r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6562
Expires: Mon, 28 Nov 2022 05:52:48 GMT
Date: Mon, 28 Nov 2022 04:03:26 GMT
Connection: keep-alive
rightway-tan.blogspot.com/search/label/office%20rents
301 Moved Permanently 201 B URL HTTP/1.1 rightway-tan.blogspot.com/search/label/office%20rents
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d696e34cfd50f4c13ca783af120ec9be
b8c54e295642f64129afe48cace5367961105412
8c3bf9ffad472338af6598ce5c664cc642ebbda946add0dcf58664b2896d6041
Analyzer Verdict Alert fortinet Phishing
GET /search/label/office%20rents HTTP/1.1
Host: rightway-tan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://rightway-tan.blogspot.com/search/label/office%20rents
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 04:03:26 GMT
Expires: Mon, 28 Nov 2022 04:03:26 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 201
Server: GSE
ocsp.digicert.com/
200 OK 471 B IP
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3711
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Last-Modified: Mon, 28 Nov 2022 03:01:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9226
Expires: Mon, 28 Nov 2022 06:37:13 GMT
Date: Mon, 28 Nov 2022 04:03:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 03:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2742
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NQSRSX6hOeYC/9zY+091OWjsoRYGlE4cktqUBgmLNqGICNtbJV80jSfaJC5lb6vYGVfRond5vCI=
x-amz-request-id: 59CSQSPBTBZ0PSDM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:41:54 GMT
age: 1293
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:03:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 03:08:55 GMT
cache-control: public,max-age=3600
age: 3272
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
rightway-tan.blogspot.com/search/label/office%20rents
200 OK 25 kB URL HTTP/2 rightway-tan.blogspot.com/search/label/office%20rents
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1495)
Hash 22bc170738838ed39e905865b3da8178
ef20600ca7f37c893f5f3628bd1758bd9d7af691
79e134865bdad581f2ce666f3fc521d642420220e76938771655a2864aa0170f
Analyzer Verdict Alert fortinet Phishing
GET /search/label/office%20rents HTTP/1.1
Host: rightway-tan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 04:03:27 GMT
date: Mon, 28 Nov 2022 04:03:27 GMT
cache-control: private, max-age=0
last-modified: Sun, 27 Nov 2022 16:25:17 GMT
etag: W/"99b32b02eb0feaf97d2d52119a170b21ba6bd9513b70fd605b44f5f315321050"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 24753
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 490
Cache-Control: max-age=105095
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:15:02 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ca9a5a187a9301acd15cc891755a13c8
1522515a371821fe1c94ce773898f2e913e03012
469bcc07c9e15d43d093697277d75eaa3199cb3f455b6fd32daaa0153f4e0f98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:12:52 GMT
expires: Wed, 22 Nov 2023 18:12:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: text/css
age: 467435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2734f94ccee461103a4c42296934948d
57af4a7dfbc298f14e47d9cf98c1a33c8f9078ae
e067ad8019cd032e033758f033c9eaa9e8dd7250a79b7c750f24cdc055a3ec87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/widgets/arrow_dropdown.gif
200 OK 141 B URL HTTP/2 resources.blogblog.com/img/widgets/arrow_dropdown.gif
IP
File type GIF image data, version 89a, 13 x 10\012- data
Hash 2964a07d60a4e76b299130fb1b4115f6
3b72dcc19f3ad685513eaba612e07e0ed495f2e1
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
GET /img/widgets/arrow_dropdown.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 19:19:11 GMT
expires: Tue, 29 Nov 2022 19:19:11 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 14:54:22 GMT
content-type: image/gif
age: 463456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6016400959227819&host=ca-host-pub-1556223355139109
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6016400959227819&host=ca-host-pub-1556223355139109
IP
File type ASCII text, with very long lines (4885)
Hash 48ef6e9734fd421e27cb0cb89da5e23b
7c8957db61aecbd09877ef9b7296d5ec2ba74722
3470ef5817b993831ef5254677309179526df6447c8d0589b7f912aac7cb387a
GET /pagead/js/adsbygoogle.js?client=ca-pub-6016400959227819&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rightway-tan.blogspot.com
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 04:03:27 GMT
expires: Mon, 28 Nov 2022 04:03:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1598915897262589141
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
content-type: image/gif
age: 479973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_email.gif
200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 15:02:17 GMT
expires: Tue, 29 Nov 2022 15:02:17 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: image/gif
age: 478871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/widgets/subscribe-yahoo.png
200 OK 580 B URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-yahoo.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash 79f602b6ac18bee79b4e2353a6674010
28accf82263aa1a11bb821439d4d185865662530
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
GET /img/widgets/subscribe-yahoo.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 12:20:26 GMT
expires: Wed, 30 Nov 2022 12:20:26 GMT
cache-control: public, max-age=604800
last-modified: Wed, 23 Nov 2022 07:50:07 GMT
content-type: image/png
age: 402182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/widgets/subscribe-netvibes.png
200 OK 1.4 kB URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-netvibes.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash c52a5f4ecb6be5d7e93b23ef4122ee4e
4e698a5f455daf3a8ea1e219b1998079f0546716
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
GET /img/widgets/subscribe-netvibes.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 04:30:11 GMT
expires: Wed, 30 Nov 2022 04:30:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 23 Nov 2022 02:52:49 GMT
content-type: image/png
age: 430397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon_feed12.png
200 OK 500 B URL HTTP/2 resources.blogblog.com/img/icon_feed12.png
IP
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 44e7355a788fd1082deff0018883758e
50e3a28a44978e85d13c30522e0c71c8d0b24675
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
GET /img/icon_feed12.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 12:43:16 GMT
expires: Tue, 29 Nov 2022 12:43:16 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 21:54:35 GMT
content-type: image/png
age: 487212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 28 Nov 2022 04:03:28 GMT
expires: Mon, 28 Nov 2022 04:03:28 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/z149vLKn9d8/hqdefault.jpg
200 OK 26 kB URL HTTP/2 i.ytimg.com/vi/z149vLKn9d8/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash e8fd315723e02c8b67da58a96d9f428a
f3b597052b3b3aeb7c7b7a832151310343c976c8
f6ad229b3d72afd3da9b50c1d92ca9caacba75815b1b1c298ab529196fa8efaf
GET /vi/z149vLKn9d8/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 25914
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 04:03:28 GMT
expires: Mon, 28 Nov 2022 06:03:28 GMT
cache-control: public, max-age=7200
etag: "1628092007"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha337XXfSwtykVRoPBUV90_VuJdD65QfNv3gKly-x4p0a3Jos4Y3OQbJCiX-422a-vP8yMcFDuj1hLaZiGe6HX_ao69ik7RR31Fw2Mi2b8Z77N57aSIVqJyNn3APHmniZYSFMVszTAo=s0-d
200 OK 3.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha337XXfSwtykVRoPBUV90_VuJdD65QfNv3gKly-x4p0a3Jos4Y3OQbJCiX-422a-vP8yMcFDuj1hLaZiGe6HX_ao69ik7RR31Fw2Mi2b8Z77N57aSIVqJyNn3APHmniZYSFMVszTAo=s0-d
IP
File type GIF image data, version 89a, 88 x 31\012- data
Hash 959f8c4a110d7f3699ac0e45d37996d1
871b6c7632c5f51c590fb8ae86ef351b8ba93048
29fcd0c1193d82531c125fed8777e89d33eb56c3e98c83e720aa469af7002e46
GET /blogger_img_proxy/ANbyha337XXfSwtykVRoPBUV90_VuJdD65QfNv3gKly-x4p0a3Jos4Y3OQbJCiX-422a-vP8yMcFDuj1hLaZiGe6HX_ao69ik7RR31Fw2Mi2b8Z77N57aSIVqJyNn3APHmniZYSFMVszTAo=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 04:03:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 3884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2p-uVXL7ZTRtDAPBZFv87sr6HO8KSLjKhZio4y2SrttPWBCnKs9zVWzbm9RVyP2u0_8oF4QP04EAIXYQCgAHG9mATMbi6LevjYKulfqGO326baAw=w72-h72-n-k-no-nu
404 Not Found 897 B URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2p-uVXL7ZTRtDAPBZFv87sr6HO8KSLjKhZio4y2SrttPWBCnKs9zVWzbm9RVyP2u0_8oF4QP04EAIXYQCgAHG9mATMbi6LevjYKulfqGO326baAw=w72-h72-n-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 38b6247d7fbd9e6dbe2ee1bf761f437b
031fee177fb116ff0b59a7ad1aa3523cb763a894
bb2eaf1cfaa13d7a434ddbe81fe806b290e16f27e27ef3c744073dd730d3e669
GET /blogger_img_proxy/ANbyha2p-uVXL7ZTRtDAPBZFv87sr6HO8KSLjKhZio4y2SrttPWBCnKs9zVWzbm9RVyP2u0_8oF4QP04EAIXYQCgAHG9mATMbi6LevjYKulfqGO326baAw=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/jpeg
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha29WAbuMpjv4RFRnARikENmMhQD2fIIv5_6k3b1YFPkNHIH1ZY3l3PZdz8dBqe6cAiRShrkeVVrteYisxGeBoLEfcVMqJxKFIEuo-CAaUG3Bc9EwzTpKGKDmQncgXB-Fq0=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha29WAbuMpjv4RFRnARikENmMhQD2fIIv5_6k3b1YFPkNHIH1ZY3l3PZdz8dBqe6cAiRShrkeVVrteYisxGeBoLEfcVMqJxKFIEuo-CAaUG3Bc9EwzTpKGKDmQncgXB-Fq0=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 1eb9572a139c83b2667b691ba3fd6b36
031c29086b347d3c54d7347c50733157a9def1d8
3f5b6465b3413d3f90700e1cc0981dda35edcf59ba3e154277bce1102ab8e6a2
GET /blogger_img_proxy/ANbyha29WAbuMpjv4RFRnARikENmMhQD2fIIv5_6k3b1YFPkNHIH1ZY3l3PZdz8dBqe6cAiRShrkeVVrteYisxGeBoLEfcVMqJxKFIEuo-CAaUG3Bc9EwzTpKGKDmQncgXB-Fq0=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 1719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2XvHHKa9aPQL_4l-NwOpLzY1toQ6130XHwwf_9RvKVKkRGEhZRJ2_Edp3tcp4oUE1hGaOxcw4s9Uogk2YBrEhQk625VdHg7ATrWj6udLrpBzldB2ng-6TKlspd0A=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2XvHHKa9aPQL_4l-NwOpLzY1toQ6130XHwwf_9RvKVKkRGEhZRJ2_Edp3tcp4oUE1hGaOxcw4s9Uogk2YBrEhQk625VdHg7ATrWj6udLrpBzldB2ng-6TKlspd0A=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 643babbb7bd36f7a207694e5a29b1701
90fad35ae50be5e0faee119f6aeda3eb9f19fe93
a15bcda34136189b511415ad3f48d4f5683b36944ab44f0a0085f8577f9b8ee9
GET /blogger_img_proxy/ANbyha2XvHHKa9aPQL_4l-NwOpLzY1toQ6130XHwwf_9RvKVKkRGEhZRJ2_Edp3tcp4oUE1hGaOxcw4s9Uogk2YBrEhQk625VdHg7ATrWj6udLrpBzldB2ng-6TKlspd0A=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 1714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 275aa34b81d45f10549ddf2f8f273cee
40599f2d88172880add027bf7d600b88db3f6c1d
7da3b8e9b55d1e101be1f62777f6fb95480fa364b3d78d0b3a304e094bf95ecb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DA3B8E9B55D1E101BE1F62777F6FB95480FA364B3D78D0B3A304E094BF95ECB"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16668
Expires: Mon, 28 Nov 2022 08:41:16 GMT
Date: Mon, 28 Nov 2022 04:03:28 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3r6hRyM6EkG2AU5j_rAO1XhpeqJtMLNCP1CgakVZwoBeyrORQx5ot67zwb-l1ry-UynJRkowbfc1tRq3MAzER-fLaSPBs9KY0Ai-TgorI53uWvlsQobB8g8Mb5MfI=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3r6hRyM6EkG2AU5j_rAO1XhpeqJtMLNCP1CgakVZwoBeyrORQx5ot67zwb-l1ry-UynJRkowbfc1tRq3MAzER-fLaSPBs9KY0Ai-TgorI53uWvlsQobB8g8Mb5MfI=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 57232ff502c0e3998d52979c6927bf34
c4501e60e4ecb2f189d34ffb8d2756a2f4b72592
fd920e26f3af9835b6f8e6ff1b810a6506719f5253d5afc73e397ffbf912c9f3
GET /blogger_img_proxy/ANbyha3r6hRyM6EkG2AU5j_rAO1XhpeqJtMLNCP1CgakVZwoBeyrORQx5ot67zwb-l1ry-UynJRkowbfc1tRq3MAzER-fLaSPBs9KY0Ai-TgorI53uWvlsQobB8g8Mb5MfI=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 1715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/blogblog/data/1kt/watermark/body_background_birds.png
200 OK 23 kB URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/body_background_birds.png
IP
File type PNG image data, 300 x 300, 2-bit colormap, non-interlaced\012- data
Hash 5cd8cda0e75b359eb8f15dc83b0c5c29
86c99fbb62aadacb3ebd3f948d345b917f65253f
0220dbf46954d4efe2e91d261dd3d40f06e6402c722cc5580129af64bddc58f9
GET /blogblog/data/1kt/watermark/body_background_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 22568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 23:49:59 GMT
expires: Tue, 29 Nov 2022 23:49:59 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 21:54:19 GMT
content-type: image/png
age: 447209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 410830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FMBxXVhLktA2cXQcsVMcEQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FvM2DA6rzlmzEqt5bqqzOdvFg7Q=
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 561685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1fcd404ddac29197a0f06ff5c0e12a21
adaf72344ee5de3f4eeaf2a828483082a1322c55
dce2a53426afd726719a114d8a299d87606b21e8f6e95ee3e641b5fa7343b312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/blogblog/data/1kt/watermark/body_overlay_birds.png
200 OK 3.5 kB URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/body_overlay_birds.png
IP
File type PNG image data, 386 x 121, 8-bit colormap, non-interlaced\012- data
Hash 031c64f442b967c59b28cdc8b03ac349
59f743959d06ced56f36b5e262c76e6cbfef9720
4bff767832f0cae6ed521f2436871dba9c4e1d036efd4889457b9e797738154a
GET /blogblog/data/1kt/watermark/body_overlay_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 3523
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:34:36 GMT
expires: Tue, 29 Nov 2022 14:34:36 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: image/png
age: 480532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/charts/loader.js
200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:48:50 GMT
expires: Mon, 28 Nov 2022 04:48:50 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/1kt/watermark/post_background_birds.png
200 OK 103 B URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/post_background_birds.png
IP
File type PNG image data, 10 x 10, 8-bit colormap, non-interlaced\012- data
Hash 7928cb1e4fb733117a1479c289f29d92
bd1bbe65951f64f44ec85910877dabd35c6dbc07
8a44923efeda7708df28a77f7e01bb10be3831d112891172950fe8c2d6b2566e
GET /blogblog/data/1kt/watermark/post_background_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 103
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:52:38 GMT
expires: Tue, 29 Nov 2022 18:52:38 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 08:51:49 GMT
content-type: image/png
age: 465050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=3843727205859859637&zx=f663a6f5-5c83-4d39-9532-851b6e7966fc
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=3843727205859859637&zx=f663a6f5-5c83-4d39-9532-851b6e7966fc
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=3843727205859859637&zx=f663a6f5-5c83-4d39-9532-851b6e7966fc HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:03:28 GMT
last-modified: Mon, 28 Nov 2022 04:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jk.revolvermaps.com/r.js
404 Not Found 202 B IP
ASN #34549 meerfarbig GmbH & Co. KG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2492f7ec93ae23151125ecffdf52af21
9a64e7e59d3161994d437a7aece39f9b32cbf7b2
a919e8c6eb303b9d327b089e20e2960cd885836cd236500371d998fa78333362
GET /r.js HTTP/1.1
Host: jk.revolvermaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 04:03:28 GMT
Server: Apache
Content-Length: 202
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.blogger.com/img/share_buttons_20_3.png
200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 19:10:58 GMT
expires: Tue, 29 Nov 2022 19:10:58 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 03:55:22 GMT
content-type: image/png
age: 463950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha20SrdvPrdUosfIx0c12S_KzyrX1aMsfDg2h5CLdN9NSUrCTkki2ddIgdOkrdzzRbdzY6tVESKd3XSPUbYTA32kmVYdGLthN06b7hi_1jid_93P=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha20SrdvPrdUosfIx0c12S_KzyrX1aMsfDg2h5CLdN9NSUrCTkki2ddIgdOkrdzzRbdzY6tVESKd3XSPUbYTA32kmVYdGLthN06b7hi_1jid_93P=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c72d8e7eb7faa3557ab84a26e8b78980
885fd595b5b4c73aa2bcfc80c66934f3a4db9541
19ea47607af2da8a65397b5396752bc9339f068f6a3117f45b1705c87d041dcb
GET /blogger_img_proxy/ANbyha20SrdvPrdUosfIx0c12S_KzyrX1aMsfDg2h5CLdN9NSUrCTkki2ddIgdOkrdzzRbdzY6tVESKd3XSPUbYTA32kmVYdGLthN06b7hi_1jid_93P=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 1700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1fcd404ddac29197a0f06ff5c0e12a21
adaf72344ee5de3f4eeaf2a828483082a1322c55
dce2a53426afd726719a114d8a299d87606b21e8f6e95ee3e641b5fa7343b312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ra.revolvermaps.com/0/0/6.js?i=0tkahjp5mwu&m=7&s=320&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
200 OK 975 B URL HTTP/1.1 ra.revolvermaps.com/0/0/6.js?i=0tkahjp5mwu&m=7&s=320&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
IP
ASN #34549 meerfarbig GmbH & Co. KG
File type ASCII text, with very long lines (1829), with no line terminators
Hash 6f2cff312815e129e65971e1f7aa0b6c
f07651ab0ae9b95ef1007782e8d1bbf0fae53f66
26a7a91762ec29a98d90e879584a0218e49e6733c98504d5c15d156f39d72446
GET /0/0/6.js?i=0tkahjp5mwu&m=7&s=320&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80 HTTP/1.1
Host: ra.revolvermaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:03:28 GMT
Server: Apache
Last-Modified: Fri, 23 Jun 2017 15:59:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
Content-Length: 975
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jk.revolvermaps.com/r.js
404 Not Found 202 B IP
ASN #34549 meerfarbig GmbH & Co. KG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2492f7ec93ae23151125ecffdf52af21
9a64e7e59d3161994d437a7aece39f9b32cbf7b2
a919e8c6eb303b9d327b089e20e2960cd885836cd236500371d998fa78333362
GET /r.js HTTP/1.1
Host: jk.revolvermaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Mon, 28 Nov 2022 04:03:28 GMT
Server: Apache
Content-Length: 202
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3r6hRyM6EkG2AU5j_rAO1XhpeqJtMLNCP1CgakVZwoBeyrORQx5ot67zwb-l1ry-UynJRkowbfc1tRq3MAzER-fLaSPBs9KY0Ai-TgorI53uWvlsQobB8g8Mb5MfI=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3r6hRyM6EkG2AU5j_rAO1XhpeqJtMLNCP1CgakVZwoBeyrORQx5ot67zwb-l1ry-UynJRkowbfc1tRq3MAzER-fLaSPBs9KY0Ai-TgorI53uWvlsQobB8g8Mb5MfI=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 57232ff502c0e3998d52979c6927bf34
c4501e60e4ecb2f189d34ffb8d2756a2f4b72592
fd920e26f3af9835b6f8e6ff1b810a6506719f5253d5afc73e397ffbf912c9f3
GET /blogger_img_proxy/ANbyha3r6hRyM6EkG2AU5j_rAO1XhpeqJtMLNCP1CgakVZwoBeyrORQx5ot67zwb-l1ry-UynJRkowbfc1tRq3MAzER-fLaSPBs9KY0Ai-TgorI53uWvlsQobB8g8Mb5MfI=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 1715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 463f202e3459fe2f41a8497ad045285d
8af5c14682cbc7db37d98455a7b84e67299dd938
2ad6cf7761c84f639372165d5940264de82f4f1152a46ec2d102e3a8fcd0e000
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 27 Nov 2022 11:45:52 GMT
expires: Sun, 11 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 58656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0yi86wBiWOndZxgYu3FeSMe9OeBXPdVoIqNPpRxhXldYZ5cWxCLGRjxvwfMKOlgtv3js8On-nxhIn_gdOL9WnqCU3_nNU-ZhQWgZGOdLHy5hMXEAu9T_O99I4bCT10SCQ_qM_Nw4hdL7eh_oy2w_RloqPlMb7_yDi-esFhfCgUuuL-XUw50gwCFlkg-8_waiTUgBrTWGXCgHTfCF5Odaxla8Zs5hxKcmg=s0-d
200 OK 15 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0yi86wBiWOndZxgYu3FeSMe9OeBXPdVoIqNPpRxhXldYZ5cWxCLGRjxvwfMKOlgtv3js8On-nxhIn_gdOL9WnqCU3_nNU-ZhQWgZGOdLHy5hMXEAu9T_O99I4bCT10SCQ_qM_Nw4hdL7eh_oy2w_RloqPlMb7_yDi-esFhfCgUuuL-XUw50gwCFlkg-8_waiTUgBrTWGXCgHTfCF5Odaxla8Zs5hxKcmg=s0-d
IP
File type PNG image data, 150 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash d49aef577ad51d8d0a7d6cbd820515fc
75fb9d5def2021eaa4ffeacedcfbb184a585ff3d
8d94985177c5e6b1c99fdcaa61138e20705200b735f1fbb5f23556c140aa34b2
GET /blogger_img_proxy/ANbyha0yi86wBiWOndZxgYu3FeSMe9OeBXPdVoIqNPpRxhXldYZ5cWxCLGRjxvwfMKOlgtv3js8On-nxhIn_gdOL9WnqCU3_nNU-ZhQWgZGOdLHy5hMXEAu9T_O99I4bCT10SCQ_qM_Nw4hdL7eh_oy2w_RloqPlMb7_yDi-esFhfCgUuuL-XUw50gwCFlkg-8_waiTUgBrTWGXCgHTfCF5Odaxla8Zs5hxKcmg=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
date: Mon, 28 Nov 2022 04:03:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate, no-transform
content-disposition: attachment;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 15124
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:50:37 GMT
expires: Mon, 28 Nov 2022 04:50:37 GMT
cache-control: public, max-age=3600
age: 771
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash eb061e7be6e5468378184f8236e07d0a
38035aed4a4f5f16b738e80852afdbdcd3c10736
ef13ab9469ee01a7bfdf7c6f11baf6e34a19d32fd11685ec8242edf6217d38f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:03:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:20:49 GMT
Expires: Mon, 05 Dec 2022 00:20:48 GMT
Etag: "38035aed4a4f5f16b738e80852afdbdcd3c10736"
Cache-Control: max-age=590839,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771036c6ae6d0b65-OSL
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
200 OK 75 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
IP
File type ASCII text, with very long lines (1613)
Hash 110765e1accf41111543c29721c78b52
3eeceb853d592a297162325f20f0420e136c875a
b5fb084ee4491e64fca48643106c0eb338212638caafdad88ff91e0d4198b589
GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 00:23:31 GMT
expires: Thu, 23 Nov 2023 00:23:31 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
age: 445197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 683becfd41bc0efcf62371ac2797c31a
2c63f27dad68cd3adad86dce9516bcce017874b6
7338ae61e676f4138ef44eb472ff0b1a3da2309bd2b85f1aa3b7ccb0be7d9a2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7338AE61E676F4138EF44EB472FF0B1A3DA2309BD2B85F1AA3B7CCB0BE7D9A2B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10408
Expires: Mon, 28 Nov 2022 06:56:56 GMT
Date: Mon, 28 Nov 2022 04:03:28 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha21HqKFZocE5MxQv5P9ijRzhd3am786C2rG-ZMMjCkQoPX9R8cgxy4tRtNPBcADQ9_3vIacRKv7Yc9O1O_sOu6PDLtMhJHBIQhJ-CN_RZ9WXBOaBw=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha21HqKFZocE5MxQv5P9ijRzhd3am786C2rG-ZMMjCkQoPX9R8cgxy4tRtNPBcADQ9_3vIacRKv7Yc9O1O_sOu6PDLtMhJHBIQhJ-CN_RZ9WXBOaBw=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 4da3cf3bf807f19160f8b83fb1b4d0d9
7ef2576daa670cc37f2aab3996d357b62ac0d417
d7ab77a7628d48984747763118a5f51f8a0e5a33ca48116b4de4ccfb3af2bc69
GET /blogger_img_proxy/ANbyha21HqKFZocE5MxQv5P9ijRzhd3am786C2rG-ZMMjCkQoPX9R8cgxy4tRtNPBcADQ9_3vIacRKv7Yc9O1O_sOu6PDLtMhJHBIQhJ-CN_RZ9WXBOaBw=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 04:03:28 GMT
server: fife
content-length: 1702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ra.revolvermaps.com/js/r.php?i=0tkahjp5mwu&l=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents&r=1669608207885
200 OK 43 B URL HTTP/1.1 ra.revolvermaps.com/js/r.php?i=0tkahjp5mwu&l=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents&r=1669608207885
IP
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /js/r.php?i=0tkahjp5mwu&l=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents&r=1669608207885 HTTP/1.1
Host: ra.revolvermaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:03:28 GMT
Server: Apache
Content-Length: 43
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ra.revolvermaps.com/js/c.php?i=0tkahjp5mwu
200 OK 43 B URL HTTP/1.1 ra.revolvermaps.com/js/c.php?i=0tkahjp5mwu
IP
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /js/c.php?i=0tkahjp5mwu HTTP/1.1
Host: ra.revolvermaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:03:28 GMT
Server: Apache
Cache-Control: max-age=900
Last-Modified: Mon, 28 Nov 2022 04:03:28 GMT
Content-Length: 43
Keep-Alive: timeout=4, max=98
Connection: Keep-Alive
Content-Type: image/gif
ra.revolvermaps.com/w/6/a/a2.php?i=0tkahjp5mwu&m=7&s=320&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
200 OK 11 kB URL HTTP/1.1 ra.revolvermaps.com/w/6/a/a2.php?i=0tkahjp5mwu&m=7&s=320&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80
IP
ASN #34549 meerfarbig GmbH & Co. KG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33263), with no line terminators
Hash ca08f4d7b4e209bac9f525afcc9106f5
e4576327b6b80efdc641305309474b274d75bf23
14c5d8a18ce983a244c851771861fcc7dd9b521f40d1a9b6fcf84fc72a713635
GET /w/6/a/a2.php?i=0tkahjp5mwu&m=7&s=320&c=e63100&cr1=ffffff&f=arial&l=0&bv=90&lx=-420&ly=420&hi=20&he=7&hc=a8ddff&rs=80 HTTP/1.1
Host: ra.revolvermaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:03:28 GMT
Server: Apache
Cache-Control: public, max-age=2592000
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=4, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
p18334.clksite.com/adServe/banners?tid=RIGHTWAYTAN_25267_1&size=26
301 Moved Permanently 178 B URL HTTP/2 p18334.clksite.com/adServe/banners?tid=RIGHTWAYTAN_25267_1&size=26
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /adServe/banners?tid=RIGHTWAYTAN_25267_1&size=26 HTTP/1.1
Host: p18334.clksite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 04:03:28 GMT
content-type: text/html
content-length: 178
location: https://beta.mybettermb.com/adServe/banners?tid=RIGHTWAYTAN_25267_1&size=26
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=rightway-tan.blogspot.com&callback=_gfp_s_&client=ca-pub-6016400959227819&gpid_exp=1
200 OK 255 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=rightway-tan.blogspot.com&callback=_gfp_s_&client=ca-pub-6016400959227819&gpid_exp=1
IP
File type ASCII text, with very long lines (391), with no line terminators
Hash c5492703dba82665b4029efe62a4c7d0
bc7d13ca3a07ac549ccbf5b4898bd5964b49f96a
8da761a867960f55808fc29eeff345f3139e8517f8c5eab720dc194280cf1ee2
GET /gampad/cookie.js?domain=rightway-tan.blogspot.com&callback=_gfp_s_&client=ca-pub-6016400959227819&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 04:03:28 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=rightway-tan.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=rightway-tan.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=rightway-tan.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 04:03:28 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
feeds.feedburner.com/blogspot/GeRlG?format=sigpro
403 Forbidden 906 B URL HTTP/2 feeds.feedburner.com/blogspot/GeRlG?format=sigpro
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1751), with no line terminators
Hash ab6646a28f0139b1ee79240abf3601d3
4ccc72f291883d8ff1ad73b6f543e26c9d83c42a
50b982deb68e6dcc927451714f1529440798540ce5ecb512ea1c0d83fa653a27
GET /blogspot/GeRlG?format=sigpro HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:03:28 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-security-policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport, script-src 'nonce-Z5i8K4lEK4Ei3lxHHVP85w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=3843727205859859637&blogName=Rightway&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://rightway-tan.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://rightway-tan.blogspot.com/&vt=1537280965658928976&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=3843727205859859637&blogName=Rightway&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://rightway-tan.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://rightway-tan.blogspot.com/&vt=1537280965658928976&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3154)
Hash 3d7b091d91421ac4caa6f0b4c2e2bdf9
f7c86bb315ffda077f0157ccf9d33b011adbac38
85ebaa4f90b1a79b255be439e3b4d3ece396986cbc1bd919882e1729c383fdfd
GET /navbar.g?targetBlogID=3843727205859859637&blogName=Rightway&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://rightway-tan.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://rightway-tan.blogspot.com/&vt=1537280965658928976&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2572
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 683becfd41bc0efcf62371ac2797c31a
2c63f27dad68cd3adad86dce9516bcce017874b6
7338ae61e676f4138ef44eb472ff0b1a3da2309bd2b85f1aa3b7ccb0be7d9a2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7338AE61E676F4138EF44EB472FF0B1A3DA2309BD2B85F1AA3B7CCB0BE7D9A2B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10407
Expires: Mon, 28 Nov 2022 06:56:56 GMT
Date: Mon, 28 Nov 2022 04:03:29 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 13e032c85dbbd7a95c878848f30d4a9f
8404cebb97d1d2b8cf0340310600800c98741334
0b602fadb5971fb13f1b86aee9f921fcd9bad8b45a9f63c3659b6686b94be435
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:03:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 19:25:43 GMT
Expires: Sun, 04 Dec 2022 19:25:42 GMT
Etag: "8404cebb97d1d2b8cf0340310600800c98741334"
Cache-Control: max-age=573132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771036c9bf5a0b65-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Mon, 28 Nov 2022 05:10:11 GMT
Date: Mon, 28 Nov 2022 04:03:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Mon, 28 Nov 2022 05:10:11 GMT
Date: Mon, 28 Nov 2022 04:03:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Mon, 28 Nov 2022 05:10:11 GMT
Date: Mon, 28 Nov 2022 04:03:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Mon, 28 Nov 2022 05:10:11 GMT
Date: Mon, 28 Nov 2022 04:03:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 22340
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 005e5ba3c9588cf389a58195001b64e3
238a7439d887fb3aa7f1302eeb43fce62f08441a
d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3ggibSv4guzAQjW77yMg7HTp5JCBi1B9dxXi-Zy_-Vw0b6lP1PAGyQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 22340
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2YLb6Et3z5MS3x4qk32fUeOCzFeofTOiHbTH2dGaQbGe_e8yMedqqw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:11:10 GMT
age: 71539
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 577b69fd08ad8368ea5a94fe41476c1c
9442f111d329f721ddc55100cd246586d8204048
bdafc5068032dcf5e207cf2685a1b9350dbe8d990ba181520ff47889524532f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8517
x-amzn-requestid: 12456791-0e7f-45d7-97ae-d663c8fa841d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvHHLoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-54ed1ec101789247052c9ec8;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UzzTPZIBjoow9PK-oM9rfGh5HkrivyPDofbTXy-I-9e4_baQnyKVhQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:55:42 GMT
age: 79667
etag: "9442f111d329f721ddc55100cd246586d8204048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 21703
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 21703
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p0.mycdn.co/banners/script/ui_tag_143-0.js
200 OK 66 kB URL HTTP/2 p0.mycdn.co/banners/script/ui_tag_143-0.js
IP
File type ASCII text, with very long lines (1632)
Hash 797eb25f42a10ba24ac7c66f236ccf1f
c0f82cca4ed826633c1b062fccd247dee8172de7
b77fbc2b0a7902a4de275889bf3efc9d28df62d513ea5ef54f0e95c68b30a7f3
GET /banners/script/ui_tag_143-0.js HTTP/1.1
Host: p0.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:03:29 GMT
content-encoding: gzip
content-length: 66518
content-type: application/javascript
last-modified: Sun, 05 Dec 2021 08:29:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"61ac7859-48cdf"
cache-control: max-age=172800
x-hw: 1669608209.cds066.sk1.hn,1669608209.cds255.sk1.c
X-Firefox-Spdy: h2
clksite.com/adServe/banners?tid=RIGHTWAYTAN_25267_3&pause=5
301 Moved Permanently 162 B URL HTTP/2 clksite.com/adServe/banners?tid=RIGHTWAYTAN_25267_3&pause=5
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /adServe/banners?tid=RIGHTWAYTAN_25267_3&pause=5 HTTP/1.1
Host: clksite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 04:03:29 GMT
content-type: text/html
content-length: 162
location: https://mybettermb.com/adServe/banners?tid=RIGHTWAYTAN_25267_3&pause=5
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash cd97c83cfc4423de59d4737d21f3b0e8
0aee7ba1a1fecdcb29cc0c36b790287721de7a52
d8043cf3adcd1b14311cb91f72ae69c64e265e395fac95b79dd67db1167dccca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88019
Date: Mon, 28 Nov 2022 04:03:29 GMT
Etag: "6382e7e4-1d7"
Expires: Tue, 29 Nov 2022 04:30:28 GMT
Last-Modified: Sun, 27 Nov 2022 04:30:28 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2YVhPsXyRh0ZawebunVzQDBOdC0sIUNqsu3brNqgPFZVT66uajV0Zg==
p0.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-26.css
200 OK 4.3 kB URL HTTP/2 p0.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-26.css
IP
File type ASCII text, with very long lines (24018), with no line terminators
Hash 00cbd303cd4c9857ef92d24f8155f21e
38bea983ada33acc17f48fd29ced114956526166
5fa1b861dc45a45fbf9687ac36b9631c37d2f3805ec4c04bfae3d1bdbf3ab7f9
GET /uicomp/styles/dist/143-0/it-ui-comp-26.css HTTP/1.1
Host: p0.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:03:29 GMT
etag: "1638712671"
content-encoding: gzip
content-length: 4273
content-type: text/css
last-modified: Sun, 05 Dec 2021 13:57:51 GMT
accept-ranges: bytes
server: nginx
cache-control: max-age=315360000
x-hw: 1669608209.cds066.sk1.hn,1669608209.cds214.sk1.c
X-Firefox-Spdy: h2
beta.mybettermb.com/adServe/banners?tid=RIGHTWAYTAN_25267_1&size=26
200 OK 34 kB URL HTTP/2 beta.mybettermb.com/adServe/banners?tid=RIGHTWAYTAN_25267_1&size=26
IP
Hash 1cde446923798beed76d3afc94665bad
9b11f254644f6af9a2eee4a82ae05c4d9b75cd8e
ca560177f57416e341fa5b6ebef571c268191808140372c6fc8b4b861006184c
GET /adServe/banners?tid=RIGHTWAYTAN_25267_1&size=26 HTTP/1.1
Host: beta.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rightway-tan.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:03:29 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2034c4f478581061d113c3cb87e2f362
e9950a76f355c510f0449153fc23f67a9757bbe6
07e5f139ebbc8e61741506be27710036806f9e369c267e80eb9ec12587feab95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
p0.mycdn.co/uicomp/styles/dist/143-0/it-banner-frame.css
200 OK 677 B URL HTTP/2 p0.mycdn.co/uicomp/styles/dist/143-0/it-banner-frame.css
IP
File type ASCII text, with very long lines (2136), with no line terminators
Hash fa17ea81a636e40076e7686b07c1a81e
a99b3ee96dcff98c7a745bdcdcd07ff5828657bd
6dfcfbd0b066d800e83028c8a3b60e48377cb8b78437817fe9dfc022ee286a99
GET /uicomp/styles/dist/143-0/it-banner-frame.css HTTP/1.1
Host: p0.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:03:29 GMT
content-encoding: gzip
content-length: 677
content-type: text/css
last-modified: Sun, 05 Dec 2021 08:51:43 GMT
accept-ranges: bytes
server: nginx
etag: W/"61ac7d9f-858"
cache-control: max-age=315360000
x-hw: 1669608209.cds066.sk1.hn,1669608209.cds066.sk1.c
X-Firefox-Spdy: h2
beta.mybettermb.com/adServe/banners/findBanner?num=1&keyword=Rightway%3A%20office%20rents&tid=RIGHTWAYTAN_25267_1&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp0.mycdn.co&bs=26&referrer=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents&ap=cmp%3DBANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUOT3TtbRhtKvWkLh8OLIt8p356Gpo48sp%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3DRightway%253A%2520office%2520rents&pid=18334&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITC9j1kewzthcb
200 OK 20 kB URL HTTP/2 beta.mybettermb.com/adServe/banners/findBanner?num=1&keyword=Rightway%3A%20office%20rents&tid=RIGHTWAYTAN_25267_1&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp0.mycdn.co&bs=26&referrer=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents&ap=cmp%3DBANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUOT3TtbRhtKvWkLh8OLIt8p356Gpo48sp%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3DRightway%253A%2520office%2520rents&pid=18334&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITC9j1kewzthcb
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (47097)
Hash f48d564d860c308e9e2cb7667b3a7f0a
e772beef32d36f9f2b90ad12d0866bc3c2538b0c
4f0d60b135ea3b1e0ea5ffb47ef6e1de5ac47b8e550acbacb2b57637e5b93e35
GET /adServe/banners/findBanner?num=1&keyword=Rightway%3A%20office%20rents&tid=RIGHTWAYTAN_25267_1&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp0.mycdn.co&bs=26&referrer=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents&ap=cmp%3DBANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUOT3TtbRhtKvWkLh8OLIt8p356Gpo48sp%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3DRightway%253A%2520office%2520rents&pid=18334&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITC9j1kewzthcb HTTP/1.1
Host: beta.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:03:29 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: rhid=82458763640; Max-Age=15552000; Expires=Sat, 27-May-2023 04:03:29 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
capdata=50289s.1_1669608209; Max-Age=86400; Expires=Tue, 29-Nov-2022 04:03:29 GMT; Domain=mybettermb.com; Path=/adServe; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
p18334.mycdn.co/ext/ib/31/dpp_26__black_english.gif
200 OK 5.5 kB URL HTTP/2 p18334.mycdn.co/ext/ib/31/dpp_26__black_english.gif
IP
File type GIF image data, version 89a, 468 x 60\012- data
Hash 25ca3588b2bf792d461dbd6bfb3c68cb
eb783e0550a6eda349b453d1abfdf2f799149554
62b9ed1fa40bd3ddaee96c48b1fe3ff4c3c27833f16c29c32659a39302635a56
GET /ext/ib/31/dpp_26__black_english.gif HTTP/1.1
Host: p18334.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:03:30 GMT
content-length: 5482
content-type: image/gif
last-modified: Sun, 04 Feb 2018 10:12:45 GMT
accept-ranges: bytes
server: nginx
etag: "5a76dc9d-156a"
cache-control: max-age=315360000
x-hw: 1669608210.cds066.sk1.hn,1669608210.cds066.sk1.c
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:55:51 GMT
expires: Wed, 22 Nov 2023 10:55:51 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 19 Nov 2022 03:11:36 GMT
content-type: text/javascript
age: 493659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Mon, 28 Nov 2022 04:03:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 28
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 28 Nov 2022 04:03:30 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
ocsp.digicert.com/
200 OK 279 B IP
Hash a9096cbc17f7f09c7815b1e06156f2f2
6266930f18c43e2b1c8b27112079624d117224af
899ac901ea5f29880e610aed3852a5eed91014c9a9fd91976caced0b966078fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157171
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:30 GMT
Etag: "6383f605-117"
Expires: Tue, 29 Nov 2022 23:43:01 GMT
Last-Modified: Sun, 27 Nov 2022 23:43:01 GMT
Server: nginx
Content-Length: 279
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Frightway-tan.blogspot.com
200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Frightway-tan.blogspot.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Frightway-tan.blogspot.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2180557
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 04:03:30 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.digicert.com/
200 OK 314 B IP
Hash 6e7a9737056c0944fb160616617816b7
ef02228d621f14f18ad967641ece868a680625bf
2522de4f2972e4feabfb37dce08f6d6bc684d927ff2cac3a5ad4c1945241d3e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6393
Cache-Control: max-age=96569
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:30 GMT
Etag: "6382f052-13a"
Expires: Tue, 29 Nov 2022 06:52:59 GMT
Last-Modified: Sun, 27 Nov 2022 05:06:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f7db86be1f26a9355252071e0373eb10
ccc5716bd0d1fbb51e796b1b2a970f062ce8dd27
ad5c6b36eead8b2d2c026d14db4b7942c53e4adaf478037ebdbea24b71373b88
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 04:03:30 GMT
Last-Modified: Mon, 28 Nov 2022 03:04:29 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F2wY1RhWZtgnbmi8fwicJHPa_85o2DS9L_i3Bf7G9TlddFLSn-1rUg==
Age: 3541
syndication.twitter.com/settings?session_id=1357f8a0bfc4e9d95d22369656dfeaee386413e9
200 OK 374 B URL HTTP/2 syndication.twitter.com/settings?session_id=1357f8a0bfc4e9d95d22369656dfeaee386413e9
IP
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
GET /settings?session_id=1357f8a0bfc4e9d95d22369656dfeaee386413e9 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:03:30 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 04:03:30 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: 6ae8e9cd868d629d
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 104
x-connection-hash: 818ced49002df539ab8f22f9bee31c958ca998719dca004f072ec62ad446dc5d
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a9096cbc17f7f09c7815b1e06156f2f2
6266930f18c43e2b1c8b27112079624d117224af
899ac901ea5f29880e610aed3852a5eed91014c9a9fd91976caced0b966078fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=157171
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:30 GMT
Etag: "6383f605-117"
Expires: Tue, 29 Nov 2022 23:43:01 GMT
Last-Modified: Sun, 27 Nov 2022 23:43:01 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
l.sharethis.com/pview?event=pview&hostname=rightway-tan.blogspot.com&location=%2Fsearch%2Flabel%2Foffice%20rents&product=sticky-share-buttons&url=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%20rents&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Rightway%3A%20office%20rents&cms=unknown&publisher=5b12620943e7c90011853fed&sop=true&version=st_sop.js&lang=en
204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=rightway-tan.blogspot.com&location=%2Fsearch%2Flabel%2Foffice%20rents&product=sticky-share-buttons&url=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%20rents&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Rightway%3A%20office%20rents&cms=unknown&publisher=5b12620943e7c90011853fed&sop=true&version=st_sop.js&lang=en
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=rightway-tan.blogspot.com&location=%2Fsearch%2Flabel%2Foffice%20rents&product=sticky-share-buttons&url=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%20rents&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Rightway%3A%20office%20rents&cms=unknown&publisher=5b12620943e7c90011853fed&sop=true&version=st_sop.js&lang=en HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rightway-tan.blogspot.com
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://rightway-tan.blogspot.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 28 Nov 2022 04:03:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
platform-cdn.sharethis.com/img/arrow_right.svg
200 OK 565 B URL HTTP/2 platform-cdn.sharethis.com/img/arrow_right.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Hash 9928d025bd5792b718ee0a185f62e67c
16406d7b5b6d383b12859b853cf6cb7e3733e33d
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
GET /img/arrow_right.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
date: Thu, 03 Nov 2022 06:02:32 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jDRR-n0i7u_eXy7TuaidknWOgBKLX_qUr7NUSJwHV9FDw1j_LwhocQ==
age: 2152860
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash afdcfc5f3bd741d114596300d607f4cc
e82ea5829078ad9268cdf9c576c780b1c40c3696
1c80e7d28c6303b65a17bfa822163c5af3d6d5c480ee9f2e404b23119520eeb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform-cdn.sharethis.com/img/facebook.svg
200 OK 301 B URL HTTP/2 platform-cdn.sharethis.com/img/facebook.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c6e9be45643e197ce1db1d7e24a99adc
d7338e398bb0f7a9082d24f121140d2cf9e88859
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
GET /img/facebook.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 03 Nov 2022 15:33:17 GMT
cache-control: public, max-age=2592000
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jRqlLR9OF-fM2iL3CfA0cWMN8cIkyRjOZ2ifw3gtnFOHR0wSdfSQyg==
age: 2118614
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/twitter.svg
200 OK 731 B URL HTTP/2 platform-cdn.sharethis.com/img/twitter.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Hash 0af2fb38987598376c99e21af17ade45
bfbdfd0b1a2dcef714e347928bd11b8410dc7ca2
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
GET /img/twitter.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 29 Oct 2022 07:08:03 GMT
cache-control: public, max-age=2592000
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uJUmW_Yk6NcbULDDxFEOYijWUawrOkNR3Zi-JgNbM36HYqPcRzVt5w==
age: 2580929
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/linkedin.svg
200 OK 456 B URL HTTP/2 platform-cdn.sharethis.com/img/linkedin.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash fa43b4ede18498b114fc7185993f6da7
53c9d2acffab46dd9da8872ee6d8c0d7cab42fd8
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
GET /img/linkedin.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 456
date: Tue, 08 Nov 2022 01:25:49 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "fa43b4ede18498b114fc7185993f6da7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 24TJfWTf3jKf7QvJ1u4FJb8O4gDoDiFl10ZtGNGkiQ7c4uz6cWTUbg==
age: 1737463
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/messenger.svg
200 OK 372 B URL HTTP/2 platform-cdn.sharethis.com/img/messenger.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash a5aa43fa302867d3e888ac2f69b7b288
952b104251965ac706baca3a022c103104e8fabe
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
GET /img/messenger.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 372
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 05 Nov 2022 02:09:52 GMT
cache-control: public, max-age=2592000
etag: "a5aa43fa302867d3e888ac2f69b7b288"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gaC930wljRia8pllqUTFiMa0Vor5icNXD1dVospaSiIPvJn-_o_Cvw==
age: 1994022
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/youtube.svg
200 OK 738 B URL HTTP/2 platform-cdn.sharethis.com/img/youtube.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (582)
Hash cc49b319ef1cd644b88b6b4d6901d041
a9e64052e5cc0b903c31b758b500cdbc27631de0
3f3a42ccfe495e929036b2d088188905398eb6804f6f8aa31a6293c1434dd7ac
GET /img/youtube.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 738
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 19:06:49 GMT
cache-control: public, max-age=2592000
etag: "cc49b319ef1cd644b88b6b4d6901d041"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t-P0mYuf4HWy5u7OfyWEYa65yAdMKHlJZHPaLKDKNZo2v6XYadnArA==
age: 1565182
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/email.svg
200 OK 343 B URL HTTP/2 platform-cdn.sharethis.com/img/email.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 5977437466e857c7ddcadda6f6d88c2a
19c6378daa1f946ca225fb8d9e039e1f7762fb0d
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
GET /img/email.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 343
date: Mon, 31 Oct 2022 05:27:01 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uTf7_1OFOhTfLk1I2cxOUoYGXE8J3aY7KA2z1punpngldCP_aHmbfQ==
age: 2414191
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/whatsapp.svg
200 OK 832 B URL HTTP/2 platform-cdn.sharethis.com/img/whatsapp.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (676)
Hash afe7fc60ed757db39a88d2950fce69c9
e120b53e856848419275723e24a539359cf41b4a
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
GET /img/whatsapp.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 832
date: Thu, 10 Nov 2022 06:34:01 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: geoexNb21hGE33q6tcizRzB8yRI6rsoOozOawj1tUcY_Kh0SgJLj5g==
age: 1546171
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/sharethis.svg
200 OK 514 B URL HTTP/2 platform-cdn.sharethis.com/img/sharethis.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (358)
Hash deecdaa377907db5cc1722fc831670a1
4e39e0fd5742cc1460e24620df4a360abb71290e
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
GET /img/sharethis.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 514
date: Tue, 01 Nov 2022 04:44:26 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yh5r9G5fNY-T3EVZnak-r9TLhxdb8QeFowgnHqAnOnbzvinXpzRE3Q==
age: 2330346
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/pinterest.svg
200 OK 771 B URL HTTP/2 platform-cdn.sharethis.com/img/pinterest.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (615)
Hash 2b10a062e719c64b686e2e8fcdc216dc
38bd37fa3975f4d5b849763359481d8b31bb80ba
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
GET /img/pinterest.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 771
date: Mon, 28 Nov 2022 01:10:18 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JYqNcezvexvYAH_GfbSwlX0aOxGrtGLiopoGobJtV0u-tHxtMcQw2Q==
age: 10394
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/arrow_left.svg
200 OK 565 B URL HTTP/2 platform-cdn.sharethis.com/img/arrow_left.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Hash b55d8d2b9321e381a3c38a4bddb74037
000c29635758e608bbe15d191e953adb27627c2e
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
GET /img/arrow_left.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
date: Wed, 09 Nov 2022 08:21:03 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nSmZaFe-pyLZtSeusqjkd56hN2lO5mQ_vkW6Bq-HxFMyFfxUgzrcdA==
age: 1626149
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2180554
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 28 Nov 2022 04:03:31 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents
200 OK 154 B URL HTTP/2 count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents
IP
File type ASCII text, with no line terminators
Hash 712557508d88015ea38adc80192e4b62
fa205052ea8fc2d4fccd0fa3813b8549a538fbe5
3ada05295afe73094ecd6464716733b135328a6726c60da69f5295d2fd7ed128
GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 154
date: Mon, 28 Nov 2022 04:03:31 GMT
cache-control: public, max-age=60
etag: 712557508d88015ea38adc80192e4b62
apigw-requestid: cSzrBgnFIAMEZQg=
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T3vDPBZxA1qLE2Ah34_0oPItONXch9AR0bnMcfeYQKM35nAZbubgaQ==
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/weibo.svg
200 OK 14 kB URL HTTP/2 platform-cdn.sharethis.com/img/weibo.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash 66057fbd9dea0536245b50c75a34b25c
5ef8bd043e2591d62d02ba6279a71f5ab74230cc
61c007b9c753c150613ec29097633cfd09586c0316fad15b5d732cd635fd5d91
GET /img/weibo.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 30 Oct 2022 18:44:25 GMT
cache-control: public, max-age=2592000
etag: W/"66af87221f9c1ee574d843bfea27738d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G9GK5mD6l_movpmi1FgU1H0X9tdlSkSjeI85rarAaW3RyziYQsWKyQ==
age: 2452747
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669608211079%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=1357f8a0bfc4e9d95d22369656dfeaee386413e9
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669608211079%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=1357f8a0bfc4e9d95d22369656dfeaee386413e9
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Frightway-tan.blogspot.com%2Fsearch%2Flabel%2Foffice%2520rents%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669608211079%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=1357f8a0bfc4e9d95d22369656dfeaee386413e9 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:03:31 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 04:03:31 GMT
content-length: 43
x-transaction-id: 498814044b4cf4ac
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 818ced49002df539ab8f22f9bee31c958ca998719dca004f072ec62ad446dc5d
X-Firefox-Spdy: h2
feeds.feedburner.com/blogspot/NYbGpK?format=sigpro
403 Forbidden 0 B URL HTTP/2 feeds.feedburner.com/blogspot/NYbGpK?format=sigpro
IP
GET /blogspot/NYbGpK?format=sigpro HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:03:28 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-security-policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport, script-src 'nonce-kGB7btaYuOr8VDRA5VSfmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Frightway-tan.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Frightway-tan.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Frightway-tan.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:03:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-lGnCDAGNpo2Gx_9XAjbAGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform-api.sharethis.com/js/sharethis.js
200 OK 0 B URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Mon, 28 Nov 2022 04:00:20 GMT
cache-control: max-age=600, public
etag: W/"30217-4R/x1mcbHYoN8J5L8eO1d9Nv/qY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4eJxHTbeY9g7N2oD25n0Empsf3Evx1N66NUIjamc04Q8tBQzwq7e6g==
age: 190
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
hearty.me/?utm_source=roodo&utm_medium=roodo&utm_campaign=roodo
200 OK 0 B URL HTTP/2 hearty.me/?utm_source=roodo&utm_medium=roodo&utm_campaign=roodo
IP
GET /?utm_source=roodo&utm_medium=roodo&utm_campaign=roodo HTTP/1.1
Host: hearty.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rightway-tan.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:03:30 GMT
content-type: text/html; charset = utf-8;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=to6k957qht0pr3tflc7od18kbb; expires=Tue, 29-Nov-2022 04:03:30 GMT; Max-Age=86400; path=/; domain=.hearty.me; secure; SameSite=None
vary: Accept-Encoding
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'; object-src 'none'; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
expect-ct: max-age=86400, report-uri="https://nien.report-uri.com/r/d/ct/reportOnly"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbDOn6x%2BFyb8KWH%2FWVfdtNOCoBMS%2BgNA%2FJWoWnemMgzCIMpjtZihpzg4xKZpdusQPWhTmxf%2Fg4dejk41SFcSaQ5W1hb7cwGJxIEC6air6WRvGM22Hzw%2FMSJXscE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771036d2e821fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:03:28 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+132; expires=Wed, 27-Nov-2024 04:03:28 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blog.roodo.com/alame/21368698.swf
301 Moved Permanently 0 B URL HTTP/2 blog.roodo.com/alame/21368698.swf
IP
GET /alame/21368698.swf HTTP/1.1
Host: blog.roodo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Mon, 28 Nov 2022 04:03:29 GMT
content-type: text/html; charset=utf-8
location: https://go.hearty.me/roodo
cf-ray: 771036c75b83fab8-OSL
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cache-tag: srv-c61rig1g7hp1rg03ajh0
cloudflare-cdn-cache-control: public, max-age=300
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
feeds.feedburner.com/blogspot/fpdSbA?format=sigpro
403 Forbidden 0 B URL HTTP/2 feeds.feedburner.com/blogspot/fpdSbA?format=sigpro
IP
GET /blogspot/fpdSbA?format=sigpro HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:03:28 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport, script-src 'nonce-wnQioYl8gv4_lcY9jC0Ueg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/instagram.svg
200 OK 0 B URL HTTP/2 platform-cdn.sharethis.com/img/instagram.svg
IP
GET /img/instagram.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 03:13:16 GMT
cache-control: public, max-age=2592000
etag: W/"da6090b1b675f09ecfa36f0098ebe1c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zXhM8hWs_ZA464bfQMxmrdYnWJ1wkuJPXj94Dkl6n7iwT_eKlVcsUA==
age: 3018
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
go.hearty.me/roodo
302 Found 0 B IP
GET /roodo HTTP/1.1
Host: go.hearty.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rightway-tan.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 04:03:30 GMT
content-type: text/html; charset=UTF-8
location: https://hearty.me/?utm_source=roodo&utm_medium=roodo&utm_campaign=roodo
server: Apache/2.4.7 (Ubuntu)
set-cookie: roodo=1; expires=Wed, 28-Dec-2022 03:58:19 GMT; Max-Age=2592000; path=/roodo; domain=go.hearty.me
/roodo=1; expires=Wed, 28-Dec-2022 03:58:19 GMT; Max-Age=2592000; path=/roodo; domain=go.hearty.me
X-Firefox-Spdy: h2
mybettermb.com/adServe/banners?tid=RIGHTWAYTAN_25267_3&pause=5
200 OK 0 B URL HTTP/2 mybettermb.com/adServe/banners?tid=RIGHTWAYTAN_25267_3&pause=5
IP
GET /adServe/banners?tid=RIGHTWAYTAN_25267_3&pause=5 HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rightway-tan.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:03:29 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
buttons-config.sharethis.com/js/5b12620943e7c90011853fed.js
200 OK 0 B URL HTTP/2 buttons-config.sharethis.com/js/5b12620943e7c90011853fed.js
IP
GET /js/5b12620943e7c90011853fed.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rightway-tan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 05 Jun 2018 07:17:34 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 04:03:31 GMT
cache-control: max-age=60,public
etag: W/"e147f36ea2764b8c721e5074ab836607"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _8bv7X_rNekIN3B5bX_mXWIurR0dfDL3W-kgFkjxjlKydKqFSPKMSw==
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
142.250.74.161
185.44.104.99
104.21.74.109
23.36.76.226
93.184.220.29