firefox.settings.services.mozilla.com/v1/
18.165.201.80200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 19:03:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 7VSLNBfhAEMCgmwPFarLRgdquGE4sn6gIdaiDkmcW4ZElxTXLBMrbg==
Age: 1468
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7735
Expires: Sun, 02 Oct 2022 21:36:37 GMT
Date: Sun, 02 Oct 2022 19:27:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 3c40a0775e2798dc9f20a237d0225e44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: LfpYa5gyvTET7chuNvhaBteTpCoX5nxZmq0pmkVtDLRvaWDEDt6_HQ==
age: 57266
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:27:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.80200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 18:32:57 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 18:33:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: CSrveAWRYs4tPYp3eQJlfIGsshcNGhdO2HNIz7MK4MYf_xKqIx_vrA==
Age: 3290
cvdinwwe1.blogspot.com/2021/12/transformers-fall-of-cybertran.html
142.250.74.161301 Moved Permanently 208 B URL HTTP/1.1 cvdinwwe1.blogspot.com/2021/12/transformers-fall-of-cybertran.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b21285d743ab0e043ac385eaa6ee0a2e
b36a367a64d9523f48a07983ee6cfd299e7b0b52
d72c63cf469133dd7883aa2a9bb5b775a6b7a4b536730351d7e8873e0c93d988
GET /2021/12/transformers-fall-of-cybertran.html HTTP/1.1
Host: cvdinwwe1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://cvdinwwe1.blogspot.com/2021/12/transformers-fall-of-cybertran.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 02 Oct 2022 19:27:43 GMT
Expires: Sun, 02 Oct 2022 19:27:43 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 208
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f463246d0c457f4f56bc3e1804e7595d
ec27ed90d931e85184d47c818018b4bb9eae30f3
fba2c18e2c4084dd63024f16f96c0a8223a4c7e903f67f2c8c458658f22d15fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5095
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:43 GMT
Last-Modified: Sun, 02 Oct 2022 18:02:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: totlwwbb7MJziK9ALtaomQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FUt8z0wgoWWmDHVGl9IQHY3pTOY=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f463246d0c457f4f56bc3e1804e7595d
ec27ed90d931e85184d47c818018b4bb9eae30f3
fba2c18e2c4084dd63024f16f96c0a8223a4c7e903f67f2c8c458658f22d15fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5080
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Last-Modified: Sun, 02 Oct 2022 18:03:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cvdinwwe1.blogspot.com/2021/12/transformers-fall-of-cybertran.html
142.250.74.161200 OK 46 kB URL HTTP/2 cvdinwwe1.blogspot.com/2021/12/transformers-fall-of-cybertran.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2619)
Hash f3a060f1fc0b15000a5a7ec5a4998c88
288d3b0dc90497cbb99efd88982924da77f77e22
a06f67a0cf66de1efce7423a84f5f13a3ba2df16da659a749ce052abc760252b
GET /2021/12/transformers-fall-of-cybertran.html HTTP/1.1
Host: cvdinwwe1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 02 Oct 2022 19:27:43 GMT
date: Sun, 02 Oct 2022 19:27:43 GMT
cache-control: private, max-age=0
last-modified: Sun, 02 Oct 2022 13:15:31 GMT
etag: W/"ae1ed1c744057fe2bd1b52c9a667041284c328f4b69a827fad0e7197dadcb556"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 46046
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-74Z4HZYVJZ
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-74Z4HZYVJZ
IP 142.250.74.168:0
File type ASCII text, with very long lines (21677)
Hash 6ea40920b96e99ff7d47b3b36ceb14a6
c9408989370056e2cac0194308a383d81a31c2e4
031a7af7e61ffd29db1fee6398d065e90d672bdf32b72026dacd60120d6d6c1b
GET /gtag/js?id=G-74Z4HZYVJZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 19:27:44 GMT
expires: Sun, 02 Oct 2022 19:27:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 029b27f123345cd078717f2ca6e4b233
827daa93900ae5b3cd1e98aecfaae19a1822924f
e4aad208a91d0757efa1898eb5525ffb8c85d8e5090cb0502a4d52bbbe53f664
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c120ef4802f4eb64e93225496ba6944a
cdebb30349fa79f7ddb7d13aac47735565ac0ba2
1bcd7dc722018962f16783f0f888742a7926c0a7e466deef174f0f4fc5eb4a4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c934479af13c3610adb14d03367e6dd
9472ffa8be13cd76e5dda4f4e990312b7ea26719
f63bc3767aed93a82146b82ed82672f519331c541d4bcc12e5a17bb0195ffc8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5080
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Last-Modified: Sun, 02 Oct 2022 18:03:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
cdn.ampproject.org/v0/amp-ad-0.1.js
216.58.211.1200 OK 23 kB URL HTTP/2 cdn.ampproject.org/v0/amp-ad-0.1.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (65534)
Hash bc3264f378ead3df9d81927491f763d6
0d120f9441fd4b51bfa9c6922f5b65c7bbf9fd71
8763c15467ac44f559f1ac39599ae6caa9f4c228e1db37f59d2c9b6b9facb619
GET /v0/amp-ad-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 23032
date: Sun, 02 Oct 2022 19:27:44 GMT
expires: Sun, 02 Oct 2022 19:27:44 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "17406dee48d4bcdb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.201200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:39:06 GMT
expires: Sun, 01 Oct 2023 12:39:06 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: text/css
age: 110918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 15:24:58 GMT
expires: Sun, 01 Oct 2023 15:24:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 100966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c57a62fb230234e53b81a5603d3dce29
b6646ed0fd7416598a3b4137a17af8380428d277
e411e0959fc27b02f074b3bd685a9cb507dceb7295258b05577f481b03d3d36c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c57a62fb230234e53b81a5603d3dce29
b6646ed0fd7416598a3b4137a17af8380428d277
e411e0959fc27b02f074b3bd685a9cb507dceb7295258b05577f481b03d3d36c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 54 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (2910)
Hash 6b3b2e30d2fa1104b201135be2483121
fec3a1c5570e244ab1cf07cce88f16e1ce9a7dc6
bdb66a3f400338936e2513526052d672ca207c72e1027955942a7cc43516b74f
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sun, 02 Oct 2022 19:27:44 GMT
expires: Sun, 02 Oct 2022 19:27:44 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10900089609398797691
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.11.207200 OK 63 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (27303)
Hash e136d67a5206790c768c25679e0d53b4
4fd69013d91f28014178a9a0c65a774b9e86c804
5d1d6eea37cd5fd19099dfd6f3f8fa4a03df9d95f8afd6aab033786a508b9c0d
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:44 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 10183112
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753fd64cd9ee0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NB2CR68
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NB2CR68
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 0ba27bb0c2a3c0096adebf52477b7541
e4dbb0e89dad9f2244b47716b5d3d0491fe2d3f7
17b94efb4132e74e228f39fe2194104021c2d828d576fced16fb90242ee7ae75
GET /gtm.js?id=GTM-NB2CR68 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 19:27:44 GMT
expires: Sun, 02 Oct 2022 19:27:44 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c934479af13c3610adb14d03367e6dd
9472ffa8be13cd76e5dda4f4e990312b7ea26719
f63bc3767aed93a82146b82ed82672f519331c541d4bcc12e5a17bb0195ffc8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c120ef4802f4eb64e93225496ba6944a
cdebb30349fa79f7ddb7d13aac47735565ac0ba2
1bcd7dc722018962f16783f0f888742a7926c0a7e466deef174f0f4fc5eb4a4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 02 Oct 2022 18:41:09 GMT
expires: Sun, 02 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 2795
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/assoc.js
13.249.251.38404 Not Found 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/assoc.js
IP 13.249.251.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aax2/assoc.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: application/javascript
content-length: 0
date: Sun, 02 Oct 2022 19:27:43 GMT
server: Server
content-encoding: gzip
x-amz-rid: 1AW7VACNZPTKMH3S6DRH
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 c79c2a81ac4d9188a11e797e452b6892.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: 4Srx3tNwPxKK_mT27a7N1JCQ7uHHSKSEaX5paXXVq1PQFpJXNpGnKQ==
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220928/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sun, 02 Oct 2022 13:35:27 GMT
expires: Sun, 16 Oct 2022 13:35:27 GMT
cache-control: public, max-age=1209600
age: 21137
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:14:36 GMT
expires: Tue, 26 Sep 2023 21:14:36 GMT
cache-control: public, max-age=31536000
age: 511988
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16478
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 19:27:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16478
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 19:27:44 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 53165
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef85af3ef63e35a54bc15fbca5d7236b
e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YIlHaBRTk6SiYb8HYfirSHj_stXgWp455OC-J5mRoKH0r42pn9mNeQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:36 GMT
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
content-type: image/jpeg
age: 77648
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 77649
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 78021
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 77579
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbddbe1f7958f13b80e50ab39094b9ab
f73cabc101017a4af09e675ca9262774c177d16a
ebbe6a54e5c390f49452d0afd55899f4dec3836451906945c79bbf165e4e0724
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14117
x-amzn-requestid: adb8a06b-48c2-4805-90ed-1db82d873d49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmFdjoAMFY_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-7f09d2c748de72ca663022df;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awdd8Vr7y-2zR0OTFdMb8PnD2XDg6hsS736tOIH_c5AVOwOSik1zPQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:13 GMT
age: 78031
etag: "f73cabc101017a4af09e675ca9262774c177d16a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f94a2722366412417efbb65aa368b8
f2942fbd2a6f0326f99c3a271de2dab12c881b15
97805013c570f1c9ad0158d99dfc6f521628bfb4b72a2a5d79526ec7b04df2f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-74Z4HZYVJZ&cid=1838036448.1664738864>m=2oe9s0&aip=1
74.125.131.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-74Z4HZYVJZ&cid=1838036448.1664738864>m=2oe9s0&aip=1
IP 74.125.131.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-74Z4HZYVJZ&cid=1838036448.1664738864>m=2oe9s0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cvdinwwe1.blogspot.com
date: Sun, 02 Oct 2022 19:27:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-122907465-1&cid=1838036448.1664738864&jid=1780203857&gjid=359432469&_gid=1131865059.1664738864&_u=IEBAAEAAAAAAAC~&z=42176865
74.125.131.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-122907465-1&cid=1838036448.1664738864&jid=1780203857&gjid=359432469&_gid=1131865059.1664738864&_u=IEBAAEAAAAAAAC~&z=42176865
IP 74.125.131.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-122907465-1&cid=1838036448.1664738864&jid=1780203857&gjid=359432469&_gid=1131865059.1664738864&_u=IEBAAEAAAAAAAC~&z=42176865 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://cvdinwwe1.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 19:27:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ay.gy/images/banners/adfly.728x90.2.gif
104.21.12.124200 OK 36 kB URL HTTP/2 cdn.ay.gy/images/banners/adfly.728x90.2.gif
IP 104.21.12.124:0
File type GIF image data, version 89a, 728 x 90\012- data
Hash b5dbfc06f17604a6cde3bdf07b9ed2f8
c6e2fbb7cb8f4cce7f57be2fd32f5c948ec0c98b
747e5569c0e65deba53e431f6474397b08e6eeab503c89199d27ca96ec421dae
GET /images/banners/adfly.728x90.2.gif HTTP/1.1
Host: cdn.ay.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:44 GMT
content-type: image/gif
content-length: 36112
cache-control: public, max-age=604800
expires: Sun, 09 Oct 2022 19:27:44 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8d10-5faa60e6-e9da364c961b3ae5;;;"
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv7iP9fWmN2AXG2XKxvxFcLrOrwmEaIybijQfrP7JW%2FKEd%2B5fYXkowOe81ID91SnKZxZk4SyS7UzwJORzzWQ7GiKU0vQibNGY7C6kmUcgpOCmuctymvtZ35MaII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd64e2b931c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74Z4HZYVJZ&cid=1838036448.1664738864>m=2oe9s0&aip=1&z=646363520
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74Z4HZYVJZ&cid=1838036448.1664738864>m=2oe9s0&aip=1&z=646363520
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74Z4HZYVJZ&cid=1838036448.1664738864>m=2oe9s0&aip=1&z=646363520 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 19:27:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dac3b3896e33ab0c857846a1f146746d
38bed5a384ebcc3822e0f7d67fe8258a6093f711
6aa39c2e64d87b3a7c5fcb0ec21b815f961d6fb7dcfe1b5b9553b7854ec0046e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA39C2E64D87B3A7C5FCB0EC21B815F961D6FB7DCFE1B5B9553B7854EC0046E"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1861
Expires: Sun, 02 Oct 2022 19:58:45 GMT
Date: Sun, 02 Oct 2022 19:27:44 GMT
Connection: keep-alive
region1.analytics.google.com/g/collect?v=2&tid=G-74Z4HZYVJZ>m=2oe9s0&_p=1287327470&_gaz=1&cid=1838036448.1664738864&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664738864&sct=1&seg=0&dl=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&dt=TRANSFORMERS%20FALL%20OF%20CYBERTRAN%20-%20CVDINWWE&en=page_view&_fv=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-74Z4HZYVJZ>m=2oe9s0&_p=1287327470&_gaz=1&cid=1838036448.1664738864&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664738864&sct=1&seg=0&dl=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&dt=TRANSFORMERS%20FALL%20OF%20CYBERTRAN%20-%20CVDINWWE&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-74Z4HZYVJZ>m=2oe9s0&_p=1287327470&_gaz=1&cid=1838036448.1664738864&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664738864&sct=1&seg=0&dl=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&dt=TRANSFORMERS%20FALL%20OF%20CYBERTRAN%20-%20CVDINWWE&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cvdinwwe1.blogspot.com
date: Sun, 02 Oct 2022 19:27:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f94a2722366412417efbb65aa368b8
f2942fbd2a6f0326f99c3a271de2dab12c881b15
97805013c570f1c9ad0158d99dfc6f521628bfb4b72a2a5d79526ec7b04df2f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/a/AVvXsEioah50pWRQj_DVYyIJaq5ixqTUIoCjQgCb1MhJYAlWEo4FI5K8E_pEsE3mXw3IFLHQ76g5GRKs6MAnZiPrAm0p34Msa1kENTsFzfGi8mbgaL59Wp93v6ijHLfAYzSjOFAlAAGrftEONIaVWYS6y1CXkTBuHO2pb27VXdJ4TK3IX3tbc55vCtVKGkzqrQ=w200-h45
142.250.74.33200 OK 15 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEioah50pWRQj_DVYyIJaq5ixqTUIoCjQgCb1MhJYAlWEo4FI5K8E_pEsE3mXw3IFLHQ76g5GRKs6MAnZiPrAm0p34Msa1kENTsFzfGi8mbgaL59Wp93v6ijHLfAYzSjOFAlAAGrftEONIaVWYS6y1CXkTBuHO2pb27VXdJ4TK3IX3tbc55vCtVKGkzqrQ=w200-h45
IP 142.250.74.33:0
File type GIF image data, version 89a, 200 x 45\012- data
Hash 705fb0141fce01273d219604153813b5
faad6495c29537092b50ff1fb1464325eee1daf9
414b8ade4f8e31ac18b59d45143597ce3e72e6684fd6d8aae4028437a6333463
GET /img/a/AVvXsEioah50pWRQj_DVYyIJaq5ixqTUIoCjQgCb1MhJYAlWEo4FI5K8E_pEsE3mXw3IFLHQ76g5GRKs6MAnZiPrAm0p34Msa1kENTsFzfGi8mbgaL59Wp93v6ijHLfAYzSjOFAlAAGrftEONIaVWYS6y1CXkTBuHO2pb27VXdJ4TK3IX3tbc55vCtVKGkzqrQ=w200-h45 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1519"
expires: Mon, 03 Oct 2022 19:27:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="download s 30coollogo_com-3841279.gif"
content-type: image/gif
vary: Origin
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 19:27:44 GMT
server: fife
content-length: 15053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEgaaWy7w5SYnbLynQE3A3-v2CWSpuUiSXJ_AW99g_EZLNj5d4oRTdfshv9spbM8a0Bjeg_dd7viW_xbNcsNbSOxi7NRNgr7-0uoTNgBD-vJc2abTwmKOQXYSEyutGuecxbKMl3TV0UiartnCbEAchJBm-F5GO-J6-gudSVJO17BWlYVzvFeMuu_IimqVA
142.250.74.33200 OK 18 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgaaWy7w5SYnbLynQE3A3-v2CWSpuUiSXJ_AW99g_EZLNj5d4oRTdfshv9spbM8a0Bjeg_dd7viW_xbNcsNbSOxi7NRNgr7-0uoTNgBD-vJc2abTwmKOQXYSEyutGuecxbKMl3TV0UiartnCbEAchJBm-F5GO-J6-gudSVJO17BWlYVzvFeMuu_IimqVA
IP 142.250.74.33:0
File type GIF image data, version 89a, 106 x 57\012- data
Hash 8f9987e162e834157a67c984a89f83d1
70920118ec27782058d644aaaa164f0d7c70cdf4
2b2c36ecace237e3c3ce048868cb3005f1c970e06c2745ee8a20e9912951e3fe
GET /img/a/AVvXsEgaaWy7w5SYnbLynQE3A3-v2CWSpuUiSXJ_AW99g_EZLNj5d4oRTdfshv9spbM8a0Bjeg_dd7viW_xbNcsNbSOxi7NRNgr7-0uoTNgBD-vJc2abTwmKOQXYSEyutGuecxbKMl3TV0UiartnCbEAchJBm-F5GO-J6-gudSVJO17BWlYVzvFeMuu_IimqVA HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v150d"
expires: Mon, 03 Oct 2022 19:27:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="coollogo_com-21127336.gif"
content-type: image/gif
vary: Origin
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 19:27:44 GMT
server: fife
content-length: 17461
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f4a7ae3d8922bcbfb1972b1ff65cd0c
b7cd2ef7d2cb9b411db5bc8747dd005b5526331d
6183728057474809916a32b77580317b6b46debeb108b72e3e1db5200eb46ea1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6183728057474809916A32B77580317B6B46DEBEB108B72E3E1DB5200EB46EA1"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6060
Expires: Sun, 02 Oct 2022 21:08:44 GMT
Date: Sun, 02 Oct 2022 19:27:44 GMT
Connection: keep-alive
fundingchoicesmessages.google.com/i/ca-pub-7902380995042594?ers=2
142.250.74.46200 OK 36 kB URL HTTP/2 fundingchoicesmessages.google.com/i/ca-pub-7902380995042594?ers=2
IP 142.250.74.46:0
Hash 405a11617a575b579f001152860627dd
b4d247956eac740b98cbf63846fbc43112ad1c3b
0fbec4e9f37ca4acb289569b8a8154f85409d23efceeb30304ac733ade8707b5
GET /i/ca-pub-7902380995042594?ers=2 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 02 Oct 2022 19:27:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-8jpctDe354mbutjBfRnhFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb7f2392dd816131e0001a76cb54e19
6416c2a788f016ff94f0a10616e443e47890e97f
517337577ada3f7f9e3da9c42ce722b5a760721d59a0404afdb2810fe252245e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122907465-1&cid=1838036448.1664738864&jid=1780203857&_u=IEBAAEAAAAAAAC~&z=1597799568
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122907465-1&cid=1838036448.1664738864&jid=1780203857&_u=IEBAAEAAAAAAAC~&z=1597799568
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-122907465-1&cid=1838036448.1664738864&jid=1780203857&_u=IEBAAEAAAAAAAC~&z=1597799568 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 19:27:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
horriblygeneratortwinkle.com/16cd39e02909688db9c23c5dad3b5910/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 horriblygeneratortwinkle.com/16cd39e02909688db9c23c5dad3b5910/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash a1c0d7e9ce73e1d0d08e3d3af00b3fe9
d77709e1fb8eb95a23d99d3c1eeeaf3fda359716
9a45c0e622ab4af6e71776c72c96f42db701eac0cc7520b6510a07875e202474
GET /16cd39e02909688db9c23c5dad3b5910/invoke.js HTTP/1.1
Host: horriblygeneratortwinkle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 19:27:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f059a1b15c1b6407bdddf25ce63aaaaf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fundingchoicesmessages.google.com/f/AGSKWxVrgsGmpJEEEL0SD_pmefYxprw4Qo5OdFHzCOvxdUin_500B76mEYV03yAPTHsb8WmMawLvH5Ebbi_0TlzFmlo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0NzM4ODY0LDYyNjAwMDAwMF0sIkMyQkZCMzc3LUFEM0ItNDkzMi1CNjBFLUFFMTA0NjlGNzBCMiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vY3ZkaW53d2UxLmJsb2dzcG90LmNvbS8yMDIxLzEyL3RyYW5zZm9ybWVycy1mYWxsLW9mLWN5YmVydHJhbi5odG1sIixudWxsLFtbOCwiWjZreXgzMDJ5MkEiXSxbOSwiZW4tVVMiXV1d
142.250.74.46200 OK 87 kB URL HTTP/2 fundingchoicesmessages.google.com/f/AGSKWxVrgsGmpJEEEL0SD_pmefYxprw4Qo5OdFHzCOvxdUin_500B76mEYV03yAPTHsb8WmMawLvH5Ebbi_0TlzFmlo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0NzM4ODY0LDYyNjAwMDAwMF0sIkMyQkZCMzc3LUFEM0ItNDkzMi1CNjBFLUFFMTA0NjlGNzBCMiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vY3ZkaW53d2UxLmJsb2dzcG90LmNvbS8yMDIxLzEyL3RyYW5zZm9ybWVycy1mYWxsLW9mLWN5YmVydHJhbi5odG1sIixudWxsLFtbOCwiWjZreXgzMDJ5MkEiXSxbOSwiZW4tVVMiXV1d
IP 142.250.74.46:0
Hash d9b0afb584c7119800eab159f6ceaa58
e47266cc9868aeb9fdb13da2539144a973a27b05
d564aea84be004145257d75003641833c1ace72b8167446d0fab46a5ad16f9f2
GET /f/AGSKWxVrgsGmpJEEEL0SD_pmefYxprw4Qo5OdFHzCOvxdUin_500B76mEYV03yAPTHsb8WmMawLvH5Ebbi_0TlzFmlo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0NzM4ODY0LDYyNjAwMDAwMF0sIkMyQkZCMzc3LUFEM0ItNDkzMi1CNjBFLUFFMTA0NjlGNzBCMiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vY3ZkaW53d2UxLmJsb2dzcG90LmNvbS8yMDIxLzEyL3RyYW5zZm9ybWVycy1mYWxsLW9mLWN5YmVydHJhbi5odG1sIixudWxsLFtbOCwiWjZreXgzMDJ5MkEiXSxbOSwiZW4tVVMiXV1d HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 02 Oct 2022 19:27:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-WQ0VSU84NTGlq4YU-k7xBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
horriblygeneratortwinkle.com/74/88/28/7488280e9cb4a64ec4c95a66625ad17f.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 horriblygeneratortwinkle.com/74/88/28/7488280e9cb4a64ec4c95a66625ad17f.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37145), with no line terminators
Hash e1e1aad249703ae45b5d165b3d5d0ffa
f254c1123cc71927f7f8054246a5f29408bda4e6
c24a9a50d33c6f26f2485691f437ebfef99badf622355932194b336b5982820b
GET /74/88/28/7488280e9cb4a64ec4c95a66625ad17f.js HTTP/1.1
Host: horriblygeneratortwinkle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 19:27:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d95256af88a465615c40a689df0968fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
horriblygeneratortwinkle.com/16cd39e02909688db9c23c5dad3b5910/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 horriblygeneratortwinkle.com/16cd39e02909688db9c23c5dad3b5910/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash c113cee8c42c21185de6aae21c96927a
2c77193469881345b9e4ecc589a324849a1b12b4
4f00924c542de19fc6ed8e15fa0606e8c3bc546db159e346ccb1a9861e64245e
GET /16cd39e02909688db9c23c5dad3b5910/invoke.js HTTP/1.1
Host: horriblygeneratortwinkle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 19:27:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 24ca83449617320ad96f1916327c413a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
18.165.196.178200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.178:0
Hash 606c558669146ba6d99d416b814455a8
9c49aea5039dcfdf01abba48f538350cf87f05ab
83b80756cb4f138174ba1020c487b4d10b6153bc994aba5b2d2ada322892da55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 19:27:45 GMT
Last-Modified: Sun, 02 Oct 2022 18:22:22 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 543bd78e28d38334d97d31a1d7aded16.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: JLj4HZgzqMYe_OcKPHVmeBA_S7SkJzhDBN5KHK5oO3M4z53TD0kfBw==
Age: 3923
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash a949f966279eb1f722d718f91fa9eef9
5ba898ab613af5bd97919f71a4e5a6cb83e0dac1
2e0f0af45357eb590fabd8c43be1b6a030dc1325ce1892820ec2c53b1a4e7bbd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cvdinwwe1.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a:3:1; expires=Wed, 29 Sep 2032 19:27:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 45a5ef39a6b27b266ed5d8fc8e57d350
320297688708204b227b7c879701ae07462cf4fc
c10e84c64a93edf97b401146c6b4e3450041a0332796e9da3e5aabb5aee05dc3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cvdinwwe1.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; expires=Wed, 29 Sep 2032 19:27:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/assoc.js
13.249.251.38404 Not Found 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/assoc.js
IP 13.249.251.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aax2/assoc.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: application/javascript
content-length: 0
date: Sun, 02 Oct 2022 19:27:43 GMT
server: Server
content-encoding: gzip
x-amz-rid: 1AW7VACNZPTKMH3S6DRH
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 c79c2a81ac4d9188a11e797e452b6892.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: h_-r6yfhkQdoC8ER1GbP3WTd6x3bQI07YInE6DG7rCYxJo005jCsoQ==
age: 1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 611685257b784bde479adb6468d27171
2fb054504ef474ea0bdd5e84a02f3246f5aab8cb
fd671d6902c6bd81bd494e819a63ee3a461d0a1d533c91ce11b1978ea3085cbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1269
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:45 GMT
Last-Modified: Sun, 02 Oct 2022 19:06:36 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
blogger.googleusercontent.com/img/a/AVvXsEg0LStGo35t7XDLiVtx7kjzHZMHWPKz6BnET_3k5LbnMS5vTs-x-sShLKpXT4Sa5uaaviKDHCfQXakpvzkD-4-hYVQ65fxI-5tRvzkHRPljiBwJZL2VGTxJ7HcR7cW38SJk6LfdqaozNQ86GsEHAsH0BGheNleRvxxBQ1fQmXSHAQcNyLBS_fipG0CxmA=s72-c
142.250.74.33200 OK 5.0 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEg0LStGo35t7XDLiVtx7kjzHZMHWPKz6BnET_3k5LbnMS5vTs-x-sShLKpXT4Sa5uaaviKDHCfQXakpvzkD-4-hYVQ65fxI-5tRvzkHRPljiBwJZL2VGTxJ7HcR7cW38SJk6LfdqaozNQ86GsEHAsH0BGheNleRvxxBQ1fQmXSHAQcNyLBS_fipG0CxmA=s72-c
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c176a44e78c35e00d99e96092db9a490
32e557fb1221c4379420798d96084904c92c44c8
aa64614b3b7b5ce9a851de4e3b1acbc173dd36ab093715e8dc57072a6665f6bf
GET /img/a/AVvXsEg0LStGo35t7XDLiVtx7kjzHZMHWPKz6BnET_3k5LbnMS5vTs-x-sShLKpXT4Sa5uaaviKDHCfQXakpvzkD-4-hYVQ65fxI-5tRvzkHRPljiBwJZL2VGTxJ7HcR7cW38SJk6LfdqaozNQ86GsEHAsH0BGheNleRvxxBQ1fQmXSHAQcNyLBS_fipG0CxmA=s72-c HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1515"
expires: Mon, 03 Oct 2022 19:27:45 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="transformers-fall-of-cybertron-pc-cover-www.ovagames.com.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 19:27:45 GMT
server: fife
content-length: 4983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 45a5ef39a6b27b266ed5d8fc8e57d350
320297688708204b227b7c879701ae07462cf4fc
c10e84c64a93edf97b401146c6b4e3450041a0332796e9da3e5aabb5aee05dc3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Cookie: uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cvdinwwe1.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEg0LStGo35t7XDLiVtx7kjzHZMHWPKz6BnET_3k5LbnMS5vTs-x-sShLKpXT4Sa5uaaviKDHCfQXakpvzkD-4-hYVQ65fxI-5tRvzkHRPljiBwJZL2VGTxJ7HcR7cW38SJk6LfdqaozNQ86GsEHAsH0BGheNleRvxxBQ1fQmXSHAQcNyLBS_fipG0CxmA=s16000
142.250.74.33200 OK 46 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEg0LStGo35t7XDLiVtx7kjzHZMHWPKz6BnET_3k5LbnMS5vTs-x-sShLKpXT4Sa5uaaviKDHCfQXakpvzkD-4-hYVQ65fxI-5tRvzkHRPljiBwJZL2VGTxJ7HcR7cW38SJk6LfdqaozNQ86GsEHAsH0BGheNleRvxxBQ1fQmXSHAQcNyLBS_fipG0CxmA=s16000
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 11x11, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 400x187, components 3\012- data
Hash 61bbc852552508d6453e596898187139
91fb571682c5856a2d938d50ede2a00b5ed2e449
86c533760908096cbaf1d13f3516d200a494abdfede9ad3cd86907b7309b0fc7
GET /img/a/AVvXsEg0LStGo35t7XDLiVtx7kjzHZMHWPKz6BnET_3k5LbnMS5vTs-x-sShLKpXT4Sa5uaaviKDHCfQXakpvzkD-4-hYVQ65fxI-5tRvzkHRPljiBwJZL2VGTxJ7HcR7cW38SJk6LfdqaozNQ86GsEHAsH0BGheNleRvxxBQ1fQmXSHAQcNyLBS_fipG0CxmA=s16000 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1515"
expires: Mon, 03 Oct 2022 19:27:45 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="transformers-fall-of-cybertron-pc-cover-www.ovagames.com.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 19:27:45 GMT
server: fife
content-length: 45863
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.popcash.net/show.js
151.139.128.11200 OK 36 kB IP 151.139.128.11:0
File type ASCII text, with very long lines (65387)
Hash 67006a1f5f35b63343332cbfec97cd85
9d5be86bebf78c5bc3aee39e74ced6631939ab5c
f82f11a982dc0602cdef4bc9eccfd26637a8b9bdd504a456a93426a376fff60b
GET /show.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-encoding: br
content-length: 36402
content-type: application/javascript
last-modified: Tue, 05 Jul 2022 13:28:20 GMT
accept-ranges: bytes
etag: W/"62c43c74-1b189"
cache-control: max-age=2592000, public
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUwmSZ8jvagq9rT3laa5kdGAHTfTjtwSj%2BwydgCY8vz8Q2kuNQa0WJW0RlGhy%2BSc3FWh9O8omX33%2FtJFewrhiomS%2BLyvc9RfhLE64gY4AyMS2ld9GkMRNXLDVnwq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 72f659fe7a21be38-CPH
vary: Accept-Encoding
x-hw: 1664738865.cds069.sk1.hn,1664738865.cds015.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
store.steampowered.com/widget/1177000/
23.38.201.66200 OK 1.5 kB URL HTTP/1.1 store.steampowered.com/widget/1177000/
IP 23.38.201.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash a91d919aeb37958ee6642cbce8814039
6458e3e87e849b59a7e524eb531fcdbde4aebc3c
b8724adb9fefe3aea5781c2515accf9316f3a43f85a723e15a81327fd05f6d0e
GET /widget/1177000/ HTTP/1.1
Host: store.steampowered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://store.cloudflare.steamstatic.com/ https://store.cloudflare.steamstatic.com/ *.google-analytics.com https://www.gstatic.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com https://steamcommunity-a.akamaihd.net; object-src 'none'; connect-src 'self' http://store.steampowered.com https://store.steampowered.com http://127.0.0.1:27060 ws://127.0.0.1:27060 https://community.cloudflare.steamstatic.com/ https://steamcommunity.com/ https://steamcommunity.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.steamstatic.com https://*.steamcontent.com https://*.valvesoftware.com https://*.steambeta.net https://*.cqloud.com https://steambroadcast.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net https://api.steampowered.com https://steamvideo-a.akamaihd.net https://video.st.dl.eccdnx.com https://vd.queniujq.cn https://sketchfab.com; frame-src 'self' steam: http://www.youtube.com https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://steamcommunity.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://steamcommunity.com/ embed.nicovideo.jp www.escapistmagazine.com player.youku.com www.bilibili.com https://medal.tv;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: private,max-age=600
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Length: 1459
Date: Sun, 02 Oct 2022 19:27:45 GMT
Connection: keep-alive
Set-Cookie: sessionid=c03be33aff33beb5862086df; Path=/; Secure; SameSite=None
store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=98EH125OAv_P&l=english&_cdn=cloudflare
172.64.150.233200 OK 21 kB URL HTTP/2 store.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=98EH125OAv_P&l=english&_cdn=cloudflare
IP 172.64.150.233:0
File type ASCII text, with very long lines (4303), with CRLF, LF line terminators
Hash 2d2457c1ac7fb07f170a3afd34e726ba
e4e1d5ce10ceeda996b6d7bc0b42bb63fb573a70
54fee9bda4ecb9978358f7878dba94b35883edb516a08f7f5113b169bf6fb435
GET /public/shared/css/shared_global.css?v=98EH125OAv_P&l=english&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.steampowered.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/css;charset=UTF-8
content-length: 20652
cache-control: public,max-age=15552000
expires: Sun, 05 Mar 2023 23:59:48 GMT
etag: "98EH125OAv_P"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=300
x-cache: HIT
cf-cache-status: HIT
age: 2230076
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65588f71c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/css/styles_storev5.css?v=nxADlK73B7_Q&l=english&_cdn=cloudflare
172.64.150.233200 OK 11 kB URL HTTP/2 store.cloudflare.steamstatic.com/public/css/styles_storev5.css?v=nxADlK73B7_Q&l=english&_cdn=cloudflare
IP 172.64.150.233:0
File type ASCII text, with CRLF line terminators
Hash 74523ff491552e81101553e2daf533be
a5ddb3dd170d40ebcc9d231766c693e93ba6e5d4
d89136d9aaf12ac9f1a913d902d2c03ebc33df707debda205d13b3ee1b471115
GET /public/css/styles_storev5.css?v=nxADlK73B7_Q&l=english&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.steampowered.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/css;charset=UTF-8
content-length: 11354
cache-control: public,max-age=15552000
expires: Wed, 24 Aug 2022 01:10:38 GMT
etag: "nxADlK73B7_Q"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=300
x-cache: MISS
cf-cache-status: HIT
age: 10182982
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65588fd1c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/css/styles_widget.css?v=EdUe4UoNgES6&l=english&_cdn=cloudflare
172.64.150.233200 OK 1.3 kB URL HTTP/2 store.cloudflare.steamstatic.com/public/css/styles_widget.css?v=EdUe4UoNgES6&l=english&_cdn=cloudflare
IP 172.64.150.233:0
File type ASCII text, with CRLF, LF line terminators
Hash 3245fea45d4bc40170853b1ae415828b
1519d6331057b4246040d71475aca2e0909a80eb
de06a6c71ff7d7dd128611503964bdcdb772976409c5e0340022e41f6964da6d
GET /public/css/styles_widget.css?v=EdUe4UoNgES6&l=english&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.steampowered.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/css;charset=UTF-8
content-length: 1309
cache-control: public,max-age=15552000
expires: Tue, 23 Aug 2022 14:32:24 GMT
etag: "EdUe4UoNgES6"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=300
x-cache: MISS
cf-cache-status: HIT
age: 10188105
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65599121c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/css/styles_linux.css?v=.srZuTsIiIsbq&_cdn=cloudflare
172.64.150.233200 OK 128 B URL HTTP/2 store.cloudflare.steamstatic.com/public/css/styles_linux.css?v=.srZuTsIiIsbq&_cdn=cloudflare
IP 172.64.150.233:0
File type ASCII text, with CRLF line terminators
Hash 89abdc7b0288630d4514473e5cc07549
b4b35e9d148cc78c591ef05420125824a0220764
3b80840b3457867ce5451fec8a5a4ea6c01c6c1327f57d287793ce1104f98909
GET /public/css/styles_linux.css?v=.srZuTsIiIsbq&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.steampowered.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/css;charset=UTF-8
content-length: 128
cache-control: public,max-age=15552000
expires: Sun, 24 Jul 2022 07:57:39 GMT
etag: ".srZuTsIiIsbq"
last-modified: Fri, 05 Jan 2018 22:32:01 GMT
content-encoding: gzip
strict-transport-security: max-age=300
x-cache: MISS
cf-cache-status: HIT
age: 14481468
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65599171c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare
172.64.150.233200 OK 33 kB URL HTTP/2 store.cloudflare.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare
IP 172.64.150.233:0
File type ASCII text, with very long lines (65482), with CRLF line terminators
Hash e13edde4a25e96e573f37bdd11e020aa
84a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2
45b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515
GET /public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.steampowered.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/javascript;charset=UTF-8
content-length: 33382
cache-control: public,max-age=15552000
expires: Sun, 24 Jul 2022 07:57:15 GMT
etag: ".TZ2NKhB-nliU"
last-modified: Fri, 05 Jan 2018 22:31:56 GMT
content-encoding: gzip
strict-transport-security: max-age=300
x-cache: MISS
cf-cache-status: HIT
age: 13281163
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd655a9231c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=english&_cdn=cloudflare
172.64.150.233200 OK 633 B URL HTTP/2 store.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=english&_cdn=cloudflare
IP 172.64.150.233:0
File type ASCII text, with CRLF line terminators
Hash 06a812c03067dae80683d46bc7ad784f
43d1468c7003d465fe88362caedb5fd5f65c3929
8f21e1e110ed44231e1eef04028fc995ddc3d698cac037c6995cfa09381bb5ba
GET /public/shared/css/motiva_sans.css?v=2C1Oh9QFVTyK&l=english&_cdn=cloudflare HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.steampowered.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: text/css;charset=UTF-8
content-length: 633
cache-control: public,max-age=15552000
expires: Sat, 23 Jul 2022 06:26:56 GMT
etag: "2C1Oh9QFVTyK"
last-modified: Sun, 09 Sep 2001 01:46:40 GMT
content-encoding: gzip
strict-transport-security: max-age=300
x-cache: MISS
cf-cache-status: HIT
age: 10183029
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd655a91b1c0a-OSL
X-Firefox-Spdy: h2
cdn.cloudflare.steamstatic.com/steam/apps/1177000/capsule_184x69.jpg?t=1655806689
172.64.150.233200 OK 13 kB URL HTTP/2 cdn.cloudflare.steamstatic.com/steam/apps/1177000/capsule_184x69.jpg?t=1655806689
IP 172.64.150.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 184x69, components 3\012- data
Hash ae8c38629d0c4909a4f1c00fb2541e9b
e30304e6ceba45aa9d5695238a86ed697f0d7b9d
ed42b0d8aec8426191f69a8e33cf715b78277117d6efc333fba8fe7ea916a339
GET /steam/apps/1177000/capsule_184x69.jpg?t=1655806689 HTTP/1.1
Host: cdn.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.steampowered.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: image/jpeg
content-length: 12711
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-bgj: h2pri
etag: "5f6c60d9-31a7"
expires: Wed, 05 Oct 2022 19:00:36 GMT
last-modified: Thu, 24 Sep 2020 09:03:21 GMT
cf-cache-status: HIT
age: 286152
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd655a92a1c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/images/v6/steam_ico.png
172.64.150.233200 OK 2.1 kB URL HTTP/2 store.cloudflare.steamstatic.com/public/images/v6/steam_ico.png
IP 172.64.150.233:0
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash f17097804947f145fdebf26f2c2deebc
fa8fc8cb8b1b981c123aff7eed83762329f72516
44abc0a159ae3dbface6ecec68447d666168e623e1045a077574c160f256563b
GET /public/images/v6/steam_ico.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/public/css/styles_widget.css?v=EdUe4UoNgES6&l=english&_cdn=cloudflare
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: image/png
content-length: 2080
last-modified: Fri, 05 Jan 2018 22:32:03 GMT
etag: "5a4ffce3-820"
strict-transport-security: max-age=300
x-cache: MISS
cf-cache-status: HIT
age: 1926
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65629b71c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/images/v5/platforms/platform_win.png
172.64.150.233200 OK 677 B URL HTTP/2 store.cloudflare.steamstatic.com/public/images/v5/platforms/platform_win.png
IP 172.64.150.233:0
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash f542483ce7461f73097487fd50321cbe
d0157d4dfed23106ad51b311db201c63b5aa2930
b27d414876b8d3beb6fab660fe9b4c94606b18b798edd5540177e3031fa6d2cb
GET /public/images/v5/platforms/platform_win.png HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/public/css/styles_storev5.css?v=nxADlK73B7_Q&l=english&_cdn=cloudflare
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: image/png
content-length: 677
last-modified: Fri, 05 Jan 2018 22:32:03 GMT
etag: "5a4ffce3-2a5"
strict-transport-security: max-age=300
x-cache: MISS
cf-cache-status: HIT
age: 1926
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65629b91c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
172.64.150.233200 OK 123 kB URL HTTP/2 store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
IP 172.64.150.233:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 22 names, Macintosh, Copyright \251 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansRegular4.015;Plau;Motiva\012- data
Size 123 kB (122684 bytes)
Hash 57613e143ff3dae10f282e84a066de28
88756cc8c6db645b5f20aa17b14feefb4411c25f
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
GET /public/shared/fonts/MotivaSans-Regular.ttf?v=4.015 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://store.steampowered.com
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: application/octet-stream
content-length: 122684
last-modified: Tue, 28 Jul 2020 23:16:24 GMT
etag: "5f20b1c8-1df3c"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 4837
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65629bf1c0a-OSL
X-Firefox-Spdy: h2
store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Light.ttf?v=4.015
172.64.150.233200 OK 123 kB URL HTTP/2 store.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Light.ttf?v=4.015
IP 172.64.150.233:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 24 names, Macintosh, Copyright \251 2012, 2017, 2020 by Plau. All rights reserved.Motiva SansLight4.015;Plau;MotivaSa\012- data
Size 123 kB (122660 bytes)
Hash d45f521dba72b19a4096691a165b1990
2a08728fbb9229acccbf907efdf4091f9b9a232f
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
GET /public/shared/fonts/MotivaSans-Light.ttf?v=4.015 HTTP/1.1
Host: store.cloudflare.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://store.steampowered.com
Connection: keep-alive
Referer: https://store.cloudflare.steamstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: application/octet-stream
content-length: 122660
last-modified: Tue, 28 Jul 2020 23:16:24 GMT
etag: "5f20b1c8-1df24"
access-control-allow-origin: *
x-cache: MISS
cf-cache-status: HIT
age: 4818
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65629c01c0a-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 3fd97ca46b84e67f19681829d6420ac3
d53cbd7e33d14a0d2ad97cc359faa31c63bab6ab
58011c430ff47f43653b83171bc3489294d222748b7a297eb7781efea9900479
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 19:27:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 06 Oct 2022 17:32:50 GMT
ETag: "d53cbd7e33d14a0d2ad97cc359faa31c63bab6ab"
Last-Modified: Sun, 02 Oct 2022 17:32:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 637
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753fd6565b810b3d-OSL
dcba.popcash.net/znWaa3gu
52.71.67.32204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP 52.71.67.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 02 Oct 2022 19:27:45 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43a40f4dcfc6dcdfc246d2ceef0aa4c0
19703468d5007226843a14bafad4c0ef37d09d15
7471613b5efd78239e215efb00198b3d11ffdb7130140b42c07233fc1c881dca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7471613B5EFD78239E215EFB00198B3D11FFDB7130140B42C07233FC1C881DCA"
Last-Modified: Sat, 01 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Sun, 02 Oct 2022 22:24:58 GMT
Date: Sun, 02 Oct 2022 19:27:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 20698a993ec2fa172d8e729e8d3e82a8
d134aad236c3830af9da79e9b8e08da84b3ddfa1
3f417cae6ea777edac88a6553915d8f3f944b76e626b898b678f8684c11a37f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F417CAE6EA777EDAC88A6553915D8F3F944B76E626B898B678F8684C11A37F7"
Last-Modified: Fri, 30 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15756
Expires: Sun, 02 Oct 2022 23:50:21 GMT
Date: Sun, 02 Oct 2022 19:27:45 GMT
Connection: keep-alive
knockoutantipathy.com/watch.359572188811.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a%3A3%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 knockoutantipathy.com/watch.359572188811.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a%3A3%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.359572188811.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a%3A3%3A1 HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 19:27:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Origin: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://knockoutantipathy.com/watch.359572188811.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a%3A3%3A1&shu=b16fdb2535862925d8089258249b787fa2a951bffdd15d1d10edb73d66ae6b586cecf4f7f2f1172aac93b1f563b6524f33efa823f3530821854ce52f273565b087e83c8a88dc558d9b3a65828db61e8c0060ed&pst=1664738926&rmtc=t
Set-Cookie: u_pl=16768522; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjc2ODUyMiwiayI6IjE2Y2QzOWUwMjkwOTY4OGRiOWMyM2M1ZGFkM2I1OTEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE1MDg3LCJwaWQiOjMwMTk5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4Mmk0azByc3RtIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N2ZGlud3dlMS5ibG9nc3BvdC5jb20vMjAyMS8xMi90cmFuc2Zvcm1lcnMtZmFsbC1vZi1jeWJlcnRyYW4uaHRtbCJ9fQ.9F82ZlUdHdno5TScKpitSxITc-vbrv4VTqEuMOY_KkU; expires=Sun, 02 Oct 2022 19:28:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1229421427afd5fea08b5d1767ffc504
Strict-Transport-Security: max-age=0; includeSubdomains
woodbeesdainty.com/watch.1612100515933.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 woodbeesdainty.com/watch.1612100515933.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1612100515933.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1 HTTP/1.1
Host: woodbeesdainty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 19:27:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Origin: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://woodbeesdainty.com/watch.1612100515933.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1&shu=04abdc9f9617ceeda822d2e959d75984d56f3a320cc426d5123264237ad1608e89ab6676dc3e00452cc9ac4f69b763008c61f5d5abef0e6d34c493821672aae5fa6e3048d0f42ea996b9888a3644e9a1a6f425493039a7c3dce6a8b0cc9eb3&pst=1664738926&rmtc=t
Set-Cookie: u_pl=16768522; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjc2ODUyMiwiayI6IjE2Y2QzOWUwMjkwOTY4OGRiOWMyM2M1ZGFkM2I1OTEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE1MDg3LCJwaWQiOjMwMTk5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4Mmk0azByc3RtIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N2ZGlud3dlMS5ibG9nc3BvdC5jb20vMjAyMS8xMi90cmFuc2Zvcm1lcnMtZmFsbC1vZi1jeWJlcnRyYW4uaHRtbCJ9fQ.9F82ZlUdHdno5TScKpitSxITc-vbrv4VTqEuMOY_KkU; expires=Sun, 02 Oct 2022 19:28:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c3c0fafcf7f61755d16ffcbf5f832402
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 587f71117669eac939dc8f0b6dfb471a
63126f1b8d365a0ce5c1ca9cfd20da7c77e2781e
7b798f6ac56526e6441ac843e82b9000b443cb8970971fbc0f223a1f1304ac76
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B798F6AC56526E6441AC843E82B9000B443CB8970971FBC0F223A1F1304AC76"
Last-Modified: Sat, 01 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10175
Expires: Sun, 02 Oct 2022 22:17:21 GMT
Date: Sun, 02 Oct 2022 19:27:46 GMT
Connection: keep-alive
knockoutantipathy.com/watch.359572188811.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a%3A3%3A1&shu=b16fdb2535862925d8089258249b787fa2a951bffdd15d1d10edb73d66ae6b586cecf4f7f2f1172aac93b1f563b6524f33efa823f3530821854ce52f273565b087e83c8a88dc558d9b3a65828db61e8c0060ed&pst=1664738926&rmtc=t
192.243.61.227200 OK 2.1 kB URL HTTP/1.1 knockoutantipathy.com/watch.359572188811.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a%3A3%3A1&shu=b16fdb2535862925d8089258249b787fa2a951bffdd15d1d10edb73d66ae6b586cecf4f7f2f1172aac93b1f563b6524f33efa823f3530821854ce52f273565b087e83c8a88dc558d9b3a65828db61e8c0060ed&pst=1664738926&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2629)
Hash 72b7670c634f8e4004f8fbf2101730de
740e292c0dfbe97f0711892702d74a2a723a45bd
4c42d8b9361b99ec29ff197864bf3ba919570553c7a6907b05fb9b12d450f890
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.359572188811.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a%3A3%3A1&shu=b16fdb2535862925d8089258249b787fa2a951bffdd15d1d10edb73d66ae6b586cecf4f7f2f1172aac93b1f563b6524f33efa823f3530821854ce52f273565b087e83c8a88dc558d9b3a65828db61e8c0060ed&pst=1664738926&rmtc=t HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Referer: https://cvdinwwe1.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16768522; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjc2ODUyMiwiayI6IjE2Y2QzOWUwMjkwOTY4OGRiOWMyM2M1ZGFkM2I1OTEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE1MDg3LCJwaWQiOjMwMTk5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4Mmk0azByc3RtIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N2ZGlud3dlMS5ibG9nc3BvdC5jb20vMjAyMS8xMi90cmFuc2Zvcm1lcnMtZmFsbC1vZi1jeWJlcnRyYW4uaHRtbCJ9fQ.9F82ZlUdHdno5TScKpitSxITc-vbrv4VTqEuMOY_KkU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 19:27:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Origin: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=666d6f9c-d81f-4f1e-b69f-b2c0ea3c094a:3:1; expires=Sun, 09 Oct 2022 19:27:46 GMT; secure; SameSite=None
iprc2bcdaefb84b7fa7a2bbabddfbcccb495=3569808; expires=Sun, 02 Oct 2022 23:27:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fffe570cf272b06f672e35463cb8ae6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
woodbeesdainty.com/watch.1612100515933.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1&shu=04abdc9f9617ceeda822d2e959d75984d56f3a320cc426d5123264237ad1608e89ab6676dc3e00452cc9ac4f69b763008c61f5d5abef0e6d34c493821672aae5fa6e3048d0f42ea996b9888a3644e9a1a6f425493039a7c3dce6a8b0cc9eb3&pst=1664738926&rmtc=t
192.243.59.12200 OK 2.1 kB URL HTTP/1.1 woodbeesdainty.com/watch.1612100515933.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1&shu=04abdc9f9617ceeda822d2e959d75984d56f3a320cc426d5123264237ad1608e89ab6676dc3e00452cc9ac4f69b763008c61f5d5abef0e6d34c493821672aae5fa6e3048d0f42ea996b9888a3644e9a1a6f425493039a7c3dce6a8b0cc9eb3&pst=1664738926&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2652)
Hash f8960ec025802f05380d1c28976adaf6
65c396eda97407fabf08761e60e29195342fc56c
81c4d6484952de6602b5d20deccd66165ebd75b393981081f30e7d73347eec76
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1612100515933.js?key=16cd39e02909688db9c23c5dad3b5910&kw=%5B%22transformers%22%2C%22fall%22%2C%22of%22%2C%22cybertran%22%2C%22-%22%2C%22cvdinwwe%22%5D&refer=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&tz=0&dev=r&res=12.31&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1&shu=04abdc9f9617ceeda822d2e959d75984d56f3a320cc426d5123264237ad1608e89ab6676dc3e00452cc9ac4f69b763008c61f5d5abef0e6d34c493821672aae5fa6e3048d0f42ea996b9888a3644e9a1a6f425493039a7c3dce6a8b0cc9eb3&pst=1664738926&rmtc=t HTTP/1.1
Host: woodbeesdainty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Referer: https://cvdinwwe1.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16768522; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjc2ODUyMiwiayI6IjE2Y2QzOWUwMjkwOTY4OGRiOWMyM2M1ZGFkM2I1OTEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE1MDg3LCJwaWQiOjMwMTk5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4Mmk0azByc3RtIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N2ZGlud3dlMS5ibG9nc3BvdC5jb20vMjAyMS8xMi90cmFuc2Zvcm1lcnMtZmFsbC1vZi1jeWJlcnRyYW4uaHRtbCJ9fQ.9F82ZlUdHdno5TScKpitSxITc-vbrv4VTqEuMOY_KkU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 19:27:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Origin: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; expires=Sun, 09 Oct 2022 19:27:46 GMT; secure; SameSite=None
iprc2bcdaefb84b7fa7a2bbabddfbcccb495=3569808; expires=Sun, 02 Oct 2022 23:27:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dbcad7a3591226a0c1904f78573767f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3ac6b2ffa7527d2b4a73da615e7c2e6d
23510e23ed963463bd5b401f5a4b865015cf72a7
e6c40842ed4f61767f82457728ff9a8ef2bc92ffd74b4e70c1fd32553f3efdcf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6C40842ED4F61767F82457728FF9A8EF2BC92FFD74B4E70C1FD32553F3EFDCF"
Last-Modified: Fri, 30 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7725
Expires: Sun, 02 Oct 2022 21:36:31 GMT
Date: Sun, 02 Oct 2022 19:27:46 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
45.133.44.10200 OK 106 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105910 bytes)
Hash a36b92bb68d9b579458560ba9b94862a
782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:46 GMT
content-type: image/png
content-length: 105910
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Tue, 04 Oct 2022 19:27:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
selfemployedbalconycane.com/sbar.json?key=7488280e9cb4a64ec4c95a66625ad17f&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1
173.233.137.44200 OK 4.1 kB URL HTTP/1.1 selfemployedbalconycane.com/sbar.json?key=7488280e9cb4a64ec4c95a66625ad17f&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (5730), with no line terminators
Hash 16ba7cf6e599870418cbc4020816c485
8b98cec7e257ce6fbc8c5f555fc5b29976eddf39
11a93ee74b67cffee88b716dce3c12003cba1aab292d5734a0e1e15b6a4fdd75
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=7488280e9cb4a64ec4c95a66625ad17f&uuid=e8a7425f-166f-4b98-8cd8-00b7d60fb186%3A2%3A1 HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 19:27:46 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Origin: https://cvdinwwe1.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16770072; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; expires=Sun, 09 Oct 2022 19:27:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 03 Oct 2022 19:27:46 GMT; secure; SameSite=None
slec7488280e9cb4a64ec4c95a66625ad17f=[3240591]; expires=Sun, 02 Oct 2022 19:27:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e19cad0699aca0a1e4f757c261cb0cd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 174c21ecb45b3cde463b9b308ca8b063
d6c843951ba6a1559b7bf7c51142e0f505785a90
4da74b11c8732e27da70b8a24b46307f87692bd52f0d4e6fc359ef5a3a7f4080
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1676
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:46 GMT
Last-Modified: Sun, 02 Oct 2022 18:59:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
selfemployedbalconycane.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidtV0gUYFSECTQFRQg8Hl3b293jxQRIRhFOD8k%2FHUwOzN7GTy7s5rZvb24soiE0uWoadbv7FiBKIKGjgidI6WwhJSjcoErRI%2BQUiGB7mJx8DXfe%2FNe8ebNfLlTHRMXFT06f1FvSaXoWrfttl79xPPOtDZkXg1bwzj8NAzOtMzgzV7Ydl9rvSvYpl7zXc91PddrrUsjUj1cm4mQxb2e1%2B657cBve90AQ%2FN%2FbisHljrgg2PyPCSfrjx0TkGyCfLsu%2FPCbpa6eOOdrFK01AYDvv9hvpnrOke2gKlxkOb7J25o%2B3j9AXS%2BN48LPfjXmMgpcR49QJLvn4REMtid50wURI6EP4t6MIFQE0g6AdM3IfljAjCOS5eRZ3cuaVPTG09VOlOnZOXJn5D1lKz8egp5dv%2BcksPWNa2qUurcYpg2kMMJZH%2BCojpAubUEWR%2BAlV9A8p%2FJ2pMN5NnuZas0JD96RcQ0CvxuuuqFYboaJL14NWY8XnXdJOKhmyZeHM4LknICmU6gxAjULqGyDirpoEodVIWDjB%2B1mOd5kcsZdeMeYx0eiSTkrkej1KOeG8ao2OwOI5TFCEyNwMw2CrONTTmCqX6Cvd7A8iXYckqc97cx4A1qQVBbgpoS1JKgLgnqQbPHlfVtc4crWyXeyfZPdqcZ67K%2FQ%2Fd02Rc52SmOyXPz8v7%2B7QVsiqNWFMSxH7uix5KAhoFgAet1aRiGfpdyL0phZQNpl0Ctgy05JS%2B%2BfhuFnJKVr%2B8joQew6gBMLoNWL4HW48h3Qa%2BPg9jFVv4DG3CZ17Xw2onSfVvoss10Bq4bFOUKyhvOjjomp%2BeJPHMbgh2e%2FSy5OP3j7l9gpkFhGnwuHxL01a3xVV2T3au6tuT7y0UpM7lFZ099raSlWP7mPXGj1oZfOG9Hd99iM2EG730gbLlBcy7zviXfnpOcC7OuDRPkxwv2Y5Fcqez1c5XJq2LjytvrF7LCCGulziegckrIo0MwOSXP8Hr%2Bi09%2FtA5pJjBVg6w6JCcDqQ%2FAim3YYpHf6mUYtfAkhYO6asbGTxaHShIoseA0aWD%2Fw5MF3rG30Dcvg5Y3kWcNBqbBQDWgagRbLY%2FLwhye%2FaUzHyTKGSfKOLuJMuqrp%2BVaedSKOh2Xhr2uF0VUREngx2nocUr9IPTDkHZQ2inr%2Fe7%2FAwAA%2F%2F8BAAD%2F%2F7z7PaCQBAAA
173.233.137.44200 OK 7 B URL HTTP/1.1 selfemployedbalconycane.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidtV0gUYFSECTQFRQg8Hl3b293jxQRIRhFOD8k%2FHUwOzN7GTy7s5rZvb24soiE0uWoadbv7FiBKIKGjgidI6WwhJSjcoErRI%2BQUiGB7mJx8DXfe%2FNe8ebNfLlTHRMXFT06f1FvSaXoWrfttl79xPPOtDZkXg1bwzj8NAzOtMzgzV7Ydl9rvSvYpl7zXc91PddrrUsjUj1cm4mQxb2e1%2B657cBve90AQ%2FN%2FbisHljrgg2PyPCSfrjx0TkGyCfLsu%2FPCbpa6eOOdrFK01AYDvv9hvpnrOke2gKlxkOb7J25o%2B3j9AXS%2BN48LPfjXmMgpcR49QJLvn4REMtid50wURI6EP4t6MIFQE0g6AdM3IfljAjCOS5eRZ3cuaVPTG09VOlOnZOXJn5D1lKz8egp5dv%2BcksPWNa2qUurcYpg2kMMJZH%2BCojpAubUEWR%2BAlV9A8p%2FJ2pMN5NnuZas0JD96RcQ0CvxuuuqFYboaJL14NWY8XnXdJOKhmyZeHM4LknICmU6gxAjULqGyDirpoEodVIWDjB%2B1mOd5kcsZdeMeYx0eiSTkrkej1KOeG8ao2OwOI5TFCEyNwMw2CrONTTmCqX6Cvd7A8iXYckqc97cx4A1qQVBbgpoS1JKgLgnqQbPHlfVtc4crWyXeyfZPdqcZ67K%2FQ%2Fd02Rc52SmOyXPz8v7%2B7QVsiqNWFMSxH7uix5KAhoFgAet1aRiGfpdyL0phZQNpl0Ctgy05JS%2B%2BfhuFnJKVr%2B8joQew6gBMLoNWL4HW48h3Qa%2BPg9jFVv4DG3CZ17Xw2onSfVvoss10Bq4bFOUKyhvOjjomp%2BeJPHMbgh2e%2FSy5OP3j7l9gpkFhGnwuHxL01a3xVV2T3au6tuT7y0UpM7lFZ099raSlWP7mPXGj1oZfOG9Hd99iM2EG730gbLlBcy7zviXfnpOcC7OuDRPkxwv2Y5Fcqez1c5XJq2LjytvrF7LCCGulziegckrIo0MwOSXP8Hr%2Bi09%2FtA5pJjBVg6w6JCcDqQ%2FAim3YYpHf6mUYtfAkhYO6asbGTxaHShIoseA0aWD%2Fw5MF3rG30Dcvg5Y3kWcNBqbBQDWgagRbLY%2FLwhye%2FaUzHyTKGSfKOLuJMuqrp%2BVaedSKOh2Xhr2uF0VUREngx2nocUr9IPTDkHZQ2inr%2Fe7%2FAwAA%2F%2F8BAAD%2F%2F7z7PaCQBAAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidtV0gUYFSECTQFRQg8Hl3b293jxQRIRhFOD8k%2FHUwOzN7GTy7s5rZvb24soiE0uWoadbv7FiBKIKGjgidI6WwhJSjcoErRI%2BQUiGB7mJx8DXfe%2FNe8ebNfLlTHRMXFT06f1FvSaXoWrfttl79xPPOtDZkXg1bwzj8NAzOtMzgzV7Ydl9rvSvYpl7zXc91PddrrUsjUj1cm4mQxb2e1%2B657cBve90AQ%2FN%2FbisHljrgg2PyPCSfrjx0TkGyCfLsu%2FPCbpa6eOOdrFK01AYDvv9hvpnrOke2gKlxkOb7J25o%2B3j9AXS%2BN48LPfjXmMgpcR49QJLvn4REMtid50wURI6EP4t6MIFQE0g6AdM3IfljAjCOS5eRZ3cuaVPTG09VOlOnZOXJn5D1lKz8egp5dv%2BcksPWNa2qUurcYpg2kMMJZH%2BCojpAubUEWR%2BAlV9A8p%2FJ2pMN5NnuZas0JD96RcQ0CvxuuuqFYboaJL14NWY8XnXdJOKhmyZeHM4LknICmU6gxAjULqGyDirpoEodVIWDjB%2B1mOd5kcsZdeMeYx0eiSTkrkej1KOeG8ao2OwOI5TFCEyNwMw2CrONTTmCqX6Cvd7A8iXYckqc97cx4A1qQVBbgpoS1JKgLgnqQbPHlfVtc4crWyXeyfZPdqcZ67K%2FQ%2Fd02Rc52SmOyXPz8v7%2B7QVsiqNWFMSxH7uix5KAhoFgAet1aRiGfpdyL0phZQNpl0Ctgy05JS%2B%2BfhuFnJKVr%2B8joQew6gBMLoNWL4HW48h3Qa%2BPg9jFVv4DG3CZ17Xw2onSfVvoss10Bq4bFOUKyhvOjjomp%2BeJPHMbgh2e%2FSy5OP3j7l9gpkFhGnwuHxL01a3xVV2T3au6tuT7y0UpM7lFZ099raSlWP7mPXGj1oZfOG9Hd99iM2EG730gbLlBcy7zviXfnpOcC7OuDRPkxwv2Y5Fcqez1c5XJq2LjytvrF7LCCGulziegckrIo0MwOSXP8Hr%2Bi09%2FtA5pJjBVg6w6JCcDqQ%2FAim3YYpHf6mUYtfAkhYO6asbGTxaHShIoseA0aWD%2Fw5MF3rG30Dcvg5Y3kWcNBqbBQDWgagRbLY%2FLwhye%2FaUzHyTKGSfKOLuJMuqrp%2BVaedSKOh2Xhr2uF0VUREngx2nocUr9IPTDkHZQ2inr%2Fe7%2FAwAA%2F%2F8BAAD%2F%2F7z7PaCQBAAA HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Cookie: u_pl=16770072; uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7488280e9cb4a64ec4c95a66625ad17f=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 19:27:46 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ead6987440b9d2272adc9031287ce52b
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7285
Expires: Sun, 02 Oct 2022 21:29:12 GMT
Date: Sun, 02 Oct 2022 19:27:47 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7285
Expires: Sun, 02 Oct 2022 21:29:12 GMT
Date: Sun, 02 Oct 2022 19:27:47 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7285
Expires: Sun, 02 Oct 2022 21:29:12 GMT
Date: Sun, 02 Oct 2022 19:27:47 GMT
Connection: keep-alive
selfemployedbalconycane.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Findex.html&l=1384&fd=657
173.233.137.44200 OK 0 B URL HTTP/1.1 selfemployedbalconycane.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Findex.html&l=1384&fd=657
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Findex.html&l=1384&fd=657 HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Cookie: u_pl=16770072; uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7488280e9cb4a64ec4c95a66625ad17f=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 19:27:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png
172.64.200.2200 OK 27 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png
IP 172.64.200.2:0
File type PNG image data, 400 x 390, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f627dde2b8596dbd62eb42b76c8e6ba
15cf8a62eab44beffb02d9de51a3a18964a8fb62
8208316116f1f38051a9785616a403519015174b65db5f652cb2dae02ffe8491
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:47 GMT
content-type: image/png
content-length: 27328
last-modified: Wed, 03 Aug 2022 08:48:26 GMT
etag: "62ea365a-6ac0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5217800
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRrL9AnbGaCcA7anHmJjVqExdWXlQO3vHfg6m7mJqLkZJDQWfBMzcm%2FXWfUo3tHjem%2ByFAVHv8c5wzs0vgpQWKioinF5P%2FdOs68iLvAVTG61G7Um1Sz2vFgekaTFF2Caytk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd662fe9b76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b2fd94fd0b2607df5a0aa20419566b7
65f275db36cda005a73cf806b613eefbbee602c9
78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7285
Expires: Sun, 02 Oct 2022 21:29:12 GMT
Date: Sun, 02 Oct 2022 19:27:47 GMT
Connection: keep-alive
selfemployedbalconycane.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=362
173.233.137.44200 OK 0 B URL HTTP/1.1 selfemployedbalconycane.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=362
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=362 HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Cookie: u_pl=16770072; uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7488280e9cb4a64ec4c95a66625ad17f=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 19:27:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
selfemployedbalconycane.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=390
173.233.137.44200 OK 0 B URL HTTP/1.1 selfemployedbalconycane.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=390
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=390 HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Cookie: u_pl=16770072; uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7488280e9cb4a64ec4c95a66625ad17f=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 19:27:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.yourwebbars.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html
172.67.74.218200 OK 1.8 kB URL HTTP/2 cdn.yourwebbars.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html
IP 172.67.74.218:0
File type HTML document text\012- HTML document, ASCII text
Hash d5ed4503ba3b74098ed0c31f4eae29da
b3802836e12da2414e88cc11cd7560b4c3ebb2c8
08faecbc91547d28faf9a820341932c5d06a8022e675f4dc1973f8700de70dee
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:47 GMT
content-type: text/html
last-modified: Wed, 02 Feb 2022 09:47:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuJ66ehPsn8%2FECVCfo7N%2Bsc3r8OASlG9%2BKK7g5zgPRgUk41FmhSKT%2BNkTl2Kwa1qD%2BXr9LHQ%2B5fE7z6pQ9gUF2yrGoQ2zVMwoQQWUdizDDbA1m8YQCNKJ0WxfMBZeO5mfAPdOkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd65e4e7a1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css
172.64.200.2200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css
IP 172.64.200.2:0
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:47 GMT
content-type: text/css
last-modified: Wed, 07 Jul 2021 10:20:58 GMT
etag: W/"60e5800a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9WfRQfwA%2FA77WLGn8Wa2y3kEfk1ROgU0JaK9S4wCVA1pvt1nOOu0BkIkXqDk8uezsplOYangL5t%2FEXRE5a3afIrOFlcxLmpX7AHLGhtU5OSR6IQO%2FznupPKIerTvXLimPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd662de4576f5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
selfemployedbalconycane.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidtV0gUYFSECTQFRQg8Hn3vLe3R4qIEIwinB8S%2FjqYvz0Pnt1Zzezenl1ZRELpctQ063d2rEAUQUNHhM6RUlhCylG5wBWiR0ipkEB3sTj4mu%2B9ea9482a%2B3C1PiI%2BSHl%2B8bLaV1nSl3fQbr34SBOca6yorB41BHH0ahecatv9mN2r6rzXelXzTrLT8wPcDP2isKSsTM1iZilD5vW7Q7PrNsNUM2iEG9v%2FclR4c9SD6J%2BR5KDFZeuidgeJjZOl3F6XbLEz%2BxjtpqWlhLPri4MNsMzNVhnQOE%2BshyQ5O3TDu8doDmGx%2FFhem%2F6%2BRqQnxHj0Ayw5OQ4L192Y5mYbMwMSzqPpjSD2GomNwcxNKPCYAF7hyFVl654qxFd16qtKpOiFLT%2F6EqiZk6dczyNL7F7QaNG4YXRbKZA6DpIYajKF6Y%2BTlIYrtBajqELz4Akr8TFaerCNL9646baDE8Ssypp2w1U6WgyhKlkPWjZdjLuJl32cdEfkJC%2BJoVpBSY6hkDC2HoG4BpfNQKg9l4qHMPaTiuMGDIOj4glM%2F7nK%2BKjqSRcIPaCcJaOBHMUo%2BvcMQRT4E10Nwu4Pc7mBTDWHLn%2BA2ajixAFdMiPf%2BDvqiRiUJKkdQUYJKEVQFQdWv94V2LVffEdqVLDjdrdO9Wo9M0dul%2B6boyYzs5ifkuVl5f%2F%2F2AjblcaMTxnEr9mWXs5BGoeQh77ZpFEWtNhVBJ4FTNZRbAHUettWEvPj6beRqQpa%2Bvg9GD%2BH0IbhaBC1fAq1GnZYPujEKYx%2Fb2Q%2B8L1RWVTJoMm16LjdFk5sUwtTIiyUUW96uPiFnZ4kCexuSH53%2FjF2e%2FHH3L3BbI7c1PlcPCXr61ui6qcjedVM58v3VvFCp2qbTp75R0EIufvOe3KqMFZcuuuHdt%2FhUmMJ7H0hXrNNMqKznyLcXlBDSrhnLJfnxkvtYsmul27hQ2qzM16%2B9vXYpza10TplsDKomhDw6AlcT8oyoZr%2F47EdrUHYMW9ZIyyNyOlDmEDzfgcvn%2BZ1ZhNVzD8s9VGU9si02P9SKQMs5p6yG%2Bw9nc7zrbqFnXwYtbiJLa%2FRtjb6uQfUQrlwcFbk9Ov%2FL6mzAtDdi2np7TFv91dNynTpurPqiw2QiO0yG7TCRXLB2m%2Fk84WxVxDFH4Sa8%2B3vrHwAAAP%2F%2FAQAA%2F%2F88L%2BhIkAQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 selfemployedbalconycane.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidtV0gUYFSECTQFRQg8Hn3vLe3R4qIEIwinB8S%2FjqYvz0Pnt1Zzezenl1ZRELpctQ063d2rEAUQUNHhM6RUlhCylG5wBWiR0ipkEB3sTj4mu%2B9ea9482a%2B3C1PiI%2BSHl%2B8bLaV1nSl3fQbr34SBOca6yorB41BHH0ahecatv9mN2r6rzXelXzTrLT8wPcDP2isKSsTM1iZilD5vW7Q7PrNsNUM2iEG9v%2FclR4c9SD6J%2BR5KDFZeuidgeJjZOl3F6XbLEz%2BxjtpqWlhLPri4MNsMzNVhnQOE%2BshyQ5O3TDu8doDmGx%2FFhem%2F6%2BRqQnxHj0Ayw5OQ4L192Y5mYbMwMSzqPpjSD2GomNwcxNKPCYAF7hyFVl654qxFd16qtKpOiFLT%2F6EqiZk6dczyNL7F7QaNG4YXRbKZA6DpIYajKF6Y%2BTlIYrtBajqELz4Akr8TFaerCNL9646baDE8Ssypp2w1U6WgyhKlkPWjZdjLuJl32cdEfkJC%2BJoVpBSY6hkDC2HoG4BpfNQKg9l4qHMPaTiuMGDIOj4glM%2F7nK%2BKjqSRcIPaCcJaOBHMUo%2BvcMQRT4E10Nwu4Pc7mBTDWHLn%2BA2ajixAFdMiPf%2BDvqiRiUJKkdQUYJKEVQFQdWv94V2LVffEdqVLDjdrdO9Wo9M0dul%2B6boyYzs5ifkuVl5f%2F%2F2AjblcaMTxnEr9mWXs5BGoeQh77ZpFEWtNhVBJ4FTNZRbAHUettWEvPj6beRqQpa%2Bvg9GD%2BH0IbhaBC1fAq1GnZYPujEKYx%2Fb2Q%2B8L1RWVTJoMm16LjdFk5sUwtTIiyUUW96uPiFnZ4kCexuSH53%2FjF2e%2FHH3L3BbI7c1PlcPCXr61ui6qcjedVM58v3VvFCp2qbTp75R0EIufvOe3KqMFZcuuuHdt%2FhUmMJ7H0hXrNNMqKznyLcXlBDSrhnLJfnxkvtYsmul27hQ2qzM16%2B9vXYpza10TplsDKomhDw6AlcT8oyoZr%2F47EdrUHYMW9ZIyyNyOlDmEDzfgcvn%2BZ1ZhNVzD8s9VGU9si02P9SKQMs5p6yG%2Bw9nc7zrbqFnXwYtbiJLa%2FRtjb6uQfUQrlwcFbk9Ov%2FL6mzAtDdi2np7TFv91dNynTpurPqiw2QiO0yG7TCRXLB2m%2Fk84WxVxDFH4Sa8%2B3vrHwAAAP%2F%2FAQAA%2F%2F88L%2BhIkAQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRidtV0gUYFSECTQFRQg8Hn3vLe3R4qIEIwinB8S%2FjqYvz0Pnt1Zzezenl1ZRELpctQ063d2rEAUQUNHhM6RUlhCylG5wBWiR0ipkEB3sTj4mu%2B9ea9482a%2B3C1PiI%2BSHl%2B8bLaV1nSl3fQbr34SBOca6yorB41BHH0ahecatv9mN2r6rzXelXzTrLT8wPcDP2isKSsTM1iZilD5vW7Q7PrNsNUM2iEG9v%2FclR4c9SD6J%2BR5KDFZeuidgeJjZOl3F6XbLEz%2BxjtpqWlhLPri4MNsMzNVhnQOE%2BshyQ5O3TDu8doDmGx%2FFhem%2F6%2BRqQnxHj0Ayw5OQ4L192Y5mYbMwMSzqPpjSD2GomNwcxNKPCYAF7hyFVl654qxFd16qtKpOiFLT%2F6EqiZk6dczyNL7F7QaNG4YXRbKZA6DpIYajKF6Y%2BTlIYrtBajqELz4Akr8TFaerCNL9646baDE8Ssypp2w1U6WgyhKlkPWjZdjLuJl32cdEfkJC%2BJoVpBSY6hkDC2HoG4BpfNQKg9l4qHMPaTiuMGDIOj4glM%2F7nK%2BKjqSRcIPaCcJaOBHMUo%2BvcMQRT4E10Nwu4Pc7mBTDWHLn%2BA2ajixAFdMiPf%2BDvqiRiUJKkdQUYJKEVQFQdWv94V2LVffEdqVLDjdrdO9Wo9M0dul%2B6boyYzs5ifkuVl5f%2F%2F2AjblcaMTxnEr9mWXs5BGoeQh77ZpFEWtNhVBJ4FTNZRbAHUettWEvPj6beRqQpa%2Bvg9GD%2BH0IbhaBC1fAq1GnZYPujEKYx%2Fb2Q%2B8L1RWVTJoMm16LjdFk5sUwtTIiyUUW96uPiFnZ4kCexuSH53%2FjF2e%2FHH3L3BbI7c1PlcPCXr61ui6qcjedVM58v3VvFCp2qbTp75R0EIufvOe3KqMFZcuuuHdt%2FhUmMJ7H0hXrNNMqKznyLcXlBDSrhnLJfnxkvtYsmul27hQ2qzM16%2B9vXYpza10TplsDKomhDw6AlcT8oyoZr%2F47EdrUHYMW9ZIyyNyOlDmEDzfgcvn%2BZ1ZhNVzD8s9VGU9si02P9SKQMs5p6yG%2Bw9nc7zrbqFnXwYtbiJLa%2FRtjb6uQfUQrlwcFbk9Ov%2FL6mzAtDdi2np7TFv91dNynTpurPqiw2QiO0yG7TCRXLB2m%2Fk84WxVxDFH4Sa8%2B3vrHwAAAP%2F%2FAQAA%2F%2F88L%2BhIkAQAAA%3D%3D HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Cookie: u_pl=16770072; uid_id2=e8a7425f-166f-4b98-8cd8-00b7d60fb186:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec7488280e9cb4a64ec4c95a66625ad17f=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 19:27:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45724cc454ac79d6ba8923964d20faa3
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:48 GMT
Last-Modified: Sun, 02 Oct 2022 19:10:29 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js
172.64.200.2200 OK 1.9 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js
IP 172.64.200.2:0
Hash cc86732e59839b5f5440a22130152461
dc9aa4f5c2d6f694480621155c8c167b736ecdf4
23f19a4682fea41d94ba58ca40303a7ff84fbf88deb110b2e3756f2116e949dd
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:47 GMT
content-type: application/javascript
last-modified: Wed, 07 Jul 2021 10:21:07 GMT
etag: W/"60e58013-18d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahQJNQ9cyOlRODdDNzV8l%2FaGUw6Qzzc6Pt6FOY3lNCxbzV3Dr40OXZn3%2FDvrCISRPsUildc6TkFDJdhHuNBqOJVTKIrs989XbwZplE1Js6pStMMqk0ynDp8s0%2BGLxTgrImg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd662de4276f5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:27:48 GMT
Last-Modified: Sun, 02 Oct 2022 19:10:29 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
cvdinwwe.disqus.com/embed.js
151.101.84.134200 OK 24 kB URL HTTP/1.1 cvdinwwe.disqus.com/embed.js
IP 151.101.84.134:0
File type ASCII text, with very long lines (32091)
Hash 2c8128b1d89c4bb59049191bff21f081
041771700a86a19ef2b79a30988dbe882bda0926
066452ccddc6e2a7ebd4764917a98c0f2b193b84b1ba3d7243b0371ad36ccc29
GET /embed.js HTTP/1.1
Host: cvdinwwe.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 24124
Content-Type: application/javascript; charset=utf-8
Server: nginx
Last-Modified: Fri, 30 Sep 2022 08:47:51 GMT
ETag: "6336ad37-5e3c"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Amz-Cf-Pop: DFW55-C3
X-Amz-Cf-Id: _pHAA8PI33tNhBm_x6HkYdIL0SSKTeK2UWSmL5ZuLAFv7G8WLlYN0g==
Cache-Control: public, max-age=300
Date: Sun, 02 Oct 2022 19:27:48 GMT
Age: 141
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/fonts/SFUIDisplay-Regular.woff2
172.64.200.2200 OK 43 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/fonts/SFUIDisplay-Regular.woff2
IP 172.64.200.2:0
File type Web Open Font Format (Version 2), TrueType, length 42576, version 1.0\012- data
Hash 2a7d15a301e2045942980e8544ccfbb5
71adf9d8bcff90f86a96b1d21e847bf5d79b3c0e
474b4d7266171e03c8efcd904e8010bd8cb11a068d5e67b5450bc46d768a41e9
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/fonts/SFUIDisplay-Regular.woff2 HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:48 GMT
content-type: application/octet-stream
content-length: 42576
last-modified: Wed, 07 Jul 2021 10:21:01 GMT
etag: "60e5800d-a650"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peuQDc47aPdno8%2BwmhJSIh88A5dLCtrIPLSrYp2sCOEnYVnyZv%2BmwLnDzF2hDnC2nu37UFhrqYZBouzS1AmwJu3vKj%2BUEBUxXQEerw67BsS%2BrNd07plcBNZg3amR4PLsV%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd6658bdb76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=945d38493eab4042c9704e5bbbca8996
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=945d38493eab4042c9704e5bbbca8996
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash a933a24eaa7a6aada2023d098e9a201d
0fede9e422e24a7e656c80d5148f85cebe1a66d9
a926f6f4adcfccbed589c6a2af945440557082311a87e78342f4e9754e2cdeb4
GET /en_US/sdk.js?hash=945d38493eab4042c9704e5bbbca8996 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 5f576610c10f5228397b3824f6fd7c2f
etag: "4e35873f6e066a1f53edd743e0c46e63"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 02 Oct 2023 18:12:49 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: qTOiTqp6aq2iAj0JjpogHQ==
x-fb-debug: Pp+gUyO91gmTibyw8PM9h4G/Ju8e+KBHNpCrMvI+OogE/o+9/bEpizz9o3mOkpmvIXWz01gJIO5Mjw6yxiw8CQ==
content-length: 86929
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 19:27:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
disqus.com/embed/comments/?base=default&f=cvdinwwe&t_u=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&t_d=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&t_t=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&s_o=default
151.101.64.134200 OK 1.2 kB URL HTTP/1.1 disqus.com/embed/comments/?base=default&f=cvdinwwe&t_u=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&t_d=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&t_t=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&s_o=default
IP 151.101.64.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 3f40285a12d76079ad053b0c19b7275c
3a90febe624d2df9c3d84ce6c90750979ac284e6
72ad17fe54083a98613d1f7ceec486f87efdd8eba80fedc0495ee4d7662d1003
GET /embed/comments/?base=default&f=cvdinwwe&t_u=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&t_d=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&t_t=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1157
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 02 Oct 2022 19:27:48 GMT
Age: 22
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/lounge.load.8ec9a3b6b7bcd3fa25977c5ac7c3c810.js
143.204.55.14200 OK 494 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.8ec9a3b6b7bcd3fa25977c5ac7c3c810.js
IP 143.204.55.14:0
File type ASCII text, with very long lines (958), with no line terminators
Hash c3d34afd9d5f9d7a45d684db97cfbcdd
358b1f2fad414b32ca9684fd86ca80c46912bbf3
c6b8e1bf4aaf81e7636b4a63877150ad9ab2f5f66fe73b4af465547b927a6c6e
GET /next/embed/lounge.load.8ec9a3b6b7bcd3fa25977c5ac7c3c810.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 494
date: Thu, 29 Sep 2022 21:02:58 GMT
server: nginx
last-modified: Thu, 29 Sep 2022 20:42:18 GMT
etag: "6336032a-1ee"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 29 Sep 2023 21:02:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hgFGn8AEOW4l0eDvtZN-AOmhd0j_uDYcz6UGgpjrMuahn4awzZZpZQ==
age: 253490
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
143.204.55.14200 OK 95 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
IP 143.204.55.14:0
File type ASCII text, with very long lines (32023)
Hash 7b99df04cc3984222b4f02f738de9fa4
f3eefe01e2f39579ceaca4927de1177711e01544
c64b6a193db830888df222e8c3d1d0c964cb9700e2ed62796e02dbe49a39d8ec
GET /next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94755
date: Mon, 25 Jul 2022 05:21:29 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-17223"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9hfqDDv7uQI54niwV84wusQhLoN9QZOxcEnGFCweBjume9cipQlfwQ==
age: 6012379
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/styles/lounge.46ac8cae270fbd103ff8c6bf581143c6.css
143.204.55.14200 OK 26 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.46ac8cae270fbd103ff8c6bf581143c6.css
IP 143.204.55.14:0
File type ASCII text, with very long lines (65469)
Hash 15976c9c2f8fdcaffdd91728d6f0a82b
eac5ef6756e3c6fda25438a59ae29722b3c7ba67
4888364939b1d951ebafedfa95f8cbd12c42a32bc9f38e4d7e8d658978b69014
GET /next/embed/styles/lounge.46ac8cae270fbd103ff8c6bf581143c6.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 26176
date: Thu, 29 Sep 2022 21:02:58 GMT
server: nginx
last-modified: Thu, 29 Sep 2022 20:42:18 GMT
etag: "6336032a-6640"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 29 Sep 2023 21:02:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: r4I0B0KiEttofeWe24iF4B4JKBjTiQ-4nOpQbdWhd4JLjwyXErlMPQ==
age: 253490
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.4a4252944de4199d2e7f3e9e3eb9bc54.js
143.204.55.14200 OK 124 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.4a4252944de4199d2e7f3e9e3eb9bc54.js
IP 143.204.55.14:0
File type ASCII text, with very long lines (32035)
Size 124 kB (123979 bytes)
Hash 7b5a447a2bf1505198ba04e50bbe8af4
5377c483be50ae516af00ccfbd740c18e468deac
2f5f08e0306667a0de34dc481ab4a593b94ae9bdf6470615a546bddf98cdef12
GET /next/embed/lounge.bundle.4a4252944de4199d2e7f3e9e3eb9bc54.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 123979
date: Fri, 16 Sep 2022 09:02:42 GMT
server: nginx
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
etag: "63243521-1e44b"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 16 Sep 2023 09:02:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z8rLSqrvuD9Zq8U-LRTYdiKh5KwKHrHQlm18njlD4W53zVjLxG9r1g==
age: 1419906
X-Firefox-Spdy: h2
disqus.com/next/config.js
151.101.64.134200 OK 16 kB URL HTTP/1.1 disqus.com/next/config.js
IP 151.101.64.134:0
File type ASCII text, with very long lines (16464), with no line terminators
Hash fc529bef5ae212caab177ba07481f20d
6004f5571774ca0dd047a4cf7c4c2a4e7ae1749f
b88e11e596dd0b85b1a829324493f7bdeaa67ce792a9818c0e7b1d31b099b50c
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=cvdinwwe&t_u=https%3A%2F%2Fcvdinwwe1.blogspot.com%2F2021%2F12%2Ftransformers-fall-of-cybertran.html&t_d=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&t_t=%0ATRANSFORMERS%20FALL%20OF%20CYBERTRAN%0A&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 16464
Server: nginx
Content-Type: application/javascript; charset=UTF-8
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 02 Oct 2022 19:27:49 GMT
Age: 30
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
referrer.disqus.com/juggler/stat.gif?event=failed_embed.server.15
151.101.84.134200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/stat.gif?event=failed_embed.server.15
IP 151.101.84.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/stat.gif?event=failed_embed.server.15 HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 02 Oct 2022 19:27:49 GMT
Cross-Origin-Resource-Policy: cross-origin
fonts.googleapis.com/css?family=Oswald:300,400,700%7COpen+Sans:400,700,400italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,700%7COpen+Sans:400,700,400italic
IP 142.250.74.10:0
GET /css?family=Oswald:300,400,700%7COpen+Sans:400,700,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 19:27:44 GMT
date: Sun, 02 Oct 2022 19:27:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.233200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:45 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f61c09008368901089fb145016291add
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 02 Oct 2022 19:27:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgjEc3kJrfFwu7EUQ9oFp5COzfhh%2BLWdiR1Ss3ND0YYSdkUjlheGeDXIygFGOT2iTpZF%2F%2ByC%2FQ%2F%2FD1wbrQ4AHcZ3bL1kMjm5rf%2FGwdgyWfhsSTXYjYDxgE3j08ppk0Xd1e21UcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd6548e0ddd87-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7902380995042594
142.250.74.66200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7902380995042594
IP 142.250.74.66:0
GET /pagead/js/adsbygoogle.js?client=ca-pub-7902380995042594 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cvdinwwe1.blogspot.com
Connection: keep-alive
Referer: https://cvdinwwe1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sun, 02 Oct 2022 19:27:44 GMT
expires: Sun, 02 Oct 2022 19:27:44 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10339282532428019132
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg
IP 172.64.200.2:0
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:27:47 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Jul 2021 10:21:04 GMT
etag: W/"60e58010-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5217800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzYDpoeZbwIaMyhXwNUGK961qrfTsejaRpzXn7GTiHY1Ermgj7H8fYaEC9cDgEh%2FEl61FvJGaflPb2DsK3QGBBSnNvQRrvtE0cK0Mfa1JB2i6lSj8dG26mEgfVzBplfa6zs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fd662fe9876f5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2