36cd273d9d20341
440db53197294bbbebbd22714b593b3fee40be47
78be3006a1d920c8ad1b817062edf74b8e73bfb74b3c44061e702ffe18701692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6171
Cache-Control: max-age=119568
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:19 GMT
Etag: "63884494-118"
Expires: Sat, 03 Dec 2022 07:50:07 GMT
Last-Modified: Thu, 01 Dec 2022 06:07:16 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 280
bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.457.0
139.45.197.234200 OK 1.8 kB URL HTTP/2 bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.457.0
IP 139.45.197.234:0
Hash ea2379c6b5ee4e8fe99fcbb9b0f81015
ccca20f962d329b8440f0433cecee63aae770788
4c2b3ac7745bb271abefe93d7187197b84ae35a32a8e4ed40a9029c9a0bb7067
GET /5/3294720/?oo=1&js_build=iclick-v1.457.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: application/json
x-trace-id: 92f84115e5746802e6ae4eb721dac3ce
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://indahjiwadanrupa.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b4f7007fe29a4a338116709654f3cd52; expires=Fri, 01 Dec 2023 22:37:19 GMT; path=/; secure; SameSite=None
oaidts=1669934239; expires=Fri, 01 Dec 2023 22:37:19 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e6db9ad2f1ad48126c8dfc3dd883b1b8
981ae1e40da6163043c5de563e6e97a7062d9ea3
bacdc8d0f610e0cf1b71a735fc64bf1468114abacb1e3877b735ba8ba3741d06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 22:30:51 GMT
Expires: Thu, 08 Dec 2022 22:30:50 GMT
Etag: "981ae1e40da6163043c5de563e6e97a7062d9ea3"
Cache-Control: max-age=603810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f4e861f470b31-OSL
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.widgeo.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 272678
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=22x37x18&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/
143.204.46.236302 Found 156 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=22x37x18&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/
IP 143.204.46.236:0
File type HTML document, ASCII text
Hash 72f0debe87f66f19435b46f08351dc9f
f1965f74f7de70084021683bfb2716e61cc540b8
07ba9d7bc2a69e95894acfd3cc9db3eedb5f6c5f9173b40e3dd6526100af7831
GET /hit.xiti?s=281802&p=geocity_blue2&hl=22x37x18&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/ HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 156
date: Thu, 01 Dec 2022 22:37:19 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_blue2&hl=22x37x18&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=9C0B446C-710C-4DBC-841E-6ACC790DEE70; Path=/; Domain=xiti.com; Expires=Mon, 01 Jan 2024 22:37:19 GMT; HttpOnly
atidx=9C0B446C-710C-4DBC-841E-6ACC790DEE70; Path=/; Domain=xiti.com; Expires=Mon, 01 Jan 2024 22:37:19 GMT; HttpOnly; Secure
atid=9C0B446C-710C-4DBC-841E-6ACC790DEE70; Path=/; Domain=xiti.com; Expires=Mon, 01 Jan 2024 22:37:19 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 42v10gp3wrJP814z_zq-NRwZHIe9MeBUhMZMuKhx4iQPjUhmVCXDPA==
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
142.250.74.138200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:33:40 GMT
expires: Sun, 26 Nov 2023 12:33:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 468219
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e6db9ad2f1ad48126c8dfc3dd883b1b8
981ae1e40da6163043c5de563e6e97a7062d9ea3
bacdc8d0f610e0cf1b71a735fc64bf1468114abacb1e3877b735ba8ba3741d06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 22:30:51 GMT
Expires: Thu, 08 Dec 2022 22:30:50 GMT
Etag: "981ae1e40da6163043c5de563e6e97a7062d9ea3"
Cache-Control: max-age=603810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f4e8738130b55-OSL
www.exactseek.com/images/exactbutton1.gif
70.35.204.181200 OK 3.5 kB URL HTTP/1.1 www.exactseek.com/images/exactbutton1.gif
IP 70.35.204.181:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash fcca6f86d560ed5a0707708d4c82fec1
531a5a8c0e53c3d2021007b88c045d8c6618a07e
80caea32c373db145d7cc840e333eacd1459c30f815027d185030b45ca7182fb
GET /images/exactbutton1.gif HTTP/1.1
Host: www.exactseek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 16 Apr 2012 18:53:03 GMT
ETag: "dcd-4bdd054f481c0"
Accept-Ranges: bytes
Content-Length: 3533
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
96.30.9.108200 OK 1.3 kB URL HTTP/2 checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
IP 96.30.9.108:0
File type GIF image data, version 89a, 180 x 60\012- data
Hash 785039293e19a0f0a0db1231b9704b67
8c2f91b1a33a4f266f23f06b7dfa8ab4a431a400
118d4625d63c95ff6bdbf63452619f02b738a2055c5ee4ba986d114ad0d007ab
GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1
Host: checkpagerank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=2592000
expires: Sat, 31 Dec 2022 22:37:20 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1278
content-type: image/gif
date: Thu, 01 Dec 2022 22:37:20 GMT
server: Apache
X-Firefox-Spdy: h2
2.bp.blogspot.com/-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png
142.250.74.161200 OK 279 B URL HTTP/1.1 2.bp.blogspot.com/-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png
IP 142.250.74.161:0
Hash a40e191e2c32caa23c7ec1abea39e991
b03456fefb0156a48fae623cdc3c444c44d2481e
23abf43db4e7fafcd42f2114b823179fa4119c04f317cd0ee8c395e0688778cd
GET /-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="WELCOME-BACKGROUND.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 160971
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:19 GMT
Expires: Fri, 02 Dec 2022 10:50:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2c4"
Content-Type: image/png
Age: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7091
Expires: Fri, 02 Dec 2022 00:35:31 GMT
Date: Thu, 01 Dec 2022 22:37:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7091
Expires: Fri, 02 Dec 2022 00:35:31 GMT
Date: Thu, 01 Dec 2022 22:37:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7091
Expires: Fri, 02 Dec 2022 00:35:31 GMT
Date: Thu, 01 Dec 2022 22:37:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7091
Expires: Fri, 02 Dec 2022 00:35:31 GMT
Date: Thu, 01 Dec 2022 22:37:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 2829
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89502a302863c914b4de5e8c6a7f6846
898d50ac6e372609656fccee27de3d036bc0281c
9bc1f83d570d70b7e17e5de7a1546885851431ea989d915852ae7130387c422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5675
x-amzn-requestid: a47e049a-6f76-4af4-8064-fd7722bcfb17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepGYEIAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-09e13afe27c4dc5b44e828be;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U_3ah2pFrsQl9IVVqm9EVI99FnF79b9zOUFVBGX966JAjkDg6UF--A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 2964
etag: "898d50ac6e372609656fccee27de3d036bc0281c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 2844
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a40e191e2c32caa23c7ec1abea39e991
b03456fefb0156a48fae623cdc3c444c44d2481e
23abf43db4e7fafcd42f2114b823179fa4119c04f317cd0ee8c395e0688778cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:20 GMT
Last-Modified: Thu, 01 Dec 2022 21:15:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 3753
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 2625
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 2610
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.widgeo.net/tcm.js
104.26.11.22200 OK 18 kB IP 104.26.11.22:0
File type HTML document, ASCII text, with very long lines (673)
Hash 89223124aaee172331368be5c37158c8
64d05848e7cffeaf48af882c2c45a62cf28436c6
ef26037756c85499498d9520102cc5c7d9aa24802db972a39f9c2f0e939f3426
GET /tcm.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 06:42:01 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 489317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVaK2BXJaWIPYE7FSnBntesOl%2FDBojnIX%2BKhMamdBp0GD%2B3ELMDvoSj%2BBeSv%2B6GFlLPW6EuP8Eckxpct86SL3v%2FgS%2B5lwWt27uR2zqQhKKNNB9oEdiemA2h6MD39AuXs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e847d13b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18364
Expires: Fri, 02 Dec 2022 03:43:24 GMT
Date: Thu, 01 Dec 2022 22:37:20 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=b4f7007fe29a4a338116709654f3cd52
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=b4f7007fe29a4a338116709654f3cd52
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash a00ecde38bbc115ac2b1143b253f36a0
c73a9bc3aed739d1d82978ddbe91ca72c53c83ba
b2182c4c78475e949fe8aa8af1ca4556ca045fb38e522cddeb8dde18a5a8d4db
GET /gid.js?userId=b4f7007fe29a4a338116709654f3cd52 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 22:37:20 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://indahjiwadanrupa.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b4f7007fe29a4a338116709654f3cd52; expires=Fri, 01 Dec 2023 22:37:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 2957
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 21397
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 081f27e87b02fb79b3453a116e731959
03e52819d86a0fa523e77ed24126e76e5369bd21
10283df9fce094267720532246e9d80b3c2061425f657497652e71de4c95de06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 22:37:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 01:33:19 GMT
Expires: Tue, 06 Dec 2022 01:33:18 GMT
Etag: "03e52819d86a0fa523e77ed24126e76e5369bd21"
Cache-Control: max-age=355557,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772f4e89daa90b31-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 952
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 01 Dec 2022 22:37:20 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://indahjiwadanrupa.blogspot.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ws.sharethis.com/button/async-buttons.js
54.230.111.82200 OK 19 kB URL HTTP/2 ws.sharethis.com/button/async-buttons.js
IP 54.230.111.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b3b7d06f8df8276ede0facec198706e
3e42fc6cacb95a5fa1b56c5b3984e8269752fbbe
342ffe242184c80ddf304e21db8b256ccb8aecb1f4bd9363802dcf2f36053837
GET /button/async-buttons.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18813
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
cache-control: max-age=259200
date: Wed, 30 Nov 2022 21:42:44 GMT
expires: Sat, 03 Dec 2022 21:42:44 GMT
etag: W/"634f1895-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NfpOjmrwdU7HazvNixb448PZjX1a9BLxAhIsq1FfO3t_8kl8WKmQSA==
age: 89677
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=15725
date: Thu, 01 Dec 2022 22:37:21 GMT
X-Firefox-Spdy: h2
ws.sharethis.com/button/css/buttons-secure.css
54.230.111.82200 OK 3.9 kB URL HTTP/2 ws.sharethis.com/button/css/buttons-secure.css
IP 54.230.111.82:0
File type ASCII text, with very long lines (23158), with no line terminators
Hash 61da924a747e08c5f54a6cb31c724a48
8e49d971d6a667c3888a481b742e05cafcf72a43
54302324d4b6aa780466c869b9932504d0b1eaa7ef1df6c5481b35fb0625343a
GET /button/css/buttons-secure.css HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3851
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Wed, 30 Nov 2022 23:28:16 GMT
etag: W/"634f1895-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iPIICc4-LXemnqKMkHUkupk3IL3xYg-PjHOMzp6Bin626SYQegiMJw==
age: 83345
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
assets.pinterest.com/js/pinit_main.js?0.21188866738032608
151.101.244.84200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js?0.21188866738032608
IP 151.101.244.84:0
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js?0.21188866738032608 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Thu, 01 Dec 2022 22:37:21 GMT
content-length: 18679
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 01 Dec 2022 22:37:21 GMT
Connection: keep-alive
Content-Length: 0
www.salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1
111.90.135.111301 Moved Permanently 0 B URL HTTP/1.1 www.salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1
IP 111.90.135.111:0
ASN #45839 Shinjiru Technology Sdn Bhd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1 HTTP/1.1
Host: www.salam.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
set-cookie: wpzerospam_ip_checked=91.90.42.154; path=/
wpzerospam_has_access=1; path=/
wpzerospam_access_checked=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_cached=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_blacklist_api=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_attempts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
content-length: 0
date: Thu, 01 Dec 2022 22:37:21 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 03b4ca43ef7bedcf01847dd1b3e8475d
fa0dfaaf6fa65c5452c203aa61f2be745077205f
f452c032f05acbff6c7f7e033ec91d7cbd707315251fae5eec9d64bed185d68d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3677
Cache-Control: max-age=102297
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:21 GMT
Etag: "63880add-1d7"
Expires: Sat, 03 Dec 2022 03:02:18 GMT
Last-Modified: Thu, 01 Dec 2022 02:01:01 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
indahjiwadanrupa.blogspot.com/favicon.ico
172.217.21.161200 OK 412 B URL HTTP/1.1 indahjiwadanrupa.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/2013/08/selambagadis-cantik-ini-telanjang-dalam.html
Cookie: ck_TCM_pop=1
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Thu, 01 Dec 2022 22:37:21 GMT
Date: Thu, 01 Dec 2022 22:37:21 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 22 Nov 2022 15:14:41 GMT
ETag: W/"ecbad70b21d766f29b6cf283af936d9cabbba864bb23876d2055a88b5952c74b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a48642d82eee3c432a3f38879f9541b
f53e46a8406bbad51319826db59b6c265622241f
33a0510300258746dda57d56cf6fec74147cd138f7bae2c609d0976841fc3adc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4555
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:21 GMT
Last-Modified: Thu, 01 Dec 2022 21:21:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
1.bp.blogspot.com/-r3RYZkB4Pis/T7alrxNFYyI/AAAAAAAAGc4/TCBwHNxEwR4/s400/gc_social_sprite.gif
142.250.74.161200 OK 6.1 kB URL HTTP/1.1 1.bp.blogspot.com/-r3RYZkB4Pis/T7alrxNFYyI/AAAAAAAAGc4/TCBwHNxEwR4/s400/gc_social_sprite.gif
IP 142.250.74.161:0
File type PNG image data, 45 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 0370e7bc1f589eb6606921b18fc7c8df
8ed821462b982ec4b3f29979171925d0becb1980
c0a89f037cf7a5278247127541baacb6552463168921ead5515a47f435d29f03
GET /-r3RYZkB4Pis/T7alrxNFYyI/AAAAAAAAGc4/TCBwHNxEwR4/s400/gc_social_sprite.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gc_social_sprite.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 6060
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:37:21 GMT
Expires: Thu, 01 Dec 2022 11:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19ce"
Content-Type: image/png
Age: 0
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash f7b4c4cbca2321fe1e60d1852a4e76a9
8de304ff4b1c2722e7c14baddf64821730967c8e
7044430ae86a8ef55acc33f06db1dbd290dba9e525277521007da085e20cde06
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e1ba93287fd82f06a5911580b601f119
etag: "672c7496f08c7767ebd31a64ee587e68"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Dec 2022 22:56:21 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 97TEy8ojIf4eYNGFKk52qQ==
x-fb-debug: 00nzOBP4wBQ1gl54sZVvR8gbVaHuoV0dg4jKj2pyOCxyDtZ0TXdWzEGgXSmYukr+e5Yo1rNO6fKHYjMrJMbwrQ==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Thu, 01 Dec 2022 22:37:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 5.7 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash d34e1ccea0a98470a4fb2b8429f9e932
8856b7dbe010c6a36b1133b665ade78becfc0ca3
00c3f32b3c7f4621257ee166a227b2f71738decda7b4d1a0894c27413cedafd7
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:20 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1183
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmTv9kGgkDjNucyUrebcUc4W%2FG5itGR1byZNoAFRw6crL7v5MCWb5sfO1nBkniY9HiKaw85LVYE0FKeakw%2F%2BOFtLcXsDZWvK%2F11Nh4B7COkL2QNWaZ5tpmmmsm%2F7vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772f4e888d74b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash c0badc896cf87eaa76be5ebf7059b187
0fe6e28d1b9a34cfc34ac3f85f1f5a24beb65b15
44f5428bcfe263a18680253ec9739f265f47ef7761e5879b9ab2a26b3c6afeb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157120
Date: Thu, 01 Dec 2022 22:37:21 GMT
Etag: "6388eead-1d7"
Expires: Sat, 03 Dec 2022 18:16:01 GMT
Last-Modified: Thu, 01 Dec 2022 18:13:01 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DBuNbT_iHzu7u79CdsnIzWpx7z5VFQU5k60Du8cCemVdfeql5jiLpA==
Age: 180
i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
143.204.55.106200 OK 0 B URL HTTP/2 i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
IP 143.204.55.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 918
date: Thu, 01 Dec 2022 22:37:20 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="recurso_9_1.webp"
expires: Fri, 01 Dec 2023 22:37:20 GMT
server: photobucket
x-amzn-trace-id: Root=1-63892c9f-76a7d0633f5985b61b0803c8
x-request-id: YN9VnbNpRZjL-TJWUu2v1
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6FcNkcOMzRgoWvezPS48E5y_5PusvIAjM6jIJdFegvx4UJSX3FSk4g==
vary: Accept, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a26afaaadb2a0ed8f3adf3ba46f076b0
fd5066cc90bd627ab0cf7f2463ae71b26f7ebf38
0ef7ce87cf40f2eabf3daab6d1336bfd51f0539f6d174a5f66afdd898acd1d06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 22:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
142.250.74.131200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 142.250.74.131:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 08:48:19 GMT
expires: Wed, 29 Nov 2023 08:48:19 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 19 Nov 2022 03:11:36 GMT
content-type: text/javascript
age: 222542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
developers.google.com/
142.250.74.174301 Moved Permanently 0 B IP 142.250.74.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: d0c85a140efab986df6a2fb36907695a
Date: Thu, 01 Dec 2022 22:37:21 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
111.90.135.111404 Not Found 7.2 kB URL HTTP/1.1 salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
IP 111.90.135.111:0
ASN #45839 Shinjiru Technology Sdn Bhd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash b499c9a075b108727babb0ecaec031c8
bad8edb8932573822dcb1852bd4e8d8ab179b0d3
b834c6f49370e8f66cec8feb7bbaf5a5942a1d7b119b68c82d775472cbc4cee6
GET /widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1 HTTP/1.1
Host: salam.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
set-cookie: wpzerospam_ip_checked=91.90.42.154; path=/
wpzerospam_has_access=1; path=/
wpzerospam_access_checked=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_cached=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_blacklist_api=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_attempts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <http://salam.my/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 01 Dec 2022 22:37:21 GMT
server: LiteSpeed
www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
188.114.96.1403 Forbidden 4.2 kB URL HTTP/1.1 www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1071)
Hash d5b00100f173cdfe34c7b624febe3551
c8a29addc898af5820c65cf69369e316a9c15a4c
92067b44b67b9371e30d695570cb22653048037b6c6a883b8869de837ae3500b
GET /widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3 HTTP/1.1
Host: www.apesal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Thu, 01 Dec 2022 22:37:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Bljb4NMYBWclxcoGlrLY8NxfZzPlFIZTHC09v1Va8quR2yPumwqmPYse2o7ZY2zBXckgs7ZejP%2FhADnem9cC%2B06SrKImWo%2F2zWKCUR2LEShaoGxaazr9RsDiZT8Y8XiJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772f4e96ea090b4d-OSL
Content-Encoding: gzip
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1669934237246.82838&hostname=indahjiwadanrupa.blogspot.com&location=%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&title=Segalanya%20disini%20bermula%3A%20Selamba%2CGadis%20cantik%20ini%20telanjang%20dalam%20Restoran%20makanan%20segera&sop=false&description=%20%20%20Seorang%20gadis%20cantik%20berkulit%20putih%20berusia%2019%20tahun%20tiba-tiba%20membuka%20bajunya%20dan%20telanjang%20di%20teras%20sebuah%20restoran.%20Pemilik%20restoran%20p...&description=%20%20%20Seorang%20gadis%20cantik%20berkulit%20putih%20berusia%2019%20tahun%20tiba-tiba%20membuka%20bajunya%20dan%20telanjang%20di%20teras%20sebuah%20restoran.%20Pemilik%20restoran%20p...&img_pview=true
35.157.109.18204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1669934237246.82838&hostname=indahjiwadanrupa.blogspot.com&location=%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&title=Segalanya%20disini%20bermula%3A%20Selamba%2CGadis%20cantik%20ini%20telanjang%20dalam%20Restoran%20makanan%20segera&sop=false&description=%20%20%20Seorang%20gadis%20cantik%20berkulit%20putih%20berusia%2019%20tahun%20tiba-tiba%20membuka%20bajunya%20dan%20telanjang%20di%20teras%20sebuah%20restoran.%20Pemilik%20restoran%20p...&description=%20%20%20Seorang%20gadis%20cantik%20berkulit%20putih%20berusia%2019%20tahun%20tiba-tiba%20membuka%20bajunya%20dan%20telanjang%20di%20teras%20sebuah%20restoran.%20Pemilik%20restoran%20p...&img_pview=true
IP 35.157.109.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1669934237246.82838&hostname=indahjiwadanrupa.blogspot.com&location=%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&title=Segalanya%20disini%20bermula%3A%20Selamba%2CGadis%20cantik%20ini%20telanjang%20dalam%20Restoran%20makanan%20segera&sop=false&description=%20%20%20Seorang%20gadis%20cantik%20berkulit%20putih%20berusia%2019%20tahun%20tiba-tiba%20membuka%20bajunya%20dan%20telanjang%20di%20teras%20sebuah%20restoran.%20Pemilik%20restoran%20p...&description=%20%20%20Seorang%20gadis%20cantik%20berkulit%20putih%20berusia%2019%20tahun%20tiba-tiba%20membuka%20bajunya%20dan%20telanjang%20di%20teras%20sebuah%20restoran.%20Pemilik%20restoran%20p...&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 01 Dec 2022 22:37:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
connect.facebook.net/en_US/sdk.js?hash=82eca85097171e85d4812d9177d9c7ba
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=82eca85097171e85d4812d9177d9c7ba
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 412660f5227eaf29f00b40956bca9f52
d4e5db2b2168dd378c92a5c9281b700d80fee810
923d599e19fb7bdc473fcece7324fee886cbd3055aeb1ae223393a984a258cb6
GET /en_US/sdk.js?hash=82eca85097171e85d4812d9177d9c7ba HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 34cab6a8e0bb1e3cb2e2ac50c4f71e35
etag: "ef87f91cf9ad5bb738a9e88620da0018"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Dec 2023 21:58:29 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: QSZg9SJ+rynwC0CVa8qfUg==
x-fb-debug: JKI63/b86rQpO9nLGTzcZ+MCIwpl/EO0g3wVhr42tuYdKnKkuSVMJIHQKzzSqSIx9tNzTMa+Vt14rhsy0QyJJg==
priority: u=3,i
content-length: 86897
x-fb-trip-id: 1904183273
date: Thu, 01 Dec 2022 22:37:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
log.pinterest.com/?type=pidget&guid=yeLsryzGNeBE&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&viaSrc=canonical
151.101.64.84200 OK 0 B URL HTTP/2 log.pinterest.com/?type=pidget&guid=yeLsryzGNeBE&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&viaSrc=canonical
IP 151.101.64.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=pidget&guid=yeLsryzGNeBE&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&viaSrc=canonical HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 1
server: envoy
x-pinterest-rid: 1833402862091116
accept-ranges: bytes
date: Thu, 01 Dec 2022 22:37:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669934244.926016,VS0,VE42
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
developers.google.com/
142.250.74.174200 OK 11 kB IP 142.250.74.174:0
Hash 080e15f3e6fbe0b150848e09ce7aec79
9327490ccf9f4234d2cce3852d6037208ac793eb
745d2cfd6962c8a7bae995b3b1cf951448987491ebc6cedb2ae9ef0106b24c9a
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 18:10:23 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.3265147119.1669934242; Expires=Sat, 30 Nov 2024 22:37:22 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-8qL7AqjFJXhvjFWI9diUXJC6cfwVzt' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 7452b10044973f99ba230cd088ad0f4c;o=1
vary: Accept-Encoding
date: Thu, 01 Dec 2022 22:37:22 GMT
server: Google Frontend
content-length: 25450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/secure/images/bubble_arrow_below.png
54.230.111.82200 OK 969 B URL HTTP/2 ws.sharethis.com/secure/images/bubble_arrow_below.png
IP 54.230.111.82:0
File type PNG image data, 6 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash d1f25a37ca362d92093faa4f380b23e6
bebe0013eae4e14a516d1e1ac3773ff2cca425c3
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
GET /secure/images/bubble_arrow_below.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 969
accept-ranges: bytes
cache-control: max-age=31536000
date: Tue, 27 Sep 2022 04:35:06 GMT
etag: "62bdf287-3c9"
expires: Wed, 27 Sep 2023 04:35:06 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BpRy8WZhayW5nk58QlCXyyGUUgyzmjgjAU3Kl7_q5rv7XIFlCnZTVQ==
age: 5680938
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 22:37:19 GMT
date: Thu, 01 Dec 2022 22:37:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&callback=PIN_1669934240085.f.callback[0]
151.101.64.84200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&callback=PIN_1669934240085.f.callback[0]
IP 151.101.64.84:0
GET /v1/urls/count.json?url=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2F2013%2F08%2Fselambagadis-cantik-ini-telanjang-dalam.html&callback=PIN_1669934240085.f.callback[0] HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Thu, 01 Dec 2022 22:52:23 GMT
x-envoy-upstream-service-time: 4
x-pinterest-rid: 9417756674450332
date: Thu, 01 Dec 2022 22:37:24 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/5564844648999899487?po=7864484850325391998&hl=en&blogspotRpcToken=4704394
142.250.74.41200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/5564844648999899487?po=7864484850325391998&hl=en&blogspotRpcToken=4704394
IP 142.250.74.41:0
GET /comment/frame/5564844648999899487?po=7864484850325391998&hl=en&blogspotRpcToken=4704394 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Dec 2022 22:37:18 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
content-security-policy: script-src 'nonce-hzp0L0Mi16DKdJeQ3tHZdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=UytmoyOktJW11z1aKb2Avh9DPEuzWFkybh-LFgkhx62s9FETt5uD_kYqA0CjaOBtw3pouLbHuusPGqwrnDlTQkgxZbchg9JM2-4g4L2eFsX2M8VI0yb-WgbxCX655c61QoYtPZp2yhJDTCMYwWqJB0XoLL4SL-oIKceQ7RNl1CY; expires=Fri, 02-Jun-2023 22:37:18 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 0 B IP 172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1f473acce16fed3ebd00977c4d6c0f95
cache-control: max-age=86400
last-modified: Thu, 01 Dec 2022 14:00:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 02 Dec 2022 21:43:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfcNjdlZXpKzqoB7nw4Tl8w%2FSnVYLdKQmUoFRtTkrGESNqAJuHf2aRYutvmEhyenRGHgxCm9fAOZeWpIiO6kBwB7uByroiIjXtR%2Bd%2F62zCSCdxUUDGMpQ4wMnH9VKkoW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772f4e83dc46b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Findahjiwadanrupa.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.77200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Findahjiwadanrupa.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.77:0
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Findahjiwadanrupa.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Dec 2022 22:37:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-UCVEQ2-a86Qro2FlBsSyTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
104.26.11.22200 OK 0 B URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
IP 104.26.11.22:0
GET /hitparade.php?pagexiti=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 22:37:19 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Thu, 01 Dec 2022 22:40:18 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pjc61mw3JlwZv5AJLcuPTjDm79eyGH%2B6avmu9G8fK3VFuZ%2FQ4ayk%2F1iGXgGZxJoKQFqah6A10dxLssPry1iqPQ2%2FrRNQN%2Bdk7sqEXRcz9LT0KIwagAurJTHexb4dQVxR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772f4e844cf3b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2