r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Wed, 01 Feb 2023 10:54:35 GMT
Date: Wed, 01 Feb 2023 10:11:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9831
Expires: Wed, 01 Feb 2023 12:55:37 GMT
Date: Wed, 01 Feb 2023 10:11:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 09:36:01 GMT
content-type: application/json
age: 2145
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5662
Expires: Wed, 01 Feb 2023 11:46:08 GMT
Date: Wed, 01 Feb 2023 10:11:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: It4xmz26jgU20/J1QGb+P1LXWGKyH6yWMA0/HMQk2RGIw36woA6DgLnKn2xr8p3tvkpzIAN+y9I=
x-amz-request-id: HKQC2T07931VBTZ5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 09:22:36 GMT
age: 2950
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:11:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 09:41:42 GMT
age: 1804
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
jena-malone-fakes-news.blogspot.com/search/label/martyn%20lenoble
172.217.21.161200 OK 15 kB URL HTTP/1.1 jena-malone-fakes-news.blogspot.com/search/label/martyn%20lenoble
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11861)
Hash a60ae4e2f41864856f5eb819273ebd68
911a6fa230cfaedb0c59cea994f79914743ef54c
633133d1d4682c286c515b7dd6505b5ec93983a63bdfa039340448e1c54b51e3
Analyzer Verdict Alert fortinet Malware
GET /search/label/martyn%20lenoble HTTP/1.1
Host: jena-malone-fakes-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 01 Feb 2023 10:11:46 GMT
Date: Wed, 01 Feb 2023 10:11:46 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 28 Jan 2023 12:27:29 GMT
ETag: W/"f4310da98fb7e8f936a555d4da1b7e20690788bc60d04bd12f04682f8694c13e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15138
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Wed, 01 Feb 2023 11:02:41 GMT
Date: Wed, 01 Feb 2023 10:11:46 GMT
Connection: keep-alive
jena-malone-fakes-news.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 jena-malone-fakes-news.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: jena-malone-fakes-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/search/label/martyn%20lenoble
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Wed, 01 Feb 2023 10:11:46 GMT
Expires: Wed, 08 Feb 2023 10:11:46 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 01 Feb 2023 08:40:27 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdbf000f99c93d77c5169461da113540
a04cfd05dbda17eba5660db0fcdeeef482af339a
152308cc51f2263be54334999586abda3f7c0652abe171ecbc8839b1cc578a29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f0291a1faf02a3c9ba4bed27ef49d2f0
986d5dec070099caf0cb89921c6b463b46ddc5e6
14a26688dcdc5c56e77d621c17ccabe6901173fbb0551af466f57a062f461e38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f0291a1faf02a3c9ba4bed27ef49d2f0
986d5dec070099caf0cb89921c6b463b46ddc5e6
14a26688dcdc5c56e77d621c17ccabe6901173fbb0551af466f57a062f461e38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 03:27:21 GMT
expires: Fri, 26 Jan 2024 03:27:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 25 Jan 2023 14:53:31 GMT
content-type: text/css
age: 542666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Wed, 01 Feb 2023 10:11:47 GMT
expires: Wed, 01 Feb 2023 10:11:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
elliotandisabel.files.wordpress.com/2011/08/0911-vo-well93-01_162109695409.jpg
192.0.72.28301 Moved Permanently 162 B URL HTTP/1.1 elliotandisabel.files.wordpress.com/2011/08/0911-vo-well93-01_162109695409.jpg
IP 192.0.72.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2011/08/0911-vo-well93-01_162109695409.jpg HTTP/1.1
Host: elliotandisabel.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 10:11:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://elliotandisabel.files.wordpress.com/2011/08/0911-vo-well93-01_162109695409.jpg
rarelittlebird.files.wordpress.com/2011/02/brigitte-bardot-1019x1410-179kb-media-635-media-134409-1206088502.jpg
192.0.72.23301 Moved Permanently 162 B URL HTTP/1.1 rarelittlebird.files.wordpress.com/2011/02/brigitte-bardot-1019x1410-179kb-media-635-media-134409-1206088502.jpg
IP 192.0.72.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2011/02/brigitte-bardot-1019x1410-179kb-media-635-media-134409-1206088502.jpg HTTP/1.1
Host: rarelittlebird.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 10:11:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://rarelittlebird.files.wordpress.com/2011/02/brigitte-bardot-1019x1410-179kb-media-635-media-134409-1206088502.jpg
www.blogger.com/static/v1/widgets/2045757162-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2045757162-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash edbc7ab2d53c09471714144789724544
ba36fe6362dccb6bcf542726920a97acde555dec
525408a1919e4cc7ef36c85e43c2dbdbf323aac64299cc06caaf982ca56e4ddc
GET /static/v1/widgets/2045757162-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 02:36:28 GMT
expires: Tue, 30 Jan 2024 02:36:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 01:50:10 GMT
content-type: text/javascript
age: 200119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
reploulang.files.wordpress.com/2010/05/haines_head.jpg
192.0.72.21301 Moved Permanently 162 B URL HTTP/1.1 reploulang.files.wordpress.com/2010/05/haines_head.jpg
IP 192.0.72.21:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2010/05/haines_head.jpg HTTP/1.1
Host: reploulang.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 10:11:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://reploulang.files.wordpress.com/2010/05/haines_head.jpg
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:0
File type ASCII text, with very long lines (1448)
Hash 62f98a42acaa85f40e228f65e5ee2361
a41c1755a6a2708340b74638f11ebdeed8e977db
54acbd2f18406888cbe8ee3fc76b512081c7c1c0102a4b1f7eef6cd11fc60f15
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60741
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:43:22 GMT
expires: Sat, 27 Jan 2024 18:43:22 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
age: 401305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/img/share_buttons_20_3.png
216.58.207.233200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 216.58.207.233:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 01:14:40 GMT
expires: Sun, 05 Feb 2023 01:14:40 GMT
cache-control: public, max-age=604800
last-modified: Sat, 28 Jan 2023 22:53:08 GMT
content-type: image/png
age: 291427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f0291a1faf02a3c9ba4bed27ef49d2f0
986d5dec070099caf0cb89921c6b463b46ddc5e6
14a26688dcdc5c56e77d621c17ccabe6901173fbb0551af466f57a062f461e38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.98200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.98:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 09:56:41 GMT
Expires: Wed, 15 Feb 2023 09:56:41 GMT
Cache-Control: public, max-age=1209600
Age: 906
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f0291a1faf02a3c9ba4bed27ef49d2f0
986d5dec070099caf0cb89921c6b463b46ddc5e6
14a26688dcdc5c56e77d621c17ccabe6901173fbb0551af466f57a062f461e38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mymovies.ge/posters/b5c/4bc95a55017a3c57fe028b5c/mystery-of-the-maya-original.jpg
185.53.178.10400 Bad Request 20 B URL HTTP/1.1 cdn.mymovies.ge/posters/b5c/4bc95a55017a3c57fe028b5c/mystery-of-the-maya-original.jpg
IP 185.53.178.10:0
File type ASCII text, with no line terminators
Hash 64b3d0bcb16e406cdd665ec49fefb7f1
8da5d8ac9123e50bbd4293b111f6f640f864256b
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
GET /posters/b5c/4bc95a55017a3c57fe028b5c/mystery-of-the-maya-original.jpg HTTP/1.1
Host: cdn.mymovies.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 400 Bad Request
Server: nginx
Date: Wed, 01 Feb 2023 10:11:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Blocked: 11015.10
4.bp.blogspot.com/-lm7iv6LuIJ0/TfBRETbS78I/AAAAAAAAAv4/DvIJXLg6VwY/s1600/Planet%25252BPit%25252Bdeluxe%25252Balbum%25252Bcover.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 4.bp.blogspot.com/-lm7iv6LuIJ0/TfBRETbS78I/AAAAAAAAAv4/DvIJXLg6VwY/s1600/Planet%25252BPit%25252Bdeluxe%25252Balbum%25252Bcover.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-lm7iv6LuIJ0/TfBRETbS78I/AAAAAAAAAv4/DvIJXLg6VwY/s1600/Planet%25252BPit%25252Bdeluxe%25252Balbum%25252Bcover.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 01 Feb 2023 10:11:47 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//jena-malone-fakes-news.blogspot.com/search/label/martyn%2520lenoble&ref=&l=celebrity
81.17.18.196200 OK 615 B URL HTTP/1.1 lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//jena-malone-fakes-news.blogspot.com/search/label/martyn%2520lenoble&ref=&l=celebrity
IP 81.17.18.196:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (615), with no line terminators
Hash 7dd91cbd1d1e18d2323637c56e14bbcd
b61409cd334abbecf1402acfbe9978c7e700a543
b971aed38770b628b77401529cad40e41112f0f990ffceefd5c9b78f9ca835d9
GET /?if=1&scr_w=1280&scr_h=1024&blog=http%3A//jena-malone-fakes-news.blogspot.com/search/label/martyn%2520lenoble&ref=&l=celebrity HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 615
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 10:11:46 GMT
server: nginx
set-cookie: sid=d610ef0c-a218-11ed-a190-7d336948bbf2; path=/; domain=.lostwebtracker.com; expires=Mon, 19 Feb 2091 13:25:54 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
52.13.249.229101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.249.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HEhC72C9PjWPEsadd2dVUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pGpBIQkW86CHX05wxmcqKLhVSK4=
www.blogger.com/img/logo-16.png
216.58.207.233200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 216.58.207.233:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 25 Jan 2023 23:18:49 GMT
Expires: Wed, 01 Feb 2023 23:18:49 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 25 Jan 2023 14:53:31 GMT
Content-Type: image/png
Age: 557578
cache.gawkerassets.com/assets/images/7/2010/11/kesha3.jpg
151.101.2.166404 Not Found 369 B URL HTTP/1.1 cache.gawkerassets.com/assets/images/7/2010/11/kesha3.jpg
IP 151.101.2.166:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 152e236b2b4087f7880fcbf5b8d72665
9755fb4d5cc0ad21c1e140499e61570c8f29bf14
2c02e3f571008b575a5f60f6a01f0dbffd4891e0e1913883ff51d7b3dc0e3ec0
GET /assets/images/7/2010/11/kesha3.jpg HTTP/1.1
Host: cache.gawkerassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 404 Not Found
Connection: keep-alive
Content-Length: 369
Content-Type: text/html; charset=utf-8
Accept-Ranges: bytes
Date: Wed, 01 Feb 2023 10:11:47 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1645-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675246307.133273,VS0,VE204
api.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
208.82.16.81301 Moved Permanently 164 B URL HTTP/1.1 api.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
IP 208.82.16.81:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0ddfe38fe52729401ec28b0c671ff9cc
168fb534ee60922a73876b99d57259cb09a5be73
639762e638bc698ac208f1a8d5f5af04901e9df719978deb315e9e6c7b817f9a
GET /files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg HTTP/1.1
Host: api.ning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 10:11:47 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://www.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
Server: Unknown
rarelittlebird.files.wordpress.com/2011/02/brigitte-bardot-1019x1410-179kb-media-635-media-134409-1206088502.jpg
192.0.72.23200 OK 180 kB URL HTTP/2 rarelittlebird.files.wordpress.com/2011/02/brigitte-bardot-1019x1410-179kb-media-635-media-134409-1206088502.jpg
IP 192.0.72.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 1019x1410, components 3\012- data
Size 180 kB (179494 bytes)
Hash b4d6d7fc162973eef23c1d061806f5ae
efa754c02f2da629f31007d8860dca3b305980fe
00a53ca00b0f985ea0b82c5a1b1ff9842177d5e6ea1161431bc13443fcc51a19
GET /2011/02/brigitte-bardot-1019x1410-179kb-media-635-media-134409-1206088502.jpg HTTP/1.1
Host: rarelittlebird.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jena-malone-fakes-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:11:47 GMT
content-type: image/jpeg
content-length: 179494
last-modified: Thu, 03 Feb 2011 21:28:22 GMT
expires: Fri, 10 Mar 2023 17:18:50 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://rarelittlebird.wordpress.com
vary: Origin
x-nc: MISS arn 23 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
lh4.ggpht.com/_neZA9UF0tFA/S23wC_WfDnI/AAAAAAAAAD4/smk9OvML7UA/Caratula%25252520frontal%25252520de%25252520Lady%25252520Gaga%25252520-%25252520The%25252520Fame.jpeg
142.250.74.161200 OK 70 kB URL HTTP/1.1 lh4.ggpht.com/_neZA9UF0tFA/S23wC_WfDnI/AAAAAAAAAD4/smk9OvML7UA/Caratula%25252520frontal%25252520de%25252520Lady%25252520Gaga%25252520-%25252520The%25252520Fame.jpeg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 512x512, components 3\012- data
Hash 63a641b94eb9ef7730babb2e9cdffe8a
0473cf0f7ac57bf5bf219e984e953f8bda07458f
899c6fca41d2128c2d470b30565bf58c3a9e5d0c24cfe2714093495bc7fa2da8
GET /_neZA9UF0tFA/S23wC_WfDnI/AAAAAAAAAD4/smk9OvML7UA/Caratula%25252520frontal%25252520de%25252520Lady%25252520Gaga%25252520-%25252520The%25252520Fame.jpeg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3e"
Expires: Thu, 02 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Caratula frontal de Lady Gaga - The Fame.jpeg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 01 Feb 2023 10:11:47 GMT
Server: fife
Content-Length: 70123
X-XSS-Protection: 0
1.bp.blogspot.com/-O-sgJuwBzmo/TcbKSMbLIJI/AAAAAAAAAng/g38Pn49a8NM/s1600/Selena-Gomez-Hot-Beauty-Selena-Gomez%2525252Bjustin-justin%252Bbieber%2525252Bjustin%252Band%252Bselena-who%252Bsays-selena%252Bgomez%252B2011%2525252Bmiley%252Bcyrus-selena%252Bgomez%252Blyrics-demi%252Blovato-selena%252Bgomez%252Bfacebook-youtube%252Bselena%252Bgomez%252B-celebrity-celebrities%2525252BSelena-Gomez%2525252Bjustin.jpg
142.250.74.161200 OK 174 kB URL HTTP/1.1 1.bp.blogspot.com/-O-sgJuwBzmo/TcbKSMbLIJI/AAAAAAAAAng/g38Pn49a8NM/s1600/Selena-Gomez-Hot-Beauty-Selena-Gomez%2525252Bjustin-justin%252Bbieber%2525252Bjustin%252Band%252Bselena-who%252Bsays-selena%252Bgomez%252B2011%2525252Bmiley%252Bcyrus-selena%252Bgomez%252Blyrics-demi%252Blovato-selena%252Bgomez%252Bfacebook-youtube%252Bselena%252Bgomez%252B-celebrity-celebrities%2525252BSelena-Gomez%2525252Bjustin.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1000, components 3\012- data
Size 174 kB (173814 bytes)
Hash dad308d582d2e163c32f15dd7c641bbe
e7059d6da0961dd235a85b83bf4167e5e910df5c
3b60c624dbf65f8d446bc5f632fe0d62da3917a49fec0a59bf18455321b44727
GET /-O-sgJuwBzmo/TcbKSMbLIJI/AAAAAAAAAng/g38Pn49a8NM/s1600/Selena-Gomez-Hot-Beauty-Selena-Gomez%2525252Bjustin-justin%252Bbieber%2525252Bjustin%252Band%252Bselena-who%252Bsays-selena%252Bgomez%252B2011%2525252Bmiley%252Bcyrus-selena%252Bgomez%252Blyrics-demi%252Blovato-selena%252Bgomez%252Bfacebook-youtube%252Bselena%252Bgomez%252B-celebrity-celebrities%2525252BSelena-Gomez%2525252Bjustin.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v278"
Expires: Thu, 02 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Selena-Gomez-Hot-Beauty-Selena-Gomez+justin-justin bieber+justin and selena-who says-selena gomez 2011+miley cyrus-selena gomez lyrics-demi lovato-selena gomez facebook-youtube selena gomez -celebrity-celebrities+Selena-Gomez+justin.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 01 Feb 2023 10:11:47 GMT
Server: fife
Content-Length: 173814
X-XSS-Protection: 0
reploulang.files.wordpress.com/2010/05/haines_head.jpg
192.0.72.21200 OK 586 kB URL HTTP/2 reploulang.files.wordpress.com/2010/05/haines_head.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D200, orientation=upper-left, xresolution=163, yresolution=171, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2008:05:21 11:14:02, GPS-Data], baseline, precision 8, 1500x2100, components 3\012- data
Size 586 kB (585743 bytes)
Hash c7811c65f4bfec271403e63c54c1fbe1
dec167e45218fae5990489f992c594323494a4d5
503b327fb5dae60e05131ef3629c5bd78e0afde72770a67168a9a587c16d7e05
GET /2010/05/haines_head.jpg HTTP/1.1
Host: reploulang.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jena-malone-fakes-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:11:47 GMT
content-type: image/jpeg
content-length: 585743
last-modified: Thu, 06 May 2010 19:28:54 GMT
expires: Sat, 25 Feb 2023 23:07:36 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://reploulang.wordpress.com
vary: Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
1.bp.blogspot.com/-JubM9Sci1kw/Td-X-3iNEyI/AAAAAAAAATQ/aSax73frHlA/s1600/glee-kurt-hummel.jpg
142.250.74.161200 OK 266 kB URL HTTP/1.1 1.bp.blogspot.com/-JubM9Sci1kw/Td-X-3iNEyI/AAAAAAAAATQ/aSax73frHlA/s1600/glee-kurt-hummel.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1200, components 3\012- data
Size 266 kB (265516 bytes)
Hash 11daa122ab247a7ff29e107c13e34378
8abd5e47b8e5cb5503544f62773ec39ef6c1d3c6
c7952857b3851df0c2771e1f5b2bade229b1b0a154210ed7172b65cbf7619166
GET /-JubM9Sci1kw/Td-X-3iNEyI/AAAAAAAAATQ/aSax73frHlA/s1600/glee-kurt-hummel.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v134"
Expires: Thu, 02 Feb 2023 10:11:47 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="glee-kurt-hummel.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 01 Feb 2023 10:11:47 GMT
Server: fife
Content-Length: 265516
X-XSS-Protection: 0
www.michaelbiehn.co.uk/graphics/gallery/advinc/advincx04.jpg
198.46.134.225404 Not Found 1.2 kB URL HTTP/1.1 www.michaelbiehn.co.uk/graphics/gallery/advinc/advincx04.jpg
IP 198.46.134.225:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /graphics/gallery/advinc/advincx04.jpg HTTP/1.1
Host: www.michaelbiehn.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 01 Feb 2023 10:11:47 GMT
server: LiteSpeed
images.wikia.com/glee/images/a/a3/BACK_vol_3.jpg
151.101.192.194200 OK 12 kB URL HTTP/1.1 images.wikia.com/glee/images/a/a3/BACK_vol_3.jpg
IP 151.101.192.194:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x157, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ede3022123e02ad5f4dfa74f2ec41b0
d261242f7a03300c41043231799942372b2f25cc
0177b9b43462226de3ad7521fa03f50f9a00117d901cc890d196e0a1257509b2
GET /glee/images/a/a3/BACK_vol_3.jpg HTTP/1.1
Host: images.wikia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 11454
content-disposition: inline; filename="BACK_vol_3.webp"; filename*=UTF-8''BACK_vol_3.webp
content-type: image/webp
etag: CMTZqqXtkuECEAI=
x-thumbnailer: Thumblr
access-control-allow-origin: *
access-control-allow-headers: Range
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 383
server: envoy
X-Cacheable: YES
Accept-Ranges: bytes
Date: Wed, 01 Feb 2023 10:11:47 GMT
Age: 0
X-Served-By: thumblr-9849d746f-kgv76, cache-wk-sjc11421-SJC, cache-bma1666-BMA
X-Cache: ORIGIN, MISS, MISS
X-Cache-Hits: ORIGIN, 0, 0
X-Timer: S1675246307.133843,VS0,VE563
Vary: Accept
www.blogger.com/dyn-css/authorization.css?targetBlogID=3149726064121069171&zx=4ae798e3-d303-4f17-9ce7-93f33b899828
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=3149726064121069171&zx=4ae798e3-d303-4f17-9ce7-93f33b899828
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=3149726064121069171&zx=4ae798e3-d303-4f17-9ce7-93f33b899828 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Feb 2023 10:11:47 GMT
last-modified: Wed, 01 Feb 2023 10:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
208.82.16.81301 Moved Permanently 169 B URL HTTP/2 www.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
IP 208.82.16.81:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd6987d71fad7058a993a9028dc40454
3ed872fa3a00837bb008ad9d201850e2ea57a79f
f0e759f444eb3a324b621f0548919424455e81441d42ea6bc6bcd2b24fce1b92
GET /files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg HTTP/1.1
Host: www.ning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jena-malone-fakes-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 01 Feb 2023 10:11:47 GMT
content-type: text/html
content-length: 169
location: https://cdn.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
server: Unknown
x-request-id: 68c98586575853b33860cad39a612633
X-Firefox-Spdy: h2
lostwebtracker.com/?blog=http%3A%2F%2Fjena-malone-fakes-news.blogspot.com%2Fsearch%2Flabel%2Fmartyn%2520lenoble&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI1MzUwNywiaWF0IjoxNjc1MjQ2MzA3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZxbjkwMGUwb2FqczBxcmszbmM4bzEiLCJuYmYiOjE2NzUyNDYzMDcsInRzIjoxNjc1MjQ2MzA3Mjc1Mzk5fQ.fbHbssefSX71uZ7VWPNUmVoGdpyZO83jSYNxbdOC-Lw&l=celebrity&ref=&scr_h=1024&scr_w=1280&sid=d610ef0c-a218-11ed-a190-7d336948bbf2
81.17.18.196302 Found 11 B URL HTTP/1.1 lostwebtracker.com/?blog=http%3A%2F%2Fjena-malone-fakes-news.blogspot.com%2Fsearch%2Flabel%2Fmartyn%2520lenoble&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI1MzUwNywiaWF0IjoxNjc1MjQ2MzA3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZxbjkwMGUwb2FqczBxcmszbmM4bzEiLCJuYmYiOjE2NzUyNDYzMDcsInRzIjoxNjc1MjQ2MzA3Mjc1Mzk5fQ.fbHbssefSX71uZ7VWPNUmVoGdpyZO83jSYNxbdOC-Lw&l=celebrity&ref=&scr_h=1024&scr_w=1280&sid=d610ef0c-a218-11ed-a190-7d336948bbf2
IP 81.17.18.196:0
ASN #51852 Private Layer INC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?blog=http%3A%2F%2Fjena-malone-fakes-news.blogspot.com%2Fsearch%2Flabel%2Fmartyn%2520lenoble&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTI1MzUwNywiaWF0IjoxNjc1MjQ2MzA3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZxbjkwMGUwb2FqczBxcmszbmM4bzEiLCJuYmYiOjE2NzUyNDYzMDcsInRzIjoxNjc1MjQ2MzA3Mjc1Mzk5fQ.fbHbssefSX71uZ7VWPNUmVoGdpyZO83jSYNxbdOC-Lw&l=celebrity&ref=&scr_h=1024&scr_w=1280&sid=d610ef0c-a218-11ed-a190-7d336948bbf2 HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//jena-malone-fakes-news.blogspot.com/search/label/martyn%2520lenoble&ref=&l=celebrity
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 01 Feb 2023 10:11:47 GMT
location: http://click-v4.celxkpdir.com/click?i=9XgHeTX40SE_0
server: nginx
set-cookie: sid=d610ef0c-a218-11ed-a190-7d336948bbf2; path=/; domain=.lostwebtracker.com; expires=Mon, 19 Feb 2091 13:25:54 GMT; max-age=2147483647; HttpOnly
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 74fb517f26359326e41f69c0c1826bd1
693f1fb0a1147db8e73c59700630c3da71b1a1ba
9fd11f32aefbb6191356ef10775629a52e420bbce09f95b363f8ef30479c37b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3149726064121069171%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://jena-malone-fakes-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3149726064121069171%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://jena-malone-fakes-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 469 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3149726064121069171%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://jena-malone-fakes-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3149726064121069171%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://jena-malone-fakes-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (514)
Hash 9a20a867aaa15cb86bdf935095699d38
1430ea4cc96936c4844a11e33447bb0fc497808b
e5ca88eeca9b5d2906959e79c86366a37a4b890176305d2b3519aa255c10202f
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3149726064121069171%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://jena-malone-fakes-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3149726064121069171%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://jena-malone-fakes-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jena-malone-fakes-news.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Feb 2023 10:11:48 GMT
location: https://www.blogger.com/followers.g?blogID=3149726064121069171&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fjena-malone-fakes-news.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-0oH-KJKqDgFfDUEhW8HB3w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 469
server: GSE
set-cookie: __Host-GAPS=1:Le2F2uYniDTHD9Us8txVUFa4fg0-vg:_P58tnhw1QDD1XES;Path=/;Expires=Fri, 31-Jan-2025 10:11:48 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
farm6.static.flickr.com/5183/5617045722_4b18691c40_o.jpg
54.230.83.83301 Moved Permanently 167 B URL HTTP/1.1 farm6.static.flickr.com/5183/5617045722_4b18691c40_o.jpg
IP 54.230.83.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /5183/5617045722_4b18691c40_o.jpg HTTP/1.1
Host: farm6.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 01 Feb 2023 10:11:48 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://farm6.static.flickr.com/5183/5617045722_4b18691c40_o.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WgjlBLa4wTA3dIgiKK04EpNeViL4sJwQ5FoQ1-TQCjuHY4TKg8IipA==
jena-malone-fakes-news.blogspot.com/favicon.ico
172.217.21.161200 OK 412 B URL HTTP/1.1 jena-malone-fakes-news.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: jena-malone-fakes-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/search/label/martyn%20lenoble
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Wed, 01 Feb 2023 10:11:48 GMT
Date: Wed, 01 Feb 2023 10:11:48 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 28 Jan 2023 12:27:29 GMT
ETag: W/"f4310da98fb7e8f936a555d4da1b7e20690788bc60d04bd12f04682f8694c13e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
click-v4.celxkpdir.com/click?i=9XgHeTX40SE_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.celxkpdir.com/click?i=9XgHeTX40SE_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=9XgHeTX40SE_0 HTTP/1.1
Host: click-v4.celxkpdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lostwebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://uuid-a.akamaihd.net/sb/?r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2536
Expires: Wed, 01 Feb 2023 10:54:04 GMT
Date: Wed, 01 Feb 2023 10:11:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2536
Expires: Wed, 01 Feb 2023 10:54:04 GMT
Date: Wed, 01 Feb 2023 10:11:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2536
Expires: Wed, 01 Feb 2023 10:54:04 GMT
Date: Wed, 01 Feb 2023 10:11:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 10:37:05 GMT
age: 84883
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 27710
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2189ff7eee65e0fde9be79c994b1d1e
c82caabf73415755643b9ab874364162e798f58c
f0d08ab954f728a73a30d22c874019789d55b64a6160d5dafe4d08249f2e9ed4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6773
x-amzn-requestid: b3b6b388-dd50-4a4d-83e0-219b0d285f4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foee_GcdoAMFRWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac6-286883827020ff9a1412030c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 59jJ-7FGO_UqZi7pUGx6h9imXp1a5bOeAbKFkDQBC91qQ2lnyyl11w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "c82caabf73415755643b9ab874364162e798f58c"
content-type: image/jpeg
age: 35926
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 44969
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4354120b504a8b1d1c3f4e206eb4611
ba854dec74347525b20dbf3b4e5c13876d56aa1c
bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XGTtVMp42cyJ-Xmh0D-ECG50tJe_AZWIir602PjdJ1CwsAygJpbJyA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:00:34 GMT
age: 22274
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 75373
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uuid-a.akamaihd.net/sb/?r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D
23.36.76.130302 Moved Temporarily 154 B URL HTTP/1.1 uuid-a.akamaihd.net/sb/?r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D
IP 23.36.76.130:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /sb/?r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D HTTP/1.1
Host: uuid-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lostwebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiNetStorage
Content-Length: 154
Content-Type: text/html
Location: /sb/?cc=1&r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D
Set-Cookie: b53eedc13__=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648.1675246308; expires=Thu, 01 Feb 2024 10:11:48 GMT; domain=.akamaihd.net; path=/; HttpOnly; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
P3P: CP="We do not have a P3P policy."
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ETag: "6558d9a5dda24e8cad3ddca92e03b4c6:1666638465.144293"
Expires: Wed, 01 Feb 2023 10:11:48 GMT
Cache-Control: max-age=0, no-cache, no-store, private
Pragma: no-cache
Date: Wed, 01 Feb 2023 10:11:48 GMT
Connection: keep-alive
uuid-a.akamaihd.net/sb/?cc=1&r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D
23.36.76.130302 Moved Temporarily 154 B URL HTTP/1.1 uuid-a.akamaihd.net/sb/?cc=1&r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D
IP 23.36.76.130:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /sb/?cc=1&r=https%3A%2F%2Fpeech2eecha.com%2Fvclick%3Fc%3Dd634e999a21811ed9aa20242ac110003%26i%3D812%26n%3D3%26subid%3D355570%26sid%3D HTTP/1.1
Host: uuid-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lostwebtracker.com/
Connection: keep-alive
Cookie: b53eedc13__=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648.1675246308
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiNetStorage
Content-Length: 154
Content-Type: text/html
Location: https://peech2eecha.com/vclick?c=d634e999a21811ed9aa20242ac110003&i=812&n=3&subid=355570&sid=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648
Set-Cookie: b53eedc13__=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648.1675246308; expires=Thu, 01 Feb 2024 10:11:48 GMT; domain=.akamaihd.net; path=/; HttpOnly; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
P3P: CP="We do not have a P3P policy."
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ETag: "6558d9a5dda24e8cad3ddca92e03b4c6:1666638465.144293"
Expires: Wed, 01 Feb 2023 10:11:48 GMT
Cache-Control: max-age=0, no-cache, no-store, private
Pragma: no-cache
Date: Wed, 01 Feb 2023 10:11:48 GMT
Connection: keep-alive
cdn.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
205.185.216.42404 Not Found 18 B URL HTTP/1.1 cdn.ning.com/files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg
IP 205.185.216.42:0
File type ASCII text, with no line terminators
Hash 817ae1ffa9d8bb15c6edd06322e71611
2d1d4c2765a85142f33f1cc48fe83f9d97d5ca09
739e3da4d1b298800721f9456cf16ce627973250c04a518f94906cec0ff8e6c3
GET /files/tHHd7MUg7VqQPy5Ry5J1A5IV9oqXG72L9DYZVyTg0TBcWLIG0E6x2rb2Q-HpTCch3yEl2bRjF9G5zQxk3sAi*uOg6Bq4NEjz/AlexanderRybak009.jpg HTTP/1.1
Host: cdn.ning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jena-malone-fakes-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:48 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=60
Content-Length: 18
Content-Type: text/html
X-HW: 1675246307.dop018.sk1.t,1675246308.cds202.sk1.shn,1675246308.dop018.sk1.t,1675246308.cds239.sk1.p
images4.fanpop.com/image/photos/23100000/sely-selena-gomez-and-demi-lovato-23185646-1024-768.jpg
172.67.73.155200 OK 242 kB URL HTTP/1.1 images4.fanpop.com/image/photos/23100000/sely-selena-gomez-and-demi-lovato-23185646-1024-768.jpg
IP 172.67.73.155:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2010:01:12 12:18:05], baseline, precision 8, 1024x768, components 3\012- data
Size 242 kB (241804 bytes)
Hash 0bbc58e507dd671fd9940294015d6196
03c20bb955b3e217b5211cdc6cca0c2eb38271c3
4e563378dc73e00c74b4098dc2aaf1f66f17581e56b2720732a8e335250438ab
GET /image/photos/23100000/sely-selena-gomez-and-demi-lovato-23185646-1024-768.jpg HTTP/1.1
Host: images4.fanpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:48 GMT
Content-Type: image/jpeg
Content-Length: 241804
Connection: keep-alive
Last-Modified: Sat, 25 Jun 2011 22:52:10 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FK3PTS47%2BvSZS5aglDBe9FE939QyAruLsMs1aM%2BVDcgtdUwHzfcuglZpExLNTNXBD4WKfZZ6Tes2HY2XtDM7j1f7InhEnCJnSfDgz87NF9g8anAVdlnU87JElNp9dtgNljtt6A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e7ab7d33b51b-OSL
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 571d30dae0965959c1cfbfef3abd3117
40a7e7fd4f2c227453eae480897e22f7f26bfffb
51986b406fc913f3e4e55d7ae51c64a46d2936d41840dc6671063d041c531a38
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 10:11:48 GMT
Last-Modified: Wed, 01 Feb 2023 10:06:13 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HFfQatO69d_oArw0uabOZt2HJlMpAY67MitE5dNyzLtpTdi-M58AzA==
Age: 335
farm6.static.flickr.com/5183/5617045722_4b18691c40_o.jpg
54.230.83.83200 OK 4.8 MB URL HTTP/2 farm6.static.flickr.com/5183/5617045722_4b18691c40_o.jpg
IP 54.230.83.83:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, manufacturer=Panasonic, model=DMC-TZ65, orientation=upper-left, xresolution=190, yresolution=198, resolutionunit=2, software=Ver.1.0 , datetime=2011:04:13 16:57:53], baseline, precision 8, 3648x2736, components 3\012- data
Size 4.8 MB (4836431 bytes)
Hash 786203d0815c48a41f9c3df18ae8de1d
95ff993001b625377c771cfc46b7e972b466803a
df7a4f359558e028cb5aafd38fce48fa41ee4b6bbfa054296ae831e957eb1ced
GET /5183/5617045722_4b18691c40_o.jpg HTTP/1.1
Host: farm6.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jena-malone-fakes-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4836431
date: Wed, 01 Feb 2023 10:11:48 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Thu, 01 Feb 2024 10:11:48 GMT
imagewidth: 3648
imageheight: 2736
content-md5: eGID0IFcSKQfnD3xiujeHQ==
etag: "786203d0815c48a41f9c3df18ae8de1d"
last-modified: Thu, 01 Jul 2021 11:14:26 GMT
id: 5617045722
streaming: true
origintype: D
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Deliver Awesome (#3 of 5)
x-request-id: eb4ce5d5
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=4cf206a9, e=b1cfc1fdb4a90fbd7ed7449176940c7c057c6af1
x-ttfb: 0.1869
x-ttdb-l: 14085
mib: 2
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EBpgalbnyFzgLnGpP6NiVXzppiiU5rOGhtL3ZT-D6ELC0iz4k5bF-A==
X-Firefox-Spdy: h2
peech2eecha.com/vclick?c=d634e999a21811ed9aa20242ac110003&i=812&n=3&subid=355570&sid=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648
52.200.237.189200 OK 2.3 kB URL HTTP/2 peech2eecha.com/vclick?c=d634e999a21811ed9aa20242ac110003&i=812&n=3&subid=355570&sid=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648
IP 52.200.237.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1281)
Hash d5dbd38b214bfe29d3d2af2cbb409f9c
536405460f85386a93fbba1fe2416ae908f29c27
c78c1f520e577b745275e1414ac65346c332758a9a84cf1d44b022fe5bc609f0
GET /vclick?c=d634e999a21811ed9aa20242ac110003&i=812&n=3&subid=355570&sid=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648 HTTP/1.1
Host: peech2eecha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lostwebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:11:48 GMT
content-type: text/html;charset=utf-8
content-length: 2266
p3p: CP="CUR ADM OUR NOR STA NID"
link: <peech2eecha.com>; rel=dns-prefetch,<https://peech2eecha.com>; rel=preconnect
content-security-policy: default-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self' 'unsafe-inline'; script-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self' 'unsafe-inline'; connect-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self'
x-content-security-policy: default-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self' 'unsafe-inline'; script-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self' 'unsafe-inline'; connect-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self'
x-webkit-csp: default-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self' 'unsafe-inline'; script-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self' 'unsafe-inline'; connect-src peech2eecha.com *.google.com *.gstatic.com *.akamaihd.net *.adsafeprotected.com 'self'
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-model
set-cookie: cdt=1675246308939
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
images4.fanpop.com/image/photos/17200000/Wallpaper-made-by-me-alexander-rybak-17230634-1280-1024.jpg
172.67.73.155200 OK 708 kB URL HTTP/1.1 images4.fanpop.com/image/photos/17200000/Wallpaper-made-by-me-alexander-rybak-17230634-1280-1024.jpg
IP 172.67.73.155:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x1024, components 3\012- data
Size 708 kB (707727 bytes)
Hash 957117bd452da7e6e5b88cc9f27c6f90
c27b7319009ee641f1603afdbfde0501abdb7ae5
dfd1884a11213ebab628eae5ed8b488c38831567b6bf2b0f6be4bf4225cf883b
GET /image/photos/17200000/Wallpaper-made-by-me-alexander-rybak-17230634-1280-1024.jpg HTTP/1.1
Host: images4.fanpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:48 GMT
Content-Type: image/jpeg
Content-Length: 707727
Connection: keep-alive
Last-Modified: Wed, 24 Nov 2010 20:49:04 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCRaQ%2Fq8tuT7xlRwaJnhCWV6fF2l5TzigU8OscKnEk6GY467LfSHB7DMnpqptjxFMHp7D804eicNokZ1z8IOjeEb5NKbu%2BXJHP16SYNukMv3IUJ%2BZNoq5IZjtKv0PslSqNE4Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e7ab3ca3b4f7-OSL
alt-svc: h2=":443"; ma=60
peech2eecha.com/click?c=d634e999a21811ed9aa20242ac110003&i=812&n=3&subid=355570&sid=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648&vf=1jpx79b&pv=1&clkcnt=1&vfa=1jpx79b%2Cbx44rq%2C1q11k0x%2Cjfkku7%2C1vds8ff&uid=p6cugq63jk371
52.200.237.189302 Found 0 B URL HTTP/2 peech2eecha.com/click?c=d634e999a21811ed9aa20242ac110003&i=812&n=3&subid=355570&sid=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648&vf=1jpx79b&pv=1&clkcnt=1&vfa=1jpx79b%2Cbx44rq%2C1q11k0x%2Cjfkku7%2C1vds8ff&uid=p6cugq63jk371
IP 52.200.237.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?c=d634e999a21811ed9aa20242ac110003&i=812&n=3&subid=355570&sid=c8bdb0d7452ff7535ca7698be5ae86a1a6e38b648&vf=1jpx79b&pv=1&clkcnt=1&vfa=1jpx79b%2Cbx44rq%2C1q11k0x%2Cjfkku7%2C1vds8ff&uid=p6cugq63jk371 HTTP/1.1
Host: peech2eecha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cvf=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 10:11:49 GMT
content-length: 0
location: https://qa6.org/dsoejj?check=eaf8a7542ae10447866af255734aa19c
set-cookie: tp_usr=254af5b78be311ed938d0242ac110003; Path=/; Domain=.peech2eecha.com; Expires=Fri, 03-Mar-2023 10:11:49 GMT; Max-Age=2592000; Secure; SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 185fa30e0fc84c03084e05728f771ffd
17c8ef6140efbc2af5a247b59e01add08c1c6056
55597cfa93e72aeffe3fe427fc129698c345ea208f14ac025d73b3e2f52c5163
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 642
Cache-Control: max-age=162361
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:49 GMT
Etag: "63da0f9c-118"
Expires: Fri, 03 Feb 2023 07:17:50 GMT
Last-Modified: Wed, 01 Feb 2023 07:07:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 185fa30e0fc84c03084e05728f771ffd
17c8ef6140efbc2af5a247b59e01add08c1c6056
55597cfa93e72aeffe3fe427fc129698c345ea208f14ac025d73b3e2f52c5163
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 642
Cache-Control: max-age=162361
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:49 GMT
Etag: "63da0f9c-118"
Expires: Fri, 03 Feb 2023 07:17:50 GMT
Last-Modified: Wed, 01 Feb 2023 07:07:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/?
216.58.207.228200 OK 5.9 kB IP 216.58.207.228:0
Hash 6db2ddd8c516bd48473acb4a8eabab64
aa6ccf8991601040cb5c866fc92c75eca15598d2
dd09ab7d6880070c44bd33520e9ce46aa0a4fe7d0f7bd895e16f6a8419e93fed
GET /? HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:11:49 GMT
expires: -1
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 55731
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: AEC=ARSKqsItfKpGojnLHUwpagBjPsaOMIzeBy_Pdyn4Mv4t534NlWh0_JptHNo; expires=Mon, 31-Jul-2023 10:11:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
__Secure-ENID=10.SE=OBQ7caeNNN0sAoEHes3a7FpkT8-uP-fnZS86_SvWrwwfsiFM5Rvh0eqaYgtD-YwxzOq2BMwQfhXChFRmUhEaIQkDWZmjoTE7vcoOGlkiPw4HOFU5j2JFIr2oa4ZRM_QygubbJGLGdOtoh_MmNhPIKSy5D2YLpzfHpPH_15WIehk; expires=Sun, 03-Mar-2024 02:30:07 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+821; expires=Fri, 31-Jan-2025 10:11:49 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
elliotandisabel.files.wordpress.com/2011/08/0911-vo-well93-01_162109695409.jpg
192.0.72.28403 Forbidden 0 B URL HTTP/2 elliotandisabel.files.wordpress.com/2011/08/0911-vo-well93-01_162109695409.jpg
IP 192.0.72.28:0
GET /2011/08/0911-vo-well93-01_162109695409.jpg HTTP/1.1
Host: elliotandisabel.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jena-malone-fakes-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Wed, 01 Feb 2023 10:11:47 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: private
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
a8c-edge-cache: cache
X-Firefox-Spdy: h2
www.geeksunglasses.com/wp-content/gallery/306/jennifer-aniston-tom-ford-tf08-jennifer-sunglasses.jpg
3.94.41.167404 Not Found 0 B URL HTTP/1.0 www.geeksunglasses.com/wp-content/gallery/306/jennifer-aniston-tom-ford-tf08-jennifer-sunglasses.jpg
IP 3.94.41.167:0
GET /wp-content/gallery/306/jennifer-aniston-tom-ford-tf08-jennifer-sunglasses.jpg HTTP/1.1
Host: www.geeksunglasses.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jena-malone-fakes-news.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
qa6.org/dsoejj?check=eaf8a7542ae10447866af255734aa19c
172.67.131.69302 Found 0 B URL HTTP/2 qa6.org/dsoejj?check=eaf8a7542ae10447866af255734aa19c
IP 172.67.131.69:0
GET /dsoejj?check=eaf8a7542ae10447866af255734aa19c HTTP/1.1
Host: qa6.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 10:11:49 GMT
content-type: text/html; charset=UTF-8
location: https://www.google.com?
x-powered-by: PHP/7.4.27
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VwOk34iVFKWiYf6a%2BRbrId01P4%2BbqUVro6RjPUtyVyI%2B%2FSY4LQ8Kzi8jHUS7gXgy41BvKoRMrMZQ2VHWYhi5sMLqFuVAW%2Fk5jbiy4yBqkwuyzwb491FI7w7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7929e7b8e94a1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2