firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 19:44:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wORuPh2BWq0mRtJUgIzLrdIhn4lfOUbUuey77kFves99lI3LAuNt3g==
Age: 158
rainbowcoloredsouth.blogspot.li/
142.250.74.161302 Moved Temporarily 184 B URL HTTP/1.1 rainbowcoloredsouth.blogspot.li/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash da6cb39bc8161b2f611184e4adf892e9
4c96a71617756f489bde57855798433cff061301
d16fa2c7b2042c168ea25ee8f674a1c359b261d1ac9ae51db0e5f4fb2e175bfe
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rainbowcoloredsouth.blogspot.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://rainbowcoloredsouth.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 04 Sep 2022 19:46:57 GMT
Expires: Sun, 04 Sep 2022 19:46:57 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 184
Server: GSE
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2994
Expires: Sun, 04 Sep 2022 20:36:51 GMT
Date: Sun, 04 Sep 2022 19:46:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DJvb5XE1m37f0H_kvPJ0sAXalz1EG77xNKRx1MdqRkS4kznzwaNYJA==
age: 66700
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 19:46:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 04 Sep 2022 19:38:16 GMT
Expires: Sun, 04 Sep 2022 20:06:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xscEr3pA1fZANwLjKXZQ9n3BAQDKtCEd9UZBczGz5ujt0dK8W2zdcA==
Age: 521
rainbowcoloredsouth.blogspot.com/
142.250.74.161200 OK 25 kB URL HTTP/1.1 rainbowcoloredsouth.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1495)
Hash 300628eb94083b49555cbe5f1ad730e1
fea26bad1ecf1f8124370928169b881173fe73b0
f52a0d3ed5c65e6937eb334137bfeee6b09f2b8c7a09c452b9d53aaf4edd6073
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rainbowcoloredsouth.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 04 Sep 2022 19:46:57 GMT
Date: Sun, 04 Sep 2022 19:46:57 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 18 Aug 2022 10:12:46 GMT
ETag: W/"02f7d571961a825d982f739614538d6081505c0a13508fb93b2355b4e1dd0def"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 24779
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:58 GMT
Last-Modified: Sun, 04 Sep 2022 18:29:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2a6ec38271d1c113e9e221bbf1284f1b
3b242e3fe8426d528d4a67f93f45ee56c0a53e92
36b5ecde759f09d6dc70bf388df025baabd30f4e0ed740a12bb377df1a60ea2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ae802d8e8fd778efea137f4c47d9ee43
8a2594654f58868f597046d5460b4b8daa87baca
dff8c48d86c7dc83027af6cfdb5b059a4d11e36e1d4b91d1a4da865683a8289a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rainbowcoloredsouth.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 rainbowcoloredsouth.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: rainbowcoloredsouth.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Sun, 04 Sep 2022 19:46:58 GMT
Expires: Sun, 11 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 04 Sep 2022 16:49:26 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.201200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 08:13:04 GMT
expires: Sat, 02 Sep 2023 08:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Sep 2022 14:49:33 GMT
content-type: text/css
age: 214434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2298587511-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2298587511-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash f464fdcdf304c6b79a91e2a822b695cd
e1329e29712ab125707bedf4c324d2cbb7c177e3
a4a889b07d4d04b7aeda255d273f18207f9803078bc5b28840ef2d380afc1abb
GET /static/v1/widgets/2298587511-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 21:19:16 GMT
expires: Fri, 01 Sep 2023 21:19:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Aug 2022 20:05:39 GMT
content-type: text/javascript
age: 253662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Sun, 04 Sep 2022 19:46:58 GMT
expires: Sun, 04 Sep 2022 19:46:58 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4e7ea00abe8fbd80"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jh.revolvermaps.com/r.js
185.44.104.99200 OK 1.0 kB IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type ASCII text, with very long lines (2364)
Hash e77583216cbdd82648960e62f5ff4994
bc94a1632d0db688a6f48b4fd1a012e97ee55d39
794f9c95a5547985fbb9dd4162d2e3888991ccc44d022943850ef8a5c3f2d636
GET /r.js HTTP/1.1
Host: jh.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2011 09:04:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=290304000
Content-Length: 1023
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: application/javascript
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.201200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.201:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 02:33:26 GMT
expires: Mon, 05 Sep 2022 02:33:26 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Aug 2022 16:49:20 GMT
content-type: image/gif
age: 580412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gaydemon.com/banners/wired.jpg
172.67.70.244301 Moved Permanently 0 B URL HTTP/1.1 www.gaydemon.com/banners/wired.jpg
IP 172.67.70.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banners/wired.jpg HTTP/1.1
Host: www.gaydemon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Sep 2022 19:46:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Sep 2022 20:46:58 GMT
Location: https://www.gaydemon.com/banners/wired.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DmzuELykcbu6WqleYuA9f0YXgz71hhxN4ZJohwqylcnN8lnMMIkan5snD6C0ibtTb2NdhJcuFLS8pG%2BCW7iGcosOAEY%2Bxme3o80Q%2Fv0BFx3wSZgNM%2Fcf%2FKZUM6dl5KQ78I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74593bfa6c69b517-OSL
alt-svc: h2=":443"; ma=60
resources.blogblog.com/img/icon18_email.gif
216.58.207.201200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 216.58.207.201:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 03:00:32 GMT
expires: Mon, 05 Sep 2022 03:00:32 GMT
cache-control: public, max-age=604800
last-modified: Mon, 29 Aug 2022 00:50:33 GMT
content-type: image/gif
age: 578786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.andrewchristian.com/affiliate-program/300x600-daniel01.jpg
54.230.111.3301 Moved Permanently 183 B URL HTTP/1.1 www.andrewchristian.com/affiliate-program/300x600-daniel01.jpg
IP 54.230.111.3:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e4e384d6672787c1bb2a9b500114f1f5
cf909e7937cd3f312c434367b732a53d7a6cbf14
80785f5520097dde3b28c617171415cd690cbf1e0353a5f3e348c83a4656ea0f
GET /affiliate-program/300x600-daniel01.jpg HTTP/1.1
Host: www.andrewchristian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 04 Sep 2022 19:46:58 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.andrewchristian.com/affiliate-program/300x600-daniel01.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3GkJQ84lNieJrzpVIN-FqCzdwuEucjgJsyy7R39YOBkYu7S0PwWXKA==
www.plublogs.com/listings/image.php?id=rainbowcoloredsouth
172.67.72.4301 Moved Permanently 0 B URL HTTP/1.1 www.plublogs.com/listings/image.php?id=rainbowcoloredsouth
IP 172.67.72.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /listings/image.php?id=rainbowcoloredsouth HTTP/1.1
Host: www.plublogs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Sep 2022 19:46:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Sep 2022 20:46:58 GMT
Location: https://www.gaydemon.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ%2BoUvJ0Iff2j6T620WLNF2D6qfJYRhIpkA7pe6iim2jH5Tz9V%2B%2BQy8LmXipHxv58S7KejHXcNicpGZcyi4YjmmI2GMK%2FOJqOjpDiXAeRyQEZmk%2F6NCZkSth4XwLwsBmW0g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74593bfa8af31c16-OSL
alt-svc: h2=":443"; ma=60
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 082af8f6ad7e453a93dd3d1e0ed74005
a768614da451435f22b8f19a0cd4977c48a639ce
f53c36c80f6af2bb427ea6b9d34dd82f8dbcf05d23b92d78ce6372af3a46d57c
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 07:12:07 GMT
expires: Thu, 31 Aug 2023 07:12:07 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
age: 390891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
142.250.74.174200 OK 17 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (3295)
Hash da083e9d59be400edf9d5f9a1716b91b
27d2025b6936aa58853e5ff3e1e67cef21cf32f5
edd3514aa92d8e00194c2f634d3ef3d4dd7efcd8cc0c33f3cda5f45ca250b0b7
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 16710
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 00:23:40 GMT
expires: Thu, 31 Aug 2023 00:23:40 GMT
cache-control: public, max-age=31536000
age: 415398
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-PJJ3tJbcBDY/UGulXjC1U3I/AAAAAAAAoFE/fqxDV9xTCZM/s420/bmb_banner.gif
142.250.74.161200 OK 40 kB URL HTTP/1.1 1.bp.blogspot.com/-PJJ3tJbcBDY/UGulXjC1U3I/AAAAAAAAoFE/fqxDV9xTCZM/s420/bmb_banner.gif
IP 142.250.74.161:0
File type PNG image data, 420 x 54, 8-bit/color RGB, non-interlaced\012- data
Hash 232f83c4f3f98e94bc9ca8372030b539
a6e949ebbecda6eca81a013f96a728e56575cf46
1a7b98f473ad718adbbaa8106e3de2e1b48665191f3a7ec7955e1f2c4d587596
GET /-PJJ3tJbcBDY/UGulXjC1U3I/AAAAAAAAoFE/fqxDV9xTCZM/s420/bmb_banner.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "va051"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bmb_banner.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 40324
X-XSS-Protection: 0
www.linkwithin.com/pixel.png
3.19.188.212200 OK 83 B URL HTTP/1.1 www.linkwithin.com/pixel.png
IP 3.19.188.212:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1dba98f5e46c0e7a1549b3d8af9b93
37284bda145ed93cee64997e3d6688cae7d98468
88021da4a13d993a2c94e4d8ddc9bd98b34985d806371e71e0531b37b8a0e081
GET /pixel.png HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Sep 2022 19:46:58 GMT
Content-Type: image/png
Content-Length: 83
Last-Modified: Thu, 18 Jun 2020 22:02:28 GMT
Connection: keep-alive
ETag: "5eebe474-53"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Sep 2022 19:46:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.34200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.34:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 04 Sep 2022 13:16:40 GMT
Expires: Sun, 18 Sep 2022 13:16:40 GMT
Cache-Control: public, max-age=1209600
Age: 23418
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
www.blogger.com/dyn-css/authorization.css?targetBlogID=2530175040840031141&zx=4dcaca6b-d7bb-4f03-a08e-e345599453cb
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=2530175040840031141&zx=4dcaca6b-d7bb-4f03-a08e-e345599453cb
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=2530175040840031141&zx=4dcaca6b-d7bb-4f03-a08e-e345599453cb HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 19:46:58 GMT
last-modified: Sun, 04 Sep 2022 19:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-s8YOJFqj8ro/UTDUxv8DDpI/AAAAAAAA4wM/jl3QFIP6X3k/w72-h72-p-k-no-nu/wells01.jpg
142.250.74.161200 OK 2.4 kB URL HTTP/1.1 1.bp.blogspot.com/-s8YOJFqj8ro/UTDUxv8DDpI/AAAAAAAA4wM/jl3QFIP6X3k/w72-h72-p-k-no-nu/wells01.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5ef6442a346d06b152b941dc1277c118
79fab26a605250f261a20c11193b5d1351a8db36
4559cd137b39a860cad5b5cfb8fd20221bd500ed6403fb87670d9324e53a23ab
GET /-s8YOJFqj8ro/UTDUxv8DDpI/AAAAAAAA4wM/jl3QFIP6X3k/w72-h72-p-k-no-nu/wells01.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "ve304"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="wells01.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 2398
X-XSS-Protection: 0
www.blogger.com/img/share_buttons_20_3.png
216.58.207.201200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 216.58.207.201:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 06:18:28 GMT
expires: Thu, 08 Sep 2022 06:18:28 GMT
cache-control: public, max-age=604800
last-modified: Thu, 01 Sep 2022 01:55:21 GMT
content-type: image/png
age: 307710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y5HImi5Wjrzz/v4c43gE8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ah3b9tj+haaltjeAQ9Rqygr3oq0=
4.bp.blogspot.com/-owlaA-RLfBg/Uv9sIRDRyhI/AAAAAAABXtU/-fOvTXZtLe8/s1600/mirror021102.jpg
142.250.74.161200 OK 39 kB URL HTTP/1.1 4.bp.blogspot.com/-owlaA-RLfBg/Uv9sIRDRyhI/AAAAAAABXtU/-fOvTXZtLe8/s1600/mirror021102.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 498x750, components 3\012- data
Hash 6db226b8866d7c0cf3285fadcf93e1da
df91ac82d0e8a0ff11c11b953c3307d07a96409d
9d52af37a80f6f1de1846d8531f9587c3ce9a7461b78625620152db158883698
GET /-owlaA-RLfBg/Uv9sIRDRyhI/AAAAAAABXtU/-fOvTXZtLe8/s1600/mirror021102.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ed7"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mirror021102.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 39345
X-XSS-Protection: 0
3.bp.blogspot.com/-w-tnhkIaiaY/UYqzd5po0EI/AAAAAAAA-rI/Dcc9rr7xsGM/w72-h72-p-k-no-nu/will+tudor.png
142.250.74.161200 OK 8.8 kB URL HTTP/1.1 3.bp.blogspot.com/-w-tnhkIaiaY/UYqzd5po0EI/AAAAAAAA-rI/Dcc9rr7xsGM/w72-h72-p-k-no-nu/will+tudor.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 46a5ca7dd6e8d7e6e01ae51a19559155
8bafae9a3b914171d63686099756ca45f5a85a23
aa70fc9f1bbbacb0d0019f9804af0402ce767e7b3300b7ee16bfaa36923aecd8
GET /-w-tnhkIaiaY/UYqzd5po0EI/AAAAAAAA-rI/Dcc9rr7xsGM/w72-h72-p-k-no-nu/will+tudor.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vfab3"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="will tudor.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 8776
X-XSS-Protection: 0
3.bp.blogspot.com/-tQpUDgOPo2M/TtfDq2gzOgI/AAAAAAAAFCg/xxGxEHMPNmA/w72-h72-p-k-no-nu/colton+haynes01.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/1.1 3.bp.blogspot.com/-tQpUDgOPo2M/TtfDq2gzOgI/AAAAAAAAFCg/xxGxEHMPNmA/w72-h72-p-k-no-nu/colton+haynes01.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9ab4d318504d4053fc4f1ba8fce6e8e6
5a7b9c0a97f8f5b73b04b6849ab8ab7af7a2ae0b
4e07b6989d989f85d30e798971b595f0d5001d0bcdae1fff6f4771ff53ea6202
GET /-tQpUDgOPo2M/TtfDq2gzOgI/AAAAAAAAFCg/xxGxEHMPNmA/w72-h72-p-k-no-nu/colton+haynes01.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1428"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="colton haynes01.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 2597
X-XSS-Protection: 0
3.bp.blogspot.com/-jSxICQggYBY/UsbCaiIUlwI/AAAAAAABUvk/i4bhYuAmotQ/s1600/rainbow-Jan12.jpg
142.250.74.161200 OK 186 kB URL HTTP/1.1 3.bp.blogspot.com/-jSxICQggYBY/UsbCaiIUlwI/AAAAAAABUvk/i4bhYuAmotQ/s1600/rainbow-Jan12.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1280x512, components 3\012- data
Size 186 kB (185875 bytes)
Hash 6b7ec3a1999494d35b3c213bc5b427e2
fde9516e02fe29feba6605339145dae69288efcc
ba5f3e1f7b118dae96d68b4acd064b55f81ed86a3dfe628dac243ab1502eb6b0
GET /-jSxICQggYBY/UsbCaiIUlwI/AAAAAAABUvk/i4bhYuAmotQ/s1600/rainbow-Jan12.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1694f"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="rainbow-Jan12.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 185875
X-XSS-Protection: 0
2.bp.blogspot.com/-RSMzSd96xdA/TkWK3eoFUJI/AAAAAAAAAPM/HsqlgcwI96o/s80/RBC---Long.jpg
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 2.bp.blogspot.com/-RSMzSd96xdA/TkWK3eoFUJI/AAAAAAAAAPM/HsqlgcwI96o/s80/RBC---Long.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x40, components 3\012- data
Hash e406f47473c73b384450eb448fee992f
ee5b5c7b270325957fdb609e0625432d72c599ac
b6282b59f5e01f2430fa4a076d4a28c4956ad1d4322b59927b1c47768ca51f40
GET /-RSMzSd96xdA/TkWK3eoFUJI/AAAAAAAAAPM/HsqlgcwI96o/s80/RBC---Long.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vf3"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="RBC---Long.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 2922
X-XSS-Protection: 0
2.bp.blogspot.com/-KISvOzX9Qdk/T6f3zJqAAMI/AAAAAAAATHw/gxikHhCuBpo/s1600/Facebook-Like.jpg
142.250.74.161200 OK 43 kB URL HTTP/1.1 2.bp.blogspot.com/-KISvOzX9Qdk/T6f3zJqAAMI/AAAAAAAATHw/gxikHhCuBpo/s1600/Facebook-Like.jpg
IP 142.250.74.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 375x563, components 3\012- data
Hash 303832932fc016d7ccc1335e536130b0
3fa9f9598aaebb5d48df3db9105bb5223bbbccbb
76c9f2ba5b50214b18cb44d9bc0ff52c75add483758e00d50081ddd1e463faf1
GET /-KISvOzX9Qdk/T6f3zJqAAMI/AAAAAAAATHw/gxikHhCuBpo/s1600/Facebook-Like.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4c7e"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Facebook-Like.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 43402
X-XSS-Protection: 0
1.bp.blogspot.com/-YqGHN7yCHKI/TkkzRVyo3rI/AAAAAAAAAUE/_gdDMlpifwg/s280/hunkbanner9.gif
142.250.74.161200 OK 11 kB URL HTTP/1.1 1.bp.blogspot.com/-YqGHN7yCHKI/TkkzRVyo3rI/AAAAAAAAAUE/_gdDMlpifwg/s280/hunkbanner9.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 280 x 80\012- data
Hash e6621995c1d6e76ba24c19a95fbf3b9b
ef4360742a4c0ace7c32057ae96d43f058e90566
1986afffb1e94dd7d11936995b58a63ad51160caa35b2500e2c72fb35d855369
GET /-YqGHN7yCHKI/TkkzRVyo3rI/AAAAAAAAAUE/_gdDMlpifwg/s280/hunkbanner9.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v13e8e"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="hunkbanner9.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 11217
X-XSS-Protection: 0
www.queerlisting.com/images/banners/linkback04.jpg
103.224.212.221403 Forbidden 5.6 kB URL HTTP/1.0 www.queerlisting.com/images/banners/linkback04.jpg
IP 103.224.212.221:0
ASN #133618 Trellian Pty. Limited
Hash 966e8928a8774364913ebfa8080e87da
ba2a7a0507bf863c9f3aa962c18c2b2bd7c59d16
3de07123800374509f4e8c9ac252692f3f321a54bb7baabf3f401449dc6bb174
GET /images/banners/linkback04.jpg HTTP/1.1
Host: www.queerlisting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.0 403 Forbidden
Cache-Control: no-cache
Connection: close
Content-Type: text/html
4.bp.blogspot.com/-x6oYQKyZ5b4/TxcjVWdhe0I/AAAAAAAAH8U/9EbTkfr1h0U/w72-h72-p-k-no-nu/fasbender.jpg
142.250.74.161200 OK 3.1 kB URL HTTP/1.1 4.bp.blogspot.com/-x6oYQKyZ5b4/TxcjVWdhe0I/AAAAAAAAH8U/9EbTkfr1h0U/w72-h72-p-k-no-nu/fasbender.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ee8b880b344745e842b520d3e5e66cd7
bd9c7093a80e7af386434ec5c596756dfad8656a
2d8cbb26e44ecb6898690b36e74359f1b8fd699b1aa7c0d20caf66a1a1fcd63c
GET /-x6oYQKyZ5b4/TxcjVWdhe0I/AAAAAAAAH8U/9EbTkfr1h0U/w72-h72-p-k-no-nu/fasbender.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1fc5"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fasbender.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 3102
X-XSS-Protection: 0
3.bp.blogspot.com/-qBVt9Ad_HHk/UAXyORIcEWI/AAAAAAAAcyw/OHkF2R7DdmM/w72-h72-p-k-no-nu/JasonBiggsNude01.JPG
142.250.74.161200 OK 3.0 kB URL HTTP/1.1 3.bp.blogspot.com/-qBVt9Ad_HHk/UAXyORIcEWI/AAAAAAAAcyw/OHkF2R7DdmM/w72-h72-p-k-no-nu/JasonBiggsNude01.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash cb1209f4c8d1ab281a7c02613b2df31b
ce3c4ccbd302a413d3343509064bf56e24fd093c
92591d53f805e96e9fc72754b7f46f84641ac57ca65ff564db6b09ebbadaa9ff
GET /-qBVt9Ad_HHk/UAXyORIcEWI/AAAAAAAAcyw/OHkF2R7DdmM/w72-h72-p-k-no-nu/JasonBiggsNude01.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v17072"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="JasonBiggsNude01.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 3011
X-XSS-Protection: 0
2.bp.blogspot.com/-n0BP9V0Hmsw/Tx8V2VTtqSI/AAAAAAAAIYg/4aI88JuMF8o/w72-h72-p-k-no-nu/TaylorKinneyShameless01.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/1.1 2.bp.blogspot.com/-n0BP9V0Hmsw/Tx8V2VTtqSI/AAAAAAAAIYg/4aI88JuMF8o/w72-h72-p-k-no-nu/TaylorKinneyShameless01.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=taylor kinney shirtless shameless, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d55712f66e61380e6366186166ea48aa
cae66f08dc7769a8df0c2b9481d0e7ef03370e0e
1084ddaced1258ffb4a63441a8b5ad99182c8de8a49d91d40f3b956bb0ccb211
GET /-n0BP9V0Hmsw/Tx8V2VTtqSI/AAAAAAAAIYg/4aI88JuMF8o/w72-h72-p-k-no-nu/TaylorKinneyShameless01.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v16f33"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="TaylorKinneyShameless01.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 2594
X-XSS-Protection: 0
4.bp.blogspot.com/-CUSjDUtyQ4g/UwDNLj88l3I/AAAAAAABXzU/SzCXGkTbMNA/s1600/06-olympic-bulge-mdn.jpg
142.250.74.161200 OK 112 kB URL HTTP/1.1 4.bp.blogspot.com/-CUSjDUtyQ4g/UwDNLj88l3I/AAAAAAABXzU/SzCXGkTbMNA/s1600/06-olympic-bulge-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 600x800, components 3\012- data
Size 112 kB (111830 bytes)
Hash 750c9fc7a6ac3ae789aeec14742e06fc
b7cfa906064a603194d002fb317c648049b91e4f
f67d901f022b539dd2b048b899aaf04998c7334afbf9c5d5c354f1df400b5ee5
GET /-CUSjDUtyQ4g/UwDNLj88l3I/AAAAAAABXzU/SzCXGkTbMNA/s1600/06-olympic-bulge-mdn.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f38"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="06-olympic-bulge-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 111830
X-XSS-Protection: 0
4.bp.blogspot.com/-aU75GiPgBVw/UwDNLcGPNwI/AAAAAAABXzM/WFte_Zy_5iA/s1600/04-Christian-Oberstolz-mdn.jpg
142.250.74.161200 OK 112 kB URL HTTP/1.1 4.bp.blogspot.com/-aU75GiPgBVw/UwDNLcGPNwI/AAAAAAABXzM/WFte_Zy_5iA/s1600/04-Christian-Oberstolz-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, software=Google], baseline, precision 8, 600x900, components 3\012- data
Size 112 kB (112546 bytes)
Hash ccfb2fdc4ac68eb35d2db7d32df82e5d
488fec0e5b449ee3a63976555ca162417bc54de7
a529011f3fabd9ae2f67dd15586af51cb59c714747265acfcfba580f6829163c
GET /-aU75GiPgBVw/UwDNLcGPNwI/AAAAAAABXzM/WFte_Zy_5iA/s1600/04-Christian-Oberstolz-mdn.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v16953"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="04-Christian-Oberstolz-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 112546
X-XSS-Protection: 0
2.bp.blogspot.com/-ThY-fJBqTlo/Uv9sjTMPh5I/AAAAAAABXuM/8ERWQ7M4FII/s1600/gga021505.jpg
142.250.74.161200 OK 73 kB URL HTTP/1.1 2.bp.blogspot.com/-ThY-fJBqTlo/Uv9sjTMPh5I/AAAAAAABXuM/8ERWQ7M4FII/s1600/gga021505.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 500x667, components 3\012- data
Hash 83fd010475414b083ba92a689761dbfd
994514575efb52cfef5f6b96cd74f108d3eda0e5
76c36a5e35eba8df05da12c2f9128bade33034926d22209a393718c9e2c388af
GET /-ThY-fJBqTlo/Uv9sjTMPh5I/AAAAAAABXuM/8ERWQ7M4FII/s1600/gga021505.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ee6"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gga021505.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 72725
X-XSS-Protection: 0
4.bp.blogspot.com/-ibRIDUlBdyQ/UwDOrDBsQoI/AAAAAAABXz8/VbGQBmF0ltQ/s1600/mirror021002.jpg
142.250.74.161200 OK 57 kB URL HTTP/1.1 4.bp.blogspot.com/-ibRIDUlBdyQ/UwDOrDBsQoI/AAAAAAABXz8/VbGQBmF0ltQ/s1600/mirror021002.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 449x750, components 3\012- data
Hash c46d6027925bf80ccff25d9eae7ae33e
826170838bea11cc0587dc374ce02bc4cef82285
5dfc8e03436a84ece004e6c751d41952e0e1119dbe807653d70832a4c5a99b6a
GET /-ibRIDUlBdyQ/UwDOrDBsQoI/AAAAAAABXz8/VbGQBmF0ltQ/s1600/mirror021002.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f40"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mirror021002.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 57261
X-XSS-Protection: 0
2.bp.blogspot.com/-Viho04GUyFk/UbJpRYKsycI/AAAAAAABCP4/lAUG6Nrv0eU/w72-h72-p-k-no-nu/TysonBeckford01.jpg
142.250.74.161200 OK 3.0 kB URL HTTP/1.1 2.bp.blogspot.com/-Viho04GUyFk/UbJpRYKsycI/AAAAAAABCP4/lAUG6Nrv0eU/w72-h72-p-k-no-nu/TysonBeckford01.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 921e55e10a94c495ff3062b946067272
227dd4617cdc6624bdbb2ed2909f743db8cc6b53
1a8312d2caa357ef336314f5fcc916e08c2f60108621db058b1dd408059da35c
GET /-Viho04GUyFk/UbJpRYKsycI/AAAAAAABCP4/lAUG6Nrv0eU/w72-h72-p-k-no-nu/TysonBeckford01.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v16e5e"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="TysonBeckford01.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 2992
X-XSS-Protection: 0
4.bp.blogspot.com/-f_EobfuKIKQ/UHwT3jHPjcI/AAAAAAAAqDs/OWeGBl4fT08/s420/balloonblogad.jpg
142.250.74.161200 OK 32 kB URL HTTP/1.1 4.bp.blogspot.com/-f_EobfuKIKQ/UHwT3jHPjcI/AAAAAAAAqDs/OWeGBl4fT08/s420/balloonblogad.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 210x420, components 3\012- data
Hash 8a09cfedcd529b0b063f61485adb7370
331d3b4cf523981078ad274bf09f98442cd18a1d
8ac7719c11f3577153e95ad3fd4fd5390e25b95de55acbf326d531d841b2fc93
GET /-f_EobfuKIKQ/UHwT3jHPjcI/AAAAAAAAqDs/OWeGBl4fT08/s420/balloonblogad.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "va83b"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="balloonblogad.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 32235
X-XSS-Protection: 0
4.bp.blogspot.com/--K3R7xnvQXk/UBgic2otQfI/AAAAAAAAets/ekjUBREtNjI/w72-h72-p-k-no-nu/TomDaleyAss01.png
142.250.74.161200 OK 8.0 kB URL HTTP/1.1 4.bp.blogspot.com/--K3R7xnvQXk/UBgic2otQfI/AAAAAAAAets/ekjUBREtNjI/w72-h72-p-k-no-nu/TomDaleyAss01.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash da664d579c84122fc828f992d2ec0aa3
b9153acef1d83a395770f8394900cafa8c9adcf1
d9bb68cd84cf25b1d464f20dab63b402857c7e21aa9af5e1ed1f2991ed51fba1
GET /--K3R7xnvQXk/UBgic2otQfI/AAAAAAAAets/ekjUBREtNjI/w72-h72-p-k-no-nu/TomDaleyAss01.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v175bc"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="TomDaleyAss01.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 7950
X-XSS-Protection: 0
4.bp.blogspot.com/-nA_oqdixesQ/UYEaQT_ld4I/AAAAAAAA-So/nK_PrOCd6io/w72-h72-p-k-no-nu/MilesTeller.jpg
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 4.bp.blogspot.com/-nA_oqdixesQ/UYEaQT_ld4I/AAAAAAAA-So/nK_PrOCd6io/w72-h72-p-k-no-nu/MilesTeller.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash eb19a3a6d393fed5c80cdc7067fc9280
4e0a46d201edea8bdb00fe100070138828a6cf9e
28437b03b21d8482db5f80ef5299676cf1ea37f120ef2a1cc8627088ac9a16e9
GET /-nA_oqdixesQ/UYEaQT_ld4I/AAAAAAAA-So/nK_PrOCd6io/w72-h72-p-k-no-nu/MilesTeller.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vf92a"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="MilesTeller.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 2879
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c9fc08ddf6131ef36d11d35ed7ab8fee
3ebb2f19615299f8ba6eeaa2c9eec8caf815b234
e71a269cbdd85cce01e140fa2e18bd3f73d795a2a3573688e6a1f2cf49048c15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/1kt/awesomeinc/body_background_dark.png
216.58.207.201200 OK 106 B URL HTTP/1.1 www.blogblog.com/1kt/awesomeinc/body_background_dark.png
IP 216.58.207.201:0
File type PNG image data, 5 x 5, 1-bit colormap, non-interlaced\012- data
Hash 1de2f5d595cb35714e69a0f86e5f058a
c1ecb1aa5b2112d67dbe4644594a984a8df8d933
50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677
GET /1kt/awesomeinc/body_background_dark.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 106
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Sep 2022 16:53:41 GMT
Expires: Fri, 09 Sep 2022 16:53:41 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 02 Sep 2022 09:50:05 GMT
Content-Type: image/png
Age: 183197
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2a6ec38271d1c113e9e221bbf1284f1b
3b242e3fe8426d528d4a67f93f45ee56c0a53e92
36b5ecde759f09d6dc70bf388df025baabd30f4e0ed740a12bb377df1a60ea2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/1kt/awesomeinc/body_gradient_dark.png
216.58.207.201200 OK 141 B URL HTTP/1.1 www.blogblog.com/1kt/awesomeinc/body_gradient_dark.png
IP 216.58.207.201:0
File type PNG image data, 8 x 276, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eae035d0731c30445e8469cefc7a185
0e9abf4f6203ba4e0dfae0d889b6adf3cb55a929
625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186
GET /1kt/awesomeinc/body_gradient_dark.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 141
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 04 Sep 2022 07:56:20 GMT
Expires: Sun, 11 Sep 2022 07:56:20 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 03 Sep 2022 17:51:18 GMT
Content-Type: image/png
Age: 42638
1.bp.blogspot.com/-RofmlnPqZ8c/Uv9s2znlcbI/AAAAAAABXus/UpXiUv9k0JM/s1600/yes021504.jpg
142.250.74.161200 OK 152 kB URL HTTP/1.1 1.bp.blogspot.com/-RofmlnPqZ8c/Uv9s2znlcbI/AAAAAAABXus/UpXiUv9k0JM/s1600/yes021504.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 640x640, components 3\012- data
Size 152 kB (151916 bytes)
Hash 2b01cc11d2b24eb076249c3034eecf59
3c8abbadb6de5710a726dd8eff2831003eead663
d9143fd22effb6a4aac01f0bb78d549166a05fc8e53b19816923bc12860f2a1d
GET /-RofmlnPqZ8c/Uv9s2znlcbI/AAAAAAABXus/UpXiUv9k0JM/s1600/yes021504.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15eef"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="yes021504.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 151916
X-XSS-Protection: 0
www.blogger.com/blogin.g?blogspotURL=http://rainbowcoloredsouth.blogspot.com/&type=blog
216.58.207.201302 Found 287 B URL HTTP/2 www.blogger.com/blogin.g?blogspotURL=http://rainbowcoloredsouth.blogspot.com/&type=blog
IP 216.58.207.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (360)
Hash 5c377754cecf138d9bb7fff970b545fd
093e9266532703ca0435a11926e0fd8ec1b1971d
76a5b8ce9e8ff2f9365c219090e8a9660a653f07b0d1291e5ec227a074749cdb
GET /blogin.g?blogspotURL=http://rainbowcoloredsouth.blogspot.com/&type=blog HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sun, 04 Sep 2022 19:46:58 GMT
expires: Sun, 04 Sep 2022 19:46:58 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 287
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-WflpAHzW7bI/Uv9tI0qub2I/AAAAAAABXvI/B5dMaRdhr2w/s1600/night021501.jpg
142.250.74.161200 OK 90 kB URL HTTP/1.1 3.bp.blogspot.com/-WflpAHzW7bI/Uv9tI0qub2I/AAAAAAABXvI/B5dMaRdhr2w/s1600/night021501.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 500x750, components 3\012- data
Hash 2018bf706dc5e607d0066a7d18e972a0
d7ac87781e8f2ddf0fa0c33a88e3982fdbca64a1
22e867fc2275c0a83c96b3a9982fa4e0dc1641fc6f219935c32ef7d6fcbe5870
GET /-WflpAHzW7bI/Uv9tI0qub2I/AAAAAAABXvI/B5dMaRdhr2w/s1600/night021501.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ef3"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="night021501.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 90065
X-XSS-Protection: 0
www.blogger.com/navbar.g?targetBlogID=2530175040840031141&blogName=Rainbow+Colored+South&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://rainbowcoloredsouth.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://rainbowcoloredsouth.blogspot.com/&vt=2862378600095796167&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
216.58.207.201200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=2530175040840031141&blogName=Rainbow+Colored+South&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://rainbowcoloredsouth.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://rainbowcoloredsouth.blogspot.com/&vt=2862378600095796167&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
IP 216.58.207.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3204)
Hash b8811b64f7d5d3396d270d5ff15f47fc
f40c1f011defdd3127902c7ff9893453f36cad76
e2d09a3a1db7fed09f0aa91c51d8f35d31a2bf714e3a5a7b0a1e7ca5bca20434
GET /navbar.g?targetBlogID=2530175040840031141&blogName=Rainbow+Colored+South&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://rainbowcoloredsouth.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://rainbowcoloredsouth.blogspot.com/&vt=2862378600095796167&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 19:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2607
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-mgkOr6V2HIE/Uv9s3LePMJI/AAAAAAABXu0/d0b_dnf2zuU/s1600/yes021505.jpg
142.250.74.161200 OK 70 kB URL HTTP/1.1 3.bp.blogspot.com/-mgkOr6V2HIE/Uv9s3LePMJI/AAAAAAABXu0/d0b_dnf2zuU/s1600/yes021505.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 477x640, components 3\012- data
Hash dc7ca852f4f010adddf5566051693f90
107cf067299db9a6774613592a98e374915478ae
99559c90ddf7aaddc945c72a66690fa5994b9abd6b5fbbfca07a6c23c4b29869
GET /-mgkOr6V2HIE/Uv9s3LePMJI/AAAAAAABXu0/d0b_dnf2zuU/s1600/yes021505.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ef1"
Expires: Mon, 05 Sep 2022 19:46:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="yes021505.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:58 GMT
Server: fife
Content-Length: 70374
X-XSS-Protection: 0
www.formspring.me/widget/view/RainbowCSouth?&size=medium&bgcolor=%23490E50&fgcolor=%23908396
77.73.177.139302 Found 0 B URL HTTP/1.0 www.formspring.me/widget/view/RainbowCSouth?&size=medium&bgcolor=%23490E50&fgcolor=%23908396
IP 77.73.177.139:0
ASN #41471 Massive Media Match NV
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/view/RainbowCSouth?&size=medium&bgcolor=%23490E50&fgcolor=%23908396 HTTP/1.1
Host: www.formspring.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.0 302 Found
Location: https://www.formspring.me/widget/view/RainbowCSouth?&size=medium&bgcolor=%23490E50&fgcolor=%23908396
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
rf.revolvermaps.com/5/f.php?m=0&h=110&i=7z9a9be03te&c=54ff00
185.44.104.99200 OK 2.7 kB URL HTTP/1.1 rf.revolvermaps.com/5/f.php?m=0&h=110&i=7z9a9be03te&c=54ff00
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4698), with no line terminators
Hash abef586447409f92948b71ab919504d4
602d1cea570624d410fe84288d5554113bc04894
4fb78dcaaa90ea60bffc574a9b64dca93b238c56e465ae15dbf96a7f76ed1cf0
GET /5/f.php?m=0&h=110&i=7z9a9be03te&c=54ff00 HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=290304000
Content-Length: 2663
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
1.bp.blogspot.com/-P7ytOYIcWSc/Uv9sJMGWqcI/AAAAAAABXto/CyPF5zVVFYo/s1600/mirror021402.jpg
142.250.74.161200 OK 97 kB URL HTTP/1.1 1.bp.blogspot.com/-P7ytOYIcWSc/Uv9sJMGWqcI/AAAAAAABXto/CyPF5zVVFYo/s1600/mirror021402.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 960x960, components 3\012- data
Hash f7cecc10a93af84b824f489c6a04912e
96365d5b1afe72ef821763e9846eeb2e40ca30a7
3baf9c851f91b1b21aa647d260a8fab3967ab4efd5100a35c3d45e4d31690750
GET /-P7ytOYIcWSc/Uv9sJMGWqcI/AAAAAAABXto/CyPF5zVVFYo/s1600/mirror021402.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15edc"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mirror021402.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 96685
X-XSS-Protection: 0
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f23ba321dd6d0133696ee3df05ac863c
66defa14bc57447173e12528664088332791907b
99dd699826a401fe8a3697610105f4b63371604cd2b08b0204e03e9757930b2e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Sep 2022 19:46:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Sep 2022 18:16:38 GMT
Expires: Mon, 05 Sep 2022 18:16:38 GMT
ETag: "66defa14bc57447173e12528664088332791907b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
jf.revolvermaps.com/c.php?i=7z9a9be03te
185.44.104.99200 OK 43 B URL HTTP/1.1 jf.revolvermaps.com/c.php?i=7z9a9be03te
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /c.php?i=7z9a9be03te HTTP/1.1
Host: jf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: Apache
Cache-Control: max-age=900
Last-Modified: Sun, 04 Sep 2022 19:46:59 GMT
Content-Length: 43
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: image/gif
4.bp.blogspot.com/-UVUlyhRRA0Q/Uv9sjKRgO-I/AAAAAAABXuE/qjYtLnD3sjY/s1600/gga021504.jpg
142.250.74.161200 OK 32 kB URL HTTP/1.1 4.bp.blogspot.com/-UVUlyhRRA0Q/Uv9sjKRgO-I/AAAAAAABXuE/qjYtLnD3sjY/s1600/gga021504.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 466x700, components 3\012- data
Hash b045a3a5181bc4a9bff0d127846e300f
ebb16bc1923314a65e31ebde09c4f28120cbb2ab
8d0da820036528ed0a8aee8588bc4c6286dc4c1b11e4dc57eb24ce5865fb0b8d
GET /-UVUlyhRRA0Q/Uv9sjKRgO-I/AAAAAAABXuE/qjYtLnD3sjY/s1600/gga021504.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ee4"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gga021504.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 31757
X-XSS-Protection: 0
www.blogger.com/img/logo-16.png
216.58.207.201200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 216.58.207.201:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Sep 2022 17:02:00 GMT
Expires: Thu, 08 Sep 2022 17:02:00 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 31 Aug 2022 15:52:14 GMT
Content-Type: image/png
Age: 269099
4.bp.blogspot.com/-EESWiC2cGEQ/Uv9sisKqtNI/AAAAAAABXuU/pyz-CDnhZYk/s1600/gga021501.jpg
142.250.74.161200 OK 56 kB URL HTTP/1.1 4.bp.blogspot.com/-EESWiC2cGEQ/Uv9sisKqtNI/AAAAAAABXuU/pyz-CDnhZYk/s1600/gga021501.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google, copyright=\302\251 2013 RandyBlue.com], baseline, precision 8, 500x667, components 3\012- data
Hash e820fe66cf49dd33915eade217e473bf
468328f937cb8a17113d127b696cf6cf807922b7
30b01af7bfbd024e3dda65191218f21aceccd277c751871de299cfbe2fc1322a
GET /-EESWiC2cGEQ/Uv9sisKqtNI/AAAAAAABXuU/pyz-CDnhZYk/s1600/gga021501.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ee7"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gga021501.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 56064
X-XSS-Protection: 0
jf.revolvermaps.com/r.php?i=7z9a9be03te&l=http%3A%2F%2Frainbowcoloredsouth.blogspot.com%2F&r=1662320814892
185.44.104.99200 OK 43 B URL HTTP/1.1 jf.revolvermaps.com/r.php?i=7z9a9be03te&l=http%3A%2F%2Frainbowcoloredsouth.blogspot.com%2F&r=1662320814892
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /r.php?i=7z9a9be03te&l=http%3A%2F%2Frainbowcoloredsouth.blogspot.com%2F&r=1662320814892 HTTP/1.1
Host: jf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: Apache
Content-Length: 43
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: image/gif
2.bp.blogspot.com/-DOmWsPbThRI/UwAqwouX6dI/AAAAAAABXwM/rKnQm8QZsBc/s1600/00NSFW.jpg
142.250.74.161200 OK 51 kB URL HTTP/1.1 2.bp.blogspot.com/-DOmWsPbThRI/UwAqwouX6dI/AAAAAAABXwM/rKnQm8QZsBc/s1600/00NSFW.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 512x512, components 3\012- data
Hash fd4d16d7a988d8de1fc48a3076c71afd
4f34909fdb4b6269458f001d2ab1b170ff54faf4
3a99f9691a0f7a6a2187ae08b2c76f160f75d5870b90c5560bb50c9a565e8686
GET /-DOmWsPbThRI/UwAqwouX6dI/AAAAAAABXwM/rKnQm8QZsBc/s1600/00NSFW.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f05"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="00NSFW.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 50566
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a3a96c8b66c9fca1fc8f3c35afdd2605
a51e774cd8a298541806756fcf7d9995e378bf63
85abeb3438d14f003f10b69b39c5e0e5cbf2c9de5364c71bb13d9ae5d1a26b25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-caUj67D4ojs/Uv9s2azJv6I/AAAAAAABXuk/d--ktcJfT9I/s1600/yes021501.png
142.250.74.161200 OK 234 kB URL HTTP/1.1 2.bp.blogspot.com/-caUj67D4ojs/Uv9s2azJv6I/AAAAAAABXuk/d--ktcJfT9I/s1600/yes021501.png
IP 142.250.74.161:0
File type PNG image data, 500 x 344, 8-bit/color RGB, non-interlaced\012- data
Size 234 kB (233757 bytes)
Hash 59378b0b47f2a51d12e638af831bc8e0
124bedeef8bc33c5d6be2cdf5a873d957830f9de
080b2e619e34f3562ffc5e4f02f2c138b95c2c6a0ed73c20f6ad3b547383c2e0
GET /-caUj67D4ojs/Uv9s2azJv6I/AAAAAAABXuk/d--ktcJfT9I/s1600/yes021501.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15eec"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="yes021501.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 233757
X-XSS-Protection: 0
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 10375b02f17f77cb5e5ad125afaaf4b1
6cb395ae710ae8848cfc615c62cbee382ba1d72b
94783960f23996b112c8d92e3c5951467d917275cc6fd94fedf43ba85b9bd5d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94783960F23996B112C8D92E3C5951467D917275CC6FD94FEDF43BA85B9BD5D8"
Last-Modified: Sat, 03 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9109
Expires: Sun, 04 Sep 2022 22:18:48 GMT
Date: Sun, 04 Sep 2022 19:46:59 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
216.58.207.237302 Found 234 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95dcfeb867929c1e460b60db33b03020
5ec5bdd4e2033b0bc3f9fb6e245aeada63c50647
33ec370a6b4b38f83c713ed0ce1a4a92908127de7860095f59f7d84bf208e26c
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://rainbowcoloredsouth.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rainbowcoloredsouth.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 19:46:59 GMT
location: https://www.blogger.com/blogin.g?blogspotURL=http%3A%2F%2Frainbowcoloredsouth.blogspot.com%2F&type=blog&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-P33GcsfvJmcpKq2U12aEtQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 234
server: GSE
set-cookie: __Host-GAPS=1:a0z3e7dKSsvAA9ZkuvAPUNI5itZ7tA:5vkMU5SsytaPR4Iv;Path=/;Expires=Tue, 03-Sep-2024 19:46:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rf.revolvermaps.com/d/m/256/0.jpg
185.44.104.99200 OK 24 kB URL HTTP/1.1 rf.revolvermaps.com/d/m/256/0.jpg
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x128, components 3\012- data
Hash 15fcecbe65b8aa15debf6e30cdd0030b
bfe79c7568adc20329f6bb68f694643002d9ed3c
0a14a70ce1b6e69fc6e38e44803c8737195b143f8a71a94ebdfe49dd9ed4410f
GET /d/m/256/0.jpg HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rf.revolvermaps.com/5/f.php?m=0&h=110&i=7z9a9be03te&c=54ff00
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: Apache
Last-Modified: Sun, 20 Feb 2011 15:36:38 GMT
Accept-Ranges: bytes
Content-Length: 23805
Cache-Control: public, max-age=290304000
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
1.bp.blogspot.com/-A2qsU8rEF3Q/UwDKpxC_sDI/AAAAAAABXyE/w1jUVlre-44/s1600/morning021601.jpg
142.250.74.161200 OK 38 kB URL HTTP/1.1 1.bp.blogspot.com/-A2qsU8rEF3Q/UwDKpxC_sDI/AAAAAAABXyE/w1jUVlre-44/s1600/morning021601.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 500x750, components 3\012- data
Hash 9abe0249384bd9afb9692c71845e8f3f
72cf828cce2d3a0f06cc8ffcd943ab4a17505918
0de67639f6da850d499a68a7fb6a919409134aff8d6eebae81d8fdb0a49e829b
GET /-A2qsU8rEF3Q/UwDKpxC_sDI/AAAAAAABXyE/w1jUVlre-44/s1600/morning021601.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f22"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="morning021601.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 37653
X-XSS-Protection: 0
1.bp.blogspot.com/-R3jkPfy1Q18/UwDNK97aq1I/AAAAAAABXy4/hJm7UY4uw5k/s1600/02-olympic-bulge-mdn.jpg
142.250.74.161200 OK 70 kB URL HTTP/1.1 1.bp.blogspot.com/-R3jkPfy1Q18/UwDNK97aq1I/AAAAAAABXy4/hJm7UY4uw5k/s1600/02-olympic-bulge-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 600x800, components 3\012- data
Hash 14682ae09273d366aab609d394c7367a
a6ddd4671fab6ab4de18c8ac89eb2a508a0d5506
de612cd3e795393e83d90d8c8d56b39df1d6e5d36387e0fdac7131b1070ad039
GET /-R3jkPfy1Q18/UwDNK97aq1I/AAAAAAABXy4/hJm7UY4uw5k/s1600/02-olympic-bulge-mdn.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f31"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="02-olympic-bulge-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 70455
X-XSS-Protection: 0
1.bp.blogspot.com/-NvQ5IpT6Ja4/UwDNMNQW7yI/AAAAAAABXzc/4SyVoi02XXo/s1600/09-olympic-bulge-mdn.jpg
142.250.74.161200 OK 82 kB URL HTTP/1.1 1.bp.blogspot.com/-NvQ5IpT6Ja4/UwDNMNQW7yI/AAAAAAABXzc/4SyVoi02XXo/s1600/09-olympic-bulge-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 600x800, components 3\012- data
Hash 4df8d8458cd98c9ccd97bec926f26673
9878a3a59fa9c398d72093b31b8757ff80f65ab8
451813570653bd4df75e134c833226174b38d2b275612c44dc4f19854272830b
GET /-NvQ5IpT6Ja4/UwDNMNQW7yI/AAAAAAABXzc/4SyVoi02XXo/s1600/09-olympic-bulge-mdn.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f3a"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="09-olympic-bulge-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 82219
X-XSS-Protection: 0
3.bp.blogspot.com/-h3MwKwmGLFk/UwDNK6SpQ8I/AAAAAAABXy8/WDWhnU8RpPI/s1600/03-Tobias-Arlt-mdn.jpg
142.250.74.161200 OK 121 kB URL HTTP/1.1 3.bp.blogspot.com/-h3MwKwmGLFk/UwDNK6SpQ8I/AAAAAAABXy8/WDWhnU8RpPI/s1600/03-Tobias-Arlt-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, software=Google], baseline, precision 8, 600x900, components 3\012- data
Size 121 kB (121319 bytes)
Hash 675b9305800f69d15291cbc6283fdbb3
275f0a68f316d15569bcb56a4649e980664ace14
9707f117c8d203c77a8f0e1615871ab19369824ee6393e113d69593bc859813e
GET /-h3MwKwmGLFk/UwDNK6SpQ8I/AAAAAAABXy8/WDWhnU8RpPI/s1600/03-Tobias-Arlt-mdn.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v16951"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="03-Tobias-Arlt-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 121319
X-XSS-Protection: 0
rf.revolvermaps.com/t.php?i=7z9a9be03te&r=v4oo
185.44.104.99200 OK 36 B URL HTTP/1.1 rf.revolvermaps.com/t.php?i=7z9a9be03te&r=v4oo
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
Hash 445320eaefb12ac0ad93987a904433f0
d36f3c3d7339bfda5e16809b29cd8730ce16a0f1
c717d44cf13ac9e8cbef84634b4b4d93358b5bc854d9d9e66a0768b849edb71e
GET /t.php?i=7z9a9be03te&r=v4oo HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rf.revolvermaps.com/5/f.php?m=0&h=110&i=7z9a9be03te&c=54ff00
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: Apache
Content-Length: 36
Keep-Alive: timeout=4, max=98
Connection: Keep-Alive
Content-Type: text/plain;charset=UTF-8
1.bp.blogspot.com/-pa_tbIyus84/Uv9sIY4vKlI/AAAAAAABXtY/wGPVwEW0ehU/s1600/mirror021201.jpg
142.250.74.161200 OK 36 kB URL HTTP/1.1 1.bp.blogspot.com/-pa_tbIyus84/Uv9sIY4vKlI/AAAAAAABXtY/wGPVwEW0ehU/s1600/mirror021201.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 479x640, components 3\012- data
Hash eb5e844f012d2610ccfed187c055d99a
2896d3f302c9b4f091f6f6fe1d9dbeb0a8023db4
01040ae34b01b3a1a9ba911f02627a566f1ad5def969b2d200e01f9d2f7c323b
GET /-pa_tbIyus84/Uv9sIY4vKlI/AAAAAAABXtY/wGPVwEW0ehU/s1600/mirror021201.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15edd"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mirror021201.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 35756
X-XSS-Protection: 0
2.bp.blogspot.com/-6cxyGfvhbD8/UwDNLRAEMgI/AAAAAAABXzs/exeKQpW9imQ/s1600/03-olympic-bulge-mdn.jpg
142.250.74.161200 OK 84 kB URL HTTP/1.1 2.bp.blogspot.com/-6cxyGfvhbD8/UwDNLRAEMgI/AAAAAAABXzs/exeKQpW9imQ/s1600/03-olympic-bulge-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 600x800, components 3\012- data
Hash af7a31eef4278496a188ef153aeffcf3
072bc245fe6fa1dc19ac1c92b8e2de6f7ebea97d
745d48cc62bc3e0c5df53e078af74cfb0862e4007fad5331755676c60c0494ee
GET /-6cxyGfvhbD8/UwDNLRAEMgI/AAAAAAABXzs/exeKQpW9imQ/s1600/03-olympic-bulge-mdn.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f3d"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="03-olympic-bulge-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 84114
X-XSS-Protection: 0
4.bp.blogspot.com/-8BK_gwdL7pg/Uv9s2Q0XOUI/AAAAAAABXug/hxKitntRMuM/s1600/yes021502.jpg
142.250.74.161200 OK 67 kB URL HTTP/1.1 4.bp.blogspot.com/-8BK_gwdL7pg/Uv9s2Q0XOUI/AAAAAAABXug/hxKitntRMuM/s1600/yes021502.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 500x750, components 3\012- data
Hash 0e90bfef8e73c4b4a3e4b905aa5ed636
cf736eae0b8c9b5a587ffc7971def4110b155dd3
38da46eeb6c3529ac2898b99b53e53248710cc049e290bcfb8ef2eee09cb5562
GET /-8BK_gwdL7pg/Uv9s2Q0XOUI/AAAAAAABXug/hxKitntRMuM/s1600/yes021502.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ef0"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="yes021502.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 67407
X-XSS-Protection: 0
2.bp.blogspot.com/-HE1jTDI3_qc/UwDNK1qn0iI/AAAAAAABXzA/zCPrZCEpY3s/s1600/01-olympic-bulge-mdn.jpg
142.250.74.161200 OK 79 kB URL HTTP/1.1 2.bp.blogspot.com/-HE1jTDI3_qc/UwDNK1qn0iI/AAAAAAABXzA/zCPrZCEpY3s/s1600/01-olympic-bulge-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 600x800, components 3\012- data
Hash 28890df0d032558955b85e9a09dbed2c
78d2586a3abee4b780c3e8ac7c4d03c7648559ce
13862304ae0726c5631a7a532a60efc42b0ddb7336b182998ee0d4917d66a5e7
GET /-HE1jTDI3_qc/UwDNK1qn0iI/AAAAAAABXzA/zCPrZCEpY3s/s1600/01-olympic-bulge-mdn.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f34"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="01-olympic-bulge-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 78804
X-XSS-Protection: 0
2.bp.blogspot.com/-GmbYNp0C2aU/UwArGm2lqnI/AAAAAAABXxI/9R7vaQkgffs/s1600/00latenight.jpg
142.250.74.161200 OK 40 kB URL HTTP/1.1 2.bp.blogspot.com/-GmbYNp0C2aU/UwArGm2lqnI/AAAAAAABXxI/9R7vaQkgffs/s1600/00latenight.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 512x512, components 3\012- data
Hash c12613607158df47339990ebaea16035
47c894409275534aaa58a416c1bd4242f175588c
13f54c48a7366414fce2871d6d8ac489aa12d04e468a035fd8bc0a0bb20acc9d
GET /-GmbYNp0C2aU/UwArGm2lqnI/AAAAAAABXxI/9R7vaQkgffs/s1600/00latenight.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f14"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="00latenight.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 39888
X-XSS-Protection: 0
4.bp.blogspot.com/-RgWb4m44FOE/UwDNMmQZlxI/AAAAAAABXzk/R1CphwdGq4Q/s1600/14-olympic-bulge-mdn.jpg
142.250.74.161200 OK 82 kB URL HTTP/1.1 4.bp.blogspot.com/-RgWb4m44FOE/UwDNMmQZlxI/AAAAAAABXzk/R1CphwdGq4Q/s1600/14-olympic-bulge-mdn.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 600x800, components 3\012- data
Hash 97bfb287d5adcb3f24e03028effe1e0c
4a5026a0506fb67b3c0b1ac85c4226a2ac88f3d7
5a9d0c554167194917a6b816b28775c7d8274b1d515eb74ee33a0f08aa395e55
GET /-RgWb4m44FOE/UwDNMmQZlxI/AAAAAAABXzk/R1CphwdGq4Q/s1600/14-olympic-bulge-mdn.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15f3c"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="14-olympic-bulge-mdn.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 82021
X-XSS-Protection: 0
1.bp.blogspot.com/-AKrlN0SMToM/Uv9sIXHecRI/AAAAAAABXtQ/MbyEWklu86c/s1600/mirror021002.jpg
142.250.74.161200 OK 57 kB URL HTTP/1.1 1.bp.blogspot.com/-AKrlN0SMToM/Uv9sIXHecRI/AAAAAAABXtQ/MbyEWklu86c/s1600/mirror021002.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 449x750, components 3\012- data
Hash c46d6027925bf80ccff25d9eae7ae33e
826170838bea11cc0587dc374ce02bc4cef82285
5dfc8e03436a84ece004e6c751d41952e0e1119dbe807653d70832a4c5a99b6a
GET /-AKrlN0SMToM/Uv9sIXHecRI/AAAAAAABXtQ/MbyEWklu86c/s1600/mirror021002.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ed8"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mirror021002.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 57261
X-XSS-Protection: 0
rf.revolvermaps.com/c.php?i=7z9a9be03te&h=110&t=0
185.44.104.99200 OK 6.0 kB URL HTTP/1.1 rf.revolvermaps.com/c.php?i=7z9a9be03te&h=110&t=0
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
Hash 9c8f22398b8e0d22b8fddcfc6cfc9d41
ac9a4ce2e09e69cdd59335c3dab8f89e8f6c763d
9786bf4d1f9d2f3acdafbac7bcaae0cc8589909f203fd8354faf2f6ea15d4bf2
GET /c.php?i=7z9a9be03te&h=110&t=0 HTTP/1.1
Host: rf.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rf.revolvermaps.com/5/f.php?m=0&h=110&i=7z9a9be03te&c=54ff00
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: Apache
Connection: close
Cache-Control: max-age=43200
Pragma:
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6006
Content-Type: text/plain;charset=UTF-8
4.bp.blogspot.com/-7luQTc1h82k/Uv9sI4jQXKI/AAAAAAABXtk/PUbCdRDaTlk/s1600/mirror021301.jpg
142.250.74.161200 OK 32 kB URL HTTP/1.1 4.bp.blogspot.com/-7luQTc1h82k/Uv9sI4jQXKI/AAAAAAABXtk/PUbCdRDaTlk/s1600/mirror021301.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 480x640, components 3\012- data
Hash 5978db56fb63ad181776f64f54e41aa3
83696153325ba9d5390bb228df569259ec2fb73c
ff6bbd1604b6785247aa8020042c18eca27af07996a8756b71c5e5c8355b70bc
GET /-7luQTc1h82k/Uv9sI4jQXKI/AAAAAAABXtk/PUbCdRDaTlk/s1600/mirror021301.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15edb"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mirror021301.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 32297
X-XSS-Protection: 0
1.bp.blogspot.com/-CO1Qtr-3Egk/Uv9siptABLI/AAAAAAABXt4/hPz15hdM6GM/s1600/gga021503.jpg
142.250.74.161200 OK 37 kB URL HTTP/1.1 1.bp.blogspot.com/-CO1Qtr-3Egk/Uv9siptABLI/AAAAAAABXt4/hPz15hdM6GM/s1600/gga021503.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 398x750, components 3\012- data
Hash 2a8f3ed3a4470ed7ce05ff5c34e3119f
b9329a56e7d8d02c799270ae888a3ad8996a0319
4166b96833018695583e8b0b1db39a16f9d75bc2f9ca7b72543956af90e6c67d
GET /-CO1Qtr-3Egk/Uv9siptABLI/AAAAAAABXt4/hPz15hdM6GM/s1600/gga021503.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ee0"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gga021503.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 36845
X-XSS-Protection: 0
2.bp.blogspot.com/-oYIuk5u6u58/Uv9s2TaKtVI/AAAAAAABXuo/yO69lDo05WI/s1600/yes021503.jpg
142.250.74.161200 OK 186 kB URL HTTP/1.1 2.bp.blogspot.com/-oYIuk5u6u58/Uv9s2TaKtVI/AAAAAAABXuo/yO69lDo05WI/s1600/yes021503.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 1024x1536, components 3\012- data
Size 186 kB (185971 bytes)
Hash 782ed525b1ba24400c27ba6155f89e50
ecb62584c86c201f288a5f8eadb8952787200422
aa49aa705cdc7ef13156ba1a274c926f37fd27ccc288af72ef615ebd4ee4ca9d
GET /-oYIuk5u6u58/Uv9s2TaKtVI/AAAAAAABXuo/yO69lDo05WI/s1600/yes021503.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15eee"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="yes021503.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 185971
X-XSS-Protection: 0
1.bp.blogspot.com/-twlv5N87Evc/Uv9sir703yI/AAAAAAABXt8/MAIfxfQKCB4/s1600/gga021502.jpg
142.250.74.161200 OK 60 kB URL HTTP/1.1 1.bp.blogspot.com/-twlv5N87Evc/Uv9sir703yI/AAAAAAABXt8/MAIfxfQKCB4/s1600/gga021502.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 500x750, components 3\012- data
Hash 45d2178297ba41dd5c21dcd27faed106
f7cf32fdc7de8f0db3ca6ca0523ca06b23d5cfc1
638d8af833b6b260048429c08499763ebc37111dadcb1accc93b8c323d25f1f7
GET /-twlv5N87Evc/Uv9sir703yI/AAAAAAABXt8/MAIfxfQKCB4/s1600/gga021502.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v15ee2"
Expires: Mon, 05 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gga021502.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 19:46:59 GMT
Server: fife
Content-Length: 59833
X-XSS-Protection: 0
www.gaydemon.com/
172.67.70.244200 OK 8.7 kB IP 172.67.70.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1657)
Hash 3a4b99c68c49b5894835f0c76e47357f
f193d332c45d1035f9833d12f32550d64ebde5b5
35823e3847be479d0003c86d2263815748cfadeb14757bca0f75dd630ca11f33
GET / HTTP/1.1
Host: www.gaydemon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rainbowcoloredsouth.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:46:58 GMT
content-type: text/html
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE26Fnq9nuHdbby1d%2FNhKWIV%2Fq9wsVGmVpqALooB1pI1HUVLDJFBgKicWqFR85SXYp%2Fr1ccjB25arM9tKgVRSYH3iAF2J0jfbak3Sswji8K%2FQn7tOuf%2F%2BH1LNAUQKrkgjmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74593bfb58d3b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5151
Expires: Sun, 04 Sep 2022 21:12:50 GMT
Date: Sun, 04 Sep 2022 19:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8355
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8355
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8355
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:46:59 GMT
Connection: keep-alive
www.gaydemon.com/banners/wired.jpg
172.67.70.244301 Moved Permanently 5.9 kB URL HTTP/2 www.gaydemon.com/banners/wired.jpg
IP 172.67.70.244:0
Hash e5725991e852839d123df9d6cb90ac5c
99967a5ff351033f5d9c190147fd75c8172cca26
2a815d246b95a8fc1fac3dd994d8c6af4fa7ffe19fb0d4a26c08bb9be06d18a3
GET /banners/wired.jpg HTTP/1.1
Host: www.gaydemon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rainbowcoloredsouth.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 04 Sep 2022 19:46:58 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.gaydemon.com/assets/banners/wired.jpg
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsJdRiUAAkljNBuicOMqmiJyrRBfEdr06TjaDReBXMoqkgbCFi0sg8bUs7DjIJaZZpQqdLGYsvTAcWcGd1zgZsN0gy8KxynHuqqPuA2nb0su3H3ID3NzthDdULRYDMt%2Bsf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74593bfb58d2b511-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:58:42 GMT
age: 78497
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cdd0826b7d8be62cc2ed532e04e137b
383a0661fa09d9b48745b507389d0505303b6182
f2d04cf1ee9b5a885c246060c1036b21af4ecd3e51e5d05a529dbe0d63f7c2ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10713
x-amzn-requestid: d546a12c-c549-4ad3-80ad-6bad452927d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5winGzHIAMFTPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7aa-2060c6611eb4abb777cc17a8;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FRD_E3IP_SmjPQuoVEijMnLszBb5bhc_1PxJXOlmdyufLKzx33joTw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:48:07 GMT
age: 79132
etag: "383a0661fa09d9b48745b507389d0505303b6182"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bdfdf7e36f78f2f0e4d7ede9fdb76a8
babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:26 GMT
age: 78933
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: e408351e-ba6c-4e55-815d-449af808282f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5yMEFBLoAMFtqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313ca4d-13831d8572a3b3cf54a0e747;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:42:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GFM9jerDkTPdhlUTm99E7Lpksw2ZGnV81bNVaZLvWSAiRNDNtkZi4g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:48:07 GMT
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
age: 79132
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc4ceb10dd9fcaab21ae58dcf10c401f
6ce530af682094dc5413db9de02565691fab4da7
84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sywGj-wLtW091vZYhx1AbRAgljYQWe6LuffDjwTDhEebqVzxpQuzEQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:58 GMT
age: 57481
etag: "6ce530af682094dc5413db9de02565691fab4da7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1278db78948279716d72ac203ad8fb0d
1746b9863b781ed9a0c26a126b9b80d36c903974
8d9e31a35490bc2ebef4c4c2152c89b62491c0cdfc31ec0594bc21fd2e9f43f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/css/maia.css
142.250.74.164200 OK 12 kB URL HTTP/2 www.google.com/css/maia.css
IP 142.250.74.164:0
File type Unicode text, UTF-8 text, with very long lines (43499), with no line terminators
Hash bbb96f1e62e3f84502664d603d4ecbfc
684db7b7626d997e41d11716107d25824f322983
fcb969338fcac7f4d33a5f51945c6756d58881b82572604863fd8c0f3b1840c7
GET /css/maia.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 12181
date: Sun, 04 Sep 2022 19:46:59 GMT
expires: Sun, 04 Sep 2022 19:46:59 GMT
cache-control: private, max-age=0
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
142.250.74.163200 OK 663 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
IP 142.250.74.163:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1660), with no line terminators
Hash d3ec4b74ea0887aeff93ed6767748dc8
95aac504eb982d2806af370586b681cdd7b8877a
303c26d0404d542bfbdd1bf05e7ae0f103a017c0f97870ef6993d0747fd88573
GET /images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 663
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 15:02:57 GMT
expires: Thu, 31 Aug 2023 15:02:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
age: 362643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16748, version 1.0\012- data
Hash 62d24b94de2fd801742f49d8c6306ba2
d4b841b136adad3051b58a66692f7c5942cf6deb
1b2f88142c19df560f487368810bba2d41c5d6948df584abaa2e0091c0b2245b
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:54:18 GMT
expires: Tue, 29 Aug 2023 18:54:18 GMT
cache-control: public, max-age=31536000
age: 521562
last-modified: Mon, 15 Aug 2022 18:14:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 346372
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/og/_/js/k=og.qtm.en_US.QnZ9a8JiZMA.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTvADb2b3YOT1HIT9E5uZMXxL-ZvJg
142.250.74.163200 OK 49 kB URL HTTP/2 www.gstatic.com/og/_/js/k=og.qtm.en_US.QnZ9a8JiZMA.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTvADb2b3YOT1HIT9E5uZMXxL-ZvJg
IP 142.250.74.163:0
File type ASCII text, with very long lines (536)
Hash 44d492f8fbf870dbead343fb9c5da251
1a433307bb94dab712fa3bf7d7aea84694d5d16a
6553c039bd47bfeffeb35d0172f4b2d149d305d17c41bbcd24583d4dc605fafe
GET /og/_/js/k=og.qtm.en_US.QnZ9a8JiZMA.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTvADb2b3YOT1HIT9E5uZMXxL-ZvJg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 48935
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:06:28 GMT
expires: Thu, 31 Aug 2023 05:06:28 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 28 Aug 2022 01:32:41 GMT
content-type: text/javascript; charset=UTF-8
age: 398432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/og/_/ss/k=og.qtm.5AeNPxk4iCc.L.F4.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTtFBAGeIxafD9zz9aeFh9Eq4bAnvw
142.250.74.163200 OK 307 B URL HTTP/2 www.gstatic.com/og/_/ss/k=og.qtm.5AeNPxk4iCc.L.F4.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTtFBAGeIxafD9zz9aeFh9Eq4bAnvw
IP 142.250.74.163:0
File type ASCII text, with very long lines (452), with no line terminators
Hash 2777f95ca1bc48d1ff75cc2a959df913
b26a0c763346fc783c77e2fa9092bbb20efc7ebe
dfbbc6cfa66a2027486bccd0f0c2e7f85cc5f81c872ff0e4402aade7288ec09b
GET /og/_/ss/k=og.qtm.5AeNPxk4iCc.L.F4.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTtFBAGeIxafD9zz9aeFh9Eq4bAnvw HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 307
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:01:40 GMT
expires: Thu, 31 Aug 2023 05:01:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 01:32:52 GMT
content-type: text/css; charset=UTF-8
age: 398720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
45.33.18.44200 OK 157 B URL HTTP/1.1 cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
IP 45.33.18.44:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sun, 04 Sep 2022 19:47:00 GMT
content-type: application/javascript
content-length: 157
last-modified: Wed, 07 Mar 2018 18:30:37 GMT
etag: "5aa02fcd-9d"
accept-ranges: bytes
connection: close
cdn.widgetserver.com/
45.79.19.196200 OK 7.2 kB IP 45.79.19.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (343)
Hash 97a1a5b5c0db9ae15541590a9b0bf5d4
197e0aef11c866c0d709c85dd46462f5d99e52e7
9edbd03c221a471ecfe5f5a6eef14db40bd2a74927c7d64fe7ccfdafd5bd416b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowcoloredsouth.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sun, 04 Sep 2022 19:47:00 GMT
content-type: text/html; charset=utf-8
content-length: 7202
vary: Accept-Language
content-language: en
connection: close
cdn.widgetserver.com/favicon.ico
45.79.19.196200 OK 43 B URL HTTP/1.1 cdn.widgetserver.com/favicon.ico
IP 45.79.19.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /favicon.ico HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sun, 04 Sep 2022 19:47:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close
cdn.widgetserver.com/mtm/async/.eJxdjcsOwiAQRf-FZSXgUmv8FkPpFEiAwWH6SIz_LhhX7s595b7ESkGMQgspDLnasBHBAgTUhGcuo9ZkQp5wtxiRYK64sldTRFcLsrKY-txj5Uc2CdrMzlntYXbAFWgD6p3-YC0UbjnDwdpzitKUEoM1HDDrozun499N8fa8n9VVhmQcaLOF5Yc7TEUOevjmF_H-ALxBR3s:1oUva8:e349b5MkUZ9JdxqE2J2nh5N26b4/1/0
45.79.19.196200 OK 252 B URL HTTP/1.1 cdn.widgetserver.com/mtm/async/.eJxdjcsOwiAQRf-FZSXgUmv8FkPpFEiAwWH6SIz_LhhX7s595b7ESkGMQgspDLnasBHBAgTUhGcuo9ZkQp5wtxiRYK64sldTRFcLsrKY-txj5Uc2CdrMzlntYXbAFWgD6p3-YC0UbjnDwdpzitKUEoM1HDDrozun499N8fa8n9VVhmQcaLOF5Yc7TEUOevjmF_H-ALxBR3s:1oUva8:e349b5MkUZ9JdxqE2J2nh5N26b4/1/0
IP 45.79.19.196:0
File type ASCII text, with no line terminators
Hash dc69d4fd2965044fd085590cd3eaa2d2
a313a9808aa1e804276eb7694c67c4b43c538d9b
d984800468f1ef6058939b418df4f7eb790b51554585f2198047e2aa0393007f
Analyzer Verdict Alert fortinet Malware
GET /mtm/async/.eJxdjcsOwiAQRf-FZSXgUmv8FkPpFEiAwWH6SIz_LhhX7s595b7ESkGMQgspDLnasBHBAgTUhGcuo9ZkQp5wtxiRYK64sldTRFcLsrKY-txj5Uc2CdrMzlntYXbAFWgD6p3-YC0UbjnDwdpzitKUEoM1HDDrozun499N8fa8n9VVhmQcaLOF5Yc7TEUOevjmF_H-ALxBR3s:1oUva8:e349b5MkUZ9JdxqE2J2nh5N26b4/1/0 HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cdn.widgetserver.com/
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sun, 04 Sep 2022 19:47:01 GMT
content-type: text/html; charset=utf-8
content-length: 252
x-mtm-path: 4
x-mtm-prov: 70:0.00;1:6.50
x-mtm-rd: 0.57
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ3aWRnZXRzZXJ2ZXIuY29tIiwiaHR0cDovL3d3dzEud2lkZ2V0c2VydmVyLmNvbS8_dG09MSZzdWJpZDQ9MTY2MjMyMDgyMC4wMTQ2MjcwMDAwJktXMT1FdXJvcGUlMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXMj1Ob3J3YXklMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXMz1SZWdpb25hbCUyMERlZGljYXRlZCUyMFNlcnZlcnMmS1c0PUxvY2FsJTIwRGVkaWNhdGVkJTIwU2VydmVycyZLVzU9Q3VzdG9tJTIwRGVkaWNhdGVkJTIwU2VydmVycyZzZWFyY2hib3g9MCZiYWNrZmlsbD0wIiwxLCIyMDIyLTA5LTA0IDE5OjQ3OjAxIiwxLCIxNjYyMzIwODIwLjAxNDYyNzAwMDAiLDEsbnVsbCxudWxsXQ:1oUva9:9cV6siw2tWyVEfbnNnxzWlpJmpg; expires=Sun, 04-Sep-2022 20:47:01 GMT; Max-Age=3600; Path=/
connection: close
www1.widgetserver.com/?tm=1&subid4=1662320820.0146270000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Regional%20Dedicated%20Servers&KW4=Local%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
75.2.73.197200 OK 653 B URL HTTP/1.1 www1.widgetserver.com/?tm=1&subid4=1662320820.0146270000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Regional%20Dedicated%20Servers&KW4=Local%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP 75.2.73.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 22684fb088a7ccad3731f41fdf187c32
572fe3fd41389428e676970ab541981d3c05eff8
74e4b2b1682f21dea69d94f2d9e12af6b6ea220d002c87fb4afef7c403fa1cd7
GET /?tm=1&subid4=1662320820.0146270000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Regional%20Dedicated%20Servers&KW4=Local%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:47:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
143.204.42.83200 OK 343 B URL HTTP/1.1 d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
IP 143.204.42.83:0
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sun, 04 Sep 2022 06:34:46 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gG_l0ZEEUsjv00rABiWi67xJww0qO6FESelzJx0ji1UzIVd2Or-0CA==
Age: 47535
d1lxhc4jvstzrp.cloudfront.net/themes/assets/zeropark.css
143.204.42.83200 OK 208 B URL HTTP/1.1 d1lxhc4jvstzrp.cloudfront.net/themes/assets/zeropark.css
IP 143.204.42.83:0
Hash be223301cce69116e7a473d42a863379
928aee49e0ddcbee8c410cdbd80d94820a6cafab
d7a8d561985ea3bb5e9433926fd9c103d4e6c041c19fa4c1dcaa2c0949be74d7
GET /themes/assets/zeropark.css HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sun, 04 Sep 2022 01:49:24 GMT
Last-Modified: Tue, 25 Jan 2022 08:25:52 GMT
Content-Encoding: gzip
ETag: W/"61efb410-157"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P6AhPqg1qt4Gu94bPHEewrssspKyH-8adPxyNtKt47zQ3BIa2AmN9A==
Age: 64657
www1.widgetserver.com/favicon.ico
75.2.73.197200 OK 0 B URL HTTP/1.1 www1.widgetserver.com/favicon.ico
IP 75.2.73.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1662320820.0146270000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Regional%20Dedicated%20Servers&KW4=Local%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:47:02 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash d4c3ebece316085bd81c0349767b69db
0945267e858ea48c78f49bafcaad3a04a695dd71
c06f1aa0a71bff77c1e18d12407394a4c8baecf5193febb4528873768e46b0a9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:47:02 GMT
Last-Modified: Sun, 04 Sep 2022 18:22:14 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M56WUIpYvVJ2GqW1G0xtgdLnjwcl8tyIvHF5nN3HOYLnPCyz02Bhsg==
Age: 5088
brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
52.22.203.247200 OK 11 kB URL HTTP/2 brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP 52.22.203.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1958)
Hash a164b56b70cf08ab73d42d163b6cda7a
0b5b6455ed36e59e6dc09a8f2514bbf0c2fac92d
826e49d60da2d0a3312160e7b3e8c3808ec6391ef23170fc38f435a91b5eb498
GET /lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:47:02 GMT
content-type: text/html;charset=UTF-8
content-length: 10847
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brigi-jar.com/style.css
52.22.203.247200 OK 6.0 kB IP 52.22.203.247:0
Hash 2eb024ad11ef5f2e503bfb60117c25d8
235b5ca1205cc2ca3d0b8e4f98ce022512b05c0f
d8efc1d8e1100baf07f4105119fde6f8fe760a9efebf189adc5d9b3dfccc9e0a
GET /style.css HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:47:02 GMT
content-type: text/css
content-length: 5981
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 24 Aug 2022 13:14:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
brigi-jar.com/main.js
52.22.203.247200 OK 480 B IP 52.22.203.247:0
Hash 91558066fecbfc1f6f77842f6aa85a6c
6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e
efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed
GET /main.js HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:47:02 GMT
content-type: application/javascript
content-length: 480
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 24 Aug 2022 13:14:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:47:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 8.1 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash f8c6371ab9f308ea72a38a1eb2dd4257
85a4d268e174d09ed4ec362a8f90e9c708b5a2f0
1fea8a4fe05aac8b9de152e1ed3339db52e94dfeaf5554f052d8f481561ff45b
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://brigi-jar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:32:09 GMT
expires: Thu, 31 Aug 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 346493
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
brigi-jar.com/empty.gif
52.22.203.247200 OK 309 B IP 52.22.203.247:0
File type gzip compressed data, max compression\012- data
Hash 44f9d6e11ab6e9b704deacbd1e8579fd
ccab42cd4e742fda14d5996bb71fcd77e6f227e4
018635657037e23fa8fe991fa25adf6b954534aee58b08b0f970350f2725537a
GET /empty.gif HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:47:02 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 24 Aug 2022 13:14:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 3e0a958e02721a9a375641b0dd64f84a
0c6c14ae93063a3d6e1d30811d3231e5e6c049c2
3377e91bef517ff1f41d11ca76c67160c29a462768cac29747bfa4908632a1d6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:47:02 GMT
Last-Modified: Sun, 04 Sep 2022 18:21:11 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oBKRnUxmrNTON7jyEVVl8XVpmeUVIePU5dTu9El5Cz19Zc0Vsorxbw==
Age: 5152
fonts.googleapis.com/css?family=Poppins:300
142.250.74.10200 OK 25 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300
IP 142.250.74.10:0
Hash cbbb56351dafbec7519560f8d7e03472
0048b210cadeae245865c283e7c3807beb9019b5
56b19324b216958a156d27adc2b86f2fea628c273f4f6c213b608e5a2a1088c4
GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Sep 2022 19:47:02 GMT
date: Sun, 04 Sep 2022 19:47:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www1.widgetserver.com/?tm=1&subid4=1662320820.0146270000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Regional%20Dedicated%20Servers&KW4=Local%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
75.2.73.197200 OK 653 B URL HTTP/1.1 www1.widgetserver.com/?tm=1&subid4=1662320820.0146270000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Regional%20Dedicated%20Servers&KW4=Local%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP 75.2.73.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 22684fb088a7ccad3731f41fdf187c32
572fe3fd41389428e676970ab541981d3c05eff8
74e4b2b1682f21dea69d94f2d9e12af6b6ea220d002c87fb4afef7c403fa1cd7
GET /?tm=1&subid4=1662320820.0146270000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Regional%20Dedicated%20Servers&KW4=Local%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:47:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
52.22.203.247200 OK 11 kB URL HTTP/2 brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP 52.22.203.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1958)
Hash f98a44d786193fef50559a9cb77ef7a7
d685a190de7696dd4769d2e0fde9b47754315b60
c3a00c47458d2dd7d39eee81705816c49ea5bfcc494cb5c17a989c7c74a83daa
GET /lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:47:03 GMT
content-type: text/html;charset=UTF-8
content-length: 10847
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300
IP 142.250.74.10:0
GET /css?family=Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Sep 2022 19:46:59 GMT
date: Sun, 04 Sep 2022 19:46:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
IP 142.250.74.10:0
GET /css?lang=no&family=Product+Sans|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Sep 2022 19:47:00 GMT
date: Sun, 04 Sep 2022 19:47:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2