Report - heavyfarm.blogspot.com/

Report Overview

Submitted URL
heavyfarm.blogspot.com/
IP
142.250.74.161
ASN
#15169 GOOGLE
Submitted
2022-09-26 11:23:33
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.sb4you1.com	22321	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	212 kB	172.64.200.2
statically.io	21282	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	98 kB	151.101.193.91
www.investopedia.com	21596	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	515 B	131 kB	151.101.86.137
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	143.204.42.156
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.6 kB	23.36.77.32
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	9.1 kB	142.250.74.3
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.7 kB	151.101.85.229
s10.histats.com	15211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	4.7 kB	46.105.201.240
cdn.yourwebbars.com	62037	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	1.3 kB	172.67.74.218
s4.histats.com	12782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	563 B	182 B	192.99.8.34
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	53 kB	142.250.74.163
lh3.googleusercontent.com	66	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	32 kB	142.250.74.1
qualificationsomehow.com	317391	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	798 B	36 kB	192.243.59.20
grumblecrytopless.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	8.5 kB	173.233.139.164
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	53 kB	172.64.132.22
heavyfarm.blogspot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	35 kB	142.250.74.161
wadmargincling.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	467 B	192.243.61.227
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	1.9 kB	142.250.74.10
hkchef.com.au	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	288 B	275 kB	103.20.202.153
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.38.146.2
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	11 kB	104.17.25.14
cdn.statically.io	10364	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	19 kB	151.101.85.91
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	74 kB	34.120.237.76
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.225
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
www.blogger.com	8975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	58 kB	216.58.207.201
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	830 B	52.29.95.124
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	93 kB	172.64.129.12
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	712 B	3.8 kB	104.18.21.226
i.pinimg.com	689	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.0 kB	4.3 MB	151.101.84.84
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	8.9 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.2 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	wadmargincling.com	Sinkholed
2022-09-26	medium	grumblecrytopless.com	Sinkholed
2022-09-26	medium	grumblecrytopless.com	Sinkholed
2022-09-26	medium	unseenreport.com	Sinkholed
2022-09-26	medium	unseenreport.com	Sinkholed
2022-09-26	medium	grumblecrytopless.com	Sinkholed
2022-09-26	medium	grumblecrytopless.com	Sinkholed
2022-09-26	medium	grumblecrytopless.com	Sinkholed
2022-09-26	medium	grumblecrytopless.com	Sinkholed

JavaScript (20)

	URL	Size	First Seen	Last Seen
	heavyfarm.blogspot.com/	167 B	2023-03-07	2023-11-26
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:22 Last Seen2023-11-26 10:57:10 Times Seen2 Hash 16e2d72f3fade65b938bea24a3dbc593 bf9454a1c6bd46e03423871b636c4dc888510c27 ecc349d05a912f1775adcd4d126269af36fb4d3b93111d6f0f2158a7ac95000c Loading...

	heavyfarm.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-04-26
Pretty URL heavyfarm.blogspot.com/js/cookienotice.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-26 07:26:49 Times Seen113808 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	qualificationsomehow.com/95/24/13/952413d0662b81bf005b2dee80e7c6a1.js	60 kB	2023-03-08	2023-03-08
Pretty URL qualificationsomehow.com/95/24/13/952413d0662b81bf005b2dee80e7c6a1.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:39:47 Last Seen2023-03-08 01:39:47 Times Seen1 Hash 8d9b68db669685dd48a3b7177b1ff0b4 e49d0809ee36b7a8c40c1333560b59726b248bf6 ca72d008d32f09ea1cb40616da9fe4d831ba37fad03b44fb80ad41820539b508 Loading...

	heavyfarm.blogspot.com/	424 B	2023-03-07	2023-03-12
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:22 Last Seen2023-03-12 15:57:38 Times Seen1 Hash eb4b6cf827cc193a3189136fc1aeb1f2 4fa31a1decef44c7cf6448682af094c652e0d1e9 977246d28c3383e51204d17b1717561fc784da0170338f43bf4435d5809722f9 Loading...

	heavyfarm.blogspot.com/	789 B	2023-03-07	2024-02-13
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js IP 172.64.200.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2024-04-26 05:02:17 Times Seen3738 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	heavyfarm.blogspot.com/	290 B	2023-03-07	2024-02-14
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:22 Last Seen2024-02-14 03:25:19 Times Seen41 Hash 9eef307b1a7e763f6f54b65ba5fc8b8f b897e7b4f9feec95b6d536887545e7a8bd4ecdce c5eb80ddf0f342ed80b52e460e633f2640b1f409063d8f0bc87ec6b4f559d1c5 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 07:31:38 Times Seen139346 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdn.jsdelivr.net/gh/aryvkurniawan/kinan/sidebar.js	1 B	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/gh/aryvkurniawan/kinan/sidebar.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-26 07:26:05 Times Seen68870 Hash 68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Loading...

	heavyfarm.blogspot.com/	17 kB	2023-03-07	2023-11-26
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:22 Last Seen2023-11-26 10:57:10 Times Seen3 Hash f93c9df5d1746eb20176092bd10c8c43 b6fbe0f81b569bffd47de1cd2d321cb99ef5c82c 235e930084c912673f0d2742e4b6f179e84f31bf753db8f6a9fb5532d788962b Loading...

	heavyfarm.blogspot.com/	275 B	2023-03-07	2024-04-26
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-26 07:26:49 Times Seen57519 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer1.js	268 B	2023-03-07	2023-03-11
Pretty URL cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer1.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:22 Last Seen2023-03-11 11:45:53 Times Seen1 Hash 6721b663cdb4c38fd8e5b926cb0db768 43e0ef962f0cd4dfb292ef1c4ae0fd4749a8effa b2beefb98039942b5524c09774d6167e90e1e67fa5d6f5f1ef122a972d6ec11c Loading...

	qualificationsomehow.com/a6/7b/e6/a67be604660a0094f32a365302cb001e.js	37 kB	2023-03-08	2023-03-08
Pretty URL qualificationsomehow.com/a6/7b/e6/a67be604660a0094f32a365302cb001e.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:39:47 Last Seen2023-03-08 01:39:47 Times Seen1 Hash b83d4879ea0b8e9c6783b20a4030b241 89b04175f7878b17349a5ee3737a059d9febbdef 434cc774c9b63170c9dbd814cc25d1a5ef8b415f8bc96e4d35835d334907a3a8 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	s4.histats.com/stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w	50 B	2023-03-07	2023-03-13
Pretty URL s4.histats.com/stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w IP 192.99.8.34 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:00 Last Seen2023-03-13 02:51:45 Times Seen1 Hash 8def6afac4ffbdde378205a7ff7d26b6 d4c96c4febdee7c1453c71590b10c5dcfb46c5c1 4d4ee7b94223d6cc914f7312556d8106ff0ba5a32ef7ccc107e776136f712fba Loading...

	http:blank	992 B	2023-03-07	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:55:26 Last Seen2023-03-08 01:39:47 Times Seen1 Hash 27e4979d05bfadc11b90c10a1ed2e79c 63c6987927bbfc8bcc52f4b3c4fe699b7444935f dd3da11ba36d48f9fee7d0fe7c00426aa9b69724b771aa1e5792ab261ee9dd21 Loading...

	heavyfarm.blogspot.com/	9.9 kB	2023-03-07	2024-02-05
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:22 Last Seen2024-02-05 11:44:05 Times Seen23 Hash edd45963c5a34ee3b92ea37f202c3c31 4d193ca3c4977fc97b433e6b1c9f2a99efb730d1 1a212ce978f3ac74a439acd3a7efa5c4b9bd1c3d42a569b67fa13281c8771cd0 Loading...

	www.blogger.com/static/v1/widgets/4150139458-widgets.js	158 kB	2023-03-07	2023-03-14
Pretty URL www.blogger.com/static/v1/widgets/4150139458-widgets.js IP 216.58.207.201 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:10:33 Last Seen2023-03-14 11:35:19 Times Seen1 Hash 52c5c82c3da1ee190059ca69df0f8a33 588424f6cbdc6c258aa45ba2f0328aef9faef766 b52b894097b6d8f58a8c0dea115a8aa5826d71300933a1f714be1dd14d00ae9d Loading...

	cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer2.js	268 B	2023-03-07	2023-03-11
Pretty URL cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer2.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:22 Last Seen2023-03-11 11:45:53 Times Seen1 Hash c0880cb483b1c7153ea8d727f9ff83d5 6cbe2fde79e9afd75f4ec22d01ccd9dfd619e467 6a6cae6deb4c2345d43a6b4160903116eb13e9fb65a9a8332f5098e35fe7247f Loading...

	heavyfarm.blogspot.com/	12 kB	2023-03-08	2023-03-08
Pretty URL heavyfarm.blogspot.com/ IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:39:47 Last Seen2023-03-08 01:39:47 Times Seen1 Hash 44138f67bec68e14582ada653ea3d1a1 390dc6e95e5c28be04ff18ef490df27641044262 54b107f761559d297682e150eb59f40aa8cd0425da73a59a6edecfd1234270e2 Loading...

HTTP Transactions (147)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6333
Expires: Mon, 26 Sep 2022 13:08:55 GMT
Date: Mon, 26 Sep 2022 11:23:22 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 11:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mAH8BBLcHW77erUkMkSENwnyeYZU1KhqNu0t04W0Sy8vkgBTbsDMIQ==
Age: 484

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x9H3xlUigVBMf5W1uzEhoLKbMJUdaTNOYfb6UPUf6YCbKQgth8M2kw==
age: 24487
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 11:23:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 11:10:46 GMT
Expires: Mon, 26 Sep 2022 11:28:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fIDKzYrjyvYAEVZpGBVxIj5k7Prf5sb6klf9YEhqvrw7sgh0WJo6KA==
Age: 756

heavyfarm.blogspot.com/

142.250.74.161

301 Moved Permanently

178 B

URL HTTP/1.1
heavyfarm.blogspot.com/
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
178 B (178 bytes)
Hash
adb6717b342e39726b0971bfd0b7013c
e9dd64e856497a6a42e836c82dae25b075db3a24
ab05a3417604bc33aecc60d2d8445e4e008bbb0fa9f41a1d2659bbbcb1208cd9

HTTP Headers

GET / HTTP/1.1
Host: heavyfarm.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://heavyfarm.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 11:23:22 GMT
Expires: Mon, 26 Sep 2022 11:23:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 178
Server: GSE

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5081dc1508d43c1e614957b7a94bab1a
4eecce92d0ed0a867a5c6545238b8ec255aded8b
17aeec36af397aa62a479b610a5dd05987c22cbb58d26d4e79b3e403af5cf9b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2005
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Last-Modified: Mon, 26 Sep 2022 10:49:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.146.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CFZJH08dwsg3d/Elso0Gqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0dXIysARDPdtBSJbE6CkR4Lrymo=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5081dc1508d43c1e614957b7a94bab1a
4eecce92d0ed0a867a5c6545238b8ec255aded8b
17aeec36af397aa62a479b610a5dd05987c22cbb58d26d4e79b3e403af5cf9b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/fontawesome.min.css

104.17.25.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/fontawesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (57317)
Size
10 kB (10184 bytes)
Hash
cb27e13a5b2d90fe0d96a865efc886f8
dfa5d3d9602ceab98080c8be727146d1c4908be3
b0eb3372324c99452ca27a1850c9d9a868090fcc0af0ba1e33392daf1d5304e5

HTTP Headers

GET /ajax/libs/font-awesome/5.14.0/css/fontawesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:23 GMT
content-type: text/css; charset=utf-8
content-length: 10184
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f0f47d3-e09f"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9538981
expires: Sat, 16 Sep 2023 11:23:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojKMyFNeFDzh1WU09Ze1fhPLdIi7Wf%2F51r956E2yETFPkZc%2Fdr9xSd6TO0y3j3A20nyQyVa06w7Pv5no1wnI3Xl1qzNlQ0YBphpSxnqo450WO%2Ff4jUSQow4nxWUhh0WsoSnbe2nh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750ba090cfe7b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

heavyfarm.blogspot.com/

142.250.74.161

200 OK

34 kB

URL HTTP/2
heavyfarm.blogspot.com/
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1361)
Size
34 kB (34080 bytes)
Hash
6efb77bb7ef016737c2a3a18d7c8ad3d
a6f4896826702055057825bde9ee4a84346a171f
cefaf555fbe7115838c7ef9eb343e37aa4c8ccb6a26f4352ffb36fa02cb71022

HTTP Headers

GET / HTTP/1.1
Host: heavyfarm.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 26 Sep 2022 11:23:23 GMT
date: Mon, 26 Sep 2022 11:23:23 GMT
cache-control: private, max-age=0
last-modified: Mon, 19 Sep 2022 08:16:15 GMT
etag: W/"e00714442037adefa81d39422cca8acbaf9c2e35d5a3800547ef83d7ef74f211"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 34080
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/aryvkurniawan/kinan/sidebar.js

151.101.85.229

200 OK

21 B

URL HTTP/2
cdn.jsdelivr.net/gh/aryvkurniawan/kinan/sidebar.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
1a60c330fb42841e8dcf3cd507a70bfc
9ba9c8d18f6be7851b4d88e3b608a9979f56a083
7fa5a93246b84491c51c9c8b4493d30518932a2bb45d67df757bc8a332b1f2d1

HTTP Headers

GET /gh/aryvkurniawan/kinan/sidebar.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"1-rcg7GeeTSRscbqD9i0bNnzLlkvw"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:23 GMT
age: 32014
x-served-by: cache-fra19144-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c5ef2f4f663344f1632b3eb8d0649c3
6c2b58649ef2cf95baa7738144b39ed986580c95
26b6489dab75fc0e12f7cf1249ede296389ab38eb034d67daeb3e9750dec81d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer1.js

151.101.85.229

200 OK

203 B

URL HTTP/2
cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer1.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
203 B (203 bytes)
Hash
c61f0773acb99e4f315f5b749c9511e4
ff28827668e614447da248a1c5b3b6dc1b0ed2bc
792d81a04f662a0fe27d78c9e7f8d1c12c4eaefca53cd8b646b981ef4e14fd0b

HTTP Headers

GET /gh/aryvkurniawan/kinan/footer1.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"10c-Q+Dvli8M1N+yku8cSuD9R0mo7/o"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:23 GMT
age: 5846
x-served-by: cache-fra19158-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 203
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer2.js

151.101.85.229

200 OK

204 B

URL HTTP/2
cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer2.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
204 B (204 bytes)
Hash
777be15fae99c60b99af2de1fe57a47e
65d1d052d6ef11a18fd51b8c05758e0244eefc49
53d30793a15efb07b2f03f27c6f7140b40cb1772b16351e440238dc11ca308b4

HTTP Headers

GET /gh/aryvkurniawan/kinan/footer2.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"10c-bL4v3nnpr9dfTsItAczZ39YZ5Gc"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:23 GMT
age: 14148
x-served-by: cache-fra19158-FRA, cache-bma1672-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 204
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/4150139458-widgets.js

216.58.207.201

200 OK

57 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
57 kB (56826 bytes)
Hash
b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b

HTTP Headers

GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 70013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

142.250.74.163

200 OK

52 kB

URL HTTP/2
fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 52404, version 1.0\012- data
Size
52 kB (52404 bytes)
Hash
b3447ba24a6e2329f683c53cbb42b0cb
1f2357ad8aa011e0a67c60086c5e3eb4c8ccd4cc
4d44818149772885a471e8bedfac070b642f433961c01829b50fa4dcaadba5e6

HTTP Headers

GET /s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 52404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 06:42:03 GMT
expires: Wed, 20 Sep 2023 06:42:03 GMT
cache-control: public, max-age=31536000
age: 535280
last-modified: Fri, 26 Jun 2020 02:46:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
9c7f9aa8cbbe9f9538b7b40e2ddd9583
b7db0f7b9fdac06b31b35e3bbe1c2a61bae35349
c3a71158a0eda86ff7f2325e10e37ae9dcc74b4a2f2086c991e8e2e38be6fda7

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 11:23:23 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "267A4072ECD212ABC39FF3D34368095FEFBCE234"
Expires: Mon, 26 Sep 2022 22:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1639
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750ba091cd011bfe-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c5ef2f4f663344f1632b3eb8d0649c3
6c2b58649ef2cf95baa7738144b39ed986580c95
26b6489dab75fc0e12f7cf1249ede296389ab38eb034d67daeb3e9750dec81d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lh3.googleusercontent.com/blogger_img_proxy/ANbyha08W_YBJMvhbSHBkTXmsB1heVTBS_ycf1C7VbnRK7-9ie4PThgVML-xYCpAb_vzrseiCeU__XHaBKttYXWvmroFoUGKFcP5x2LHdkccvGKH-8bGKsVR-F48vmVB9EMEeBieexhAGaajX_UKWl9oA-tpWi2b7ziSM7aEgepbluGItIBUJCThMx7Vq1-XzgRzEwZy1x3MkYxj=w145-h100-p-k-no-nu

142.250.74.1

404 Not Found

1.8 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha08W_YBJMvhbSHBkTXmsB1heVTBS_ycf1C7VbnRK7-9ie4PThgVML-xYCpAb_vzrseiCeU__XHaBKttYXWvmroFoUGKFcP5x2LHdkccvGKH-8bGKsVR-F48vmVB9EMEeBieexhAGaajX_UKWl9oA-tpWi2b7ziSM7aEgepbluGItIBUJCThMx7Vq1-XzgRzEwZy1x3MkYxj=w145-h100-p-k-no-nu
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.8 kB (1807 bytes)
Hash
4e26ead020605c8da04ea31eca32ddeb
8f8462562aace11f95574ef5ad0c3b5410115769
eb59802e8f710449b44519d2119f82ee2bb3f3575290fdbc8ed1c5734940f889

HTTP Headers

GET /blogger_img_proxy/ANbyha08W_YBJMvhbSHBkTXmsB1heVTBS_ycf1C7VbnRK7-9ie4PThgVML-xYCpAb_vzrseiCeU__XHaBKttYXWvmroFoUGKFcP5x2LHdkccvGKH-8bGKsVR-F48vmVB9EMEeBieexhAGaajX_UKWl9oA-tpWi2b7ziSM7aEgepbluGItIBUJCThMx7Vq1-XzgRzEwZy1x3MkYxj=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 1807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w90-h62-p-k-no-nu

142.250.74.1

404 Not Found

1.9 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w90-h62-p-k-no-nu
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.9 kB (1911 bytes)
Hash
8bc006423781761f60eaa9da1a20d31a
6e6c755ae2523ef8e37a865e34c22564050c4808
7beb08ef98f330417aa489868b0b56db87939ef0aa078479f02498375f07b099

HTTP Headers

GET /blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w90-h62-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 1911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

142.250.74.1

404 Not Found

1.9 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w145-h100-p-k-no-nu
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.9 kB (1913 bytes)
Hash
c718ae87f44c9ff39036e0091de47ce8
264a53b620e1320f70a129ac51d3e719cd29e511
2856f9f630fe579996a233d8af3ff3502fb36b378f05dcd3f3c1922c0147c19b

HTTP Headers

GET /blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 1913
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/06/greenhills-1024x414.jpg

151.101.85.91

400 Bad Request

722 B

URL HTTP/2
cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/06/greenhills-1024x414.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
722 B (722 bytes)
Hash
ce36f6f2e152066335e11e4adf2d1a26
27277d881fcafd3b7e7daa0a4be075ad0d5d9e2f
eea8e5d14c86e10b74d216228d086bf074b4b3047b2756b9f47cd224d63ab420

HTTP Headers

GET /img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/06/greenhills-1024x414.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
content-type: text/html
date: Mon, 26 Sep 2022 11:23:24 GMT
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: MISS
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 722
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d

151.101.85.91

301 Moved Permanently

0 B

URL HTTP/2
cdn.statically.io/img/www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg

151.101.85.91

301 Moved Permanently

30 B

URL HTTP/2
cdn.statically.io/img/i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571

HTTP Headers

GET /img/i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2

cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=116488793067524

151.101.85.91

301 Moved Permanently

0 B

URL HTTP/2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=116488793067524
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=116488793067524 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2

cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg

151.101.85.91

400 Bad Request

722 B

URL HTTP/2
cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
722 B (722 bytes)
Hash
ce36f6f2e152066335e11e4adf2d1a26
27277d881fcafd3b7e7daa0a4be075ad0d5d9e2f
eea8e5d14c86e10b74d216228d086bf074b4b3047b2756b9f47cd224d63ab420

HTTP Headers

GET /img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
content-type: text/html
date: Mon, 26 Sep 2022 11:23:24 GMT
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: MISS
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 722
X-Firefox-Spdy: h2

cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100079448235933

151.101.85.91

301 Moved Permanently

0 B

URL HTTP/2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100079448235933
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100079448235933 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2

cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408153908921

151.101.85.91

301 Moved Permanently

0 B

URL HTTP/2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408153908921
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408153908921 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2

cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408133908923

151.101.85.91

301 Moved Permanently

0 B

URL HTTP/2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408133908923
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408133908923 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
e743943ac44438892faf1cef2665e819
710d9d7f1e3b7d82aa989fd4fa36d7214345d58b
d6bec6b885ec2a7550daecadbab34363e6eb1b5b7d88d51a610f5962b2999a11

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F449F881E330DC014B0D83A546D80E6936C1AD"
Expires: Mon, 26 Sep 2022 22:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2540
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750ba094f87b1bfe-OSL

lh3.googleusercontent.com/blogger_img_proxy/ANbyha22Do1hyUd73KCr2MvfkGQ7pxosEPI6ht8bSLVWstHz6oMVHf2vo6rky8xK9rRi41rMP9w9fAjuFPr8Pve8BrCit2qnv6sqetSvSntuSkc7nwqs2eogxhm3wYSw-7EqZpSUp7myishOHvk-fjEc4FElnYbz5Po-Od5xZWEpFYBUqp2xvKWH=w90-h62-p-k-no-nu

142.250.74.1

200 OK

4.9 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha22Do1hyUd73KCr2MvfkGQ7pxosEPI6ht8bSLVWstHz6oMVHf2vo6rky8xK9rRi41rMP9w9fAjuFPr8Pve8BrCit2qnv6sqetSvSntuSkc7nwqs2eogxhm3wYSw-7EqZpSUp7myishOHvk-fjEc4FElnYbz5Po-Od5xZWEpFYBUqp2xvKWH=w90-h62-p-k-no-nu
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x62, components 3\012- data
Size
4.9 kB (4880 bytes)
Hash
188a680b35ff674f3b9ea5a0835b2947
1812c1ce581149ea2209d61dceb01d67f0c748e0
8ff7256cd86dbe3fa2d84983fba48f3867194d21299ce6063ee8e9caa2bf24fd

HTTP Headers

GET /blogger_img_proxy/ANbyha22Do1hyUd73KCr2MvfkGQ7pxosEPI6ht8bSLVWstHz6oMVHf2vo6rky8xK9rRi41rMP9w9fAjuFPr8Pve8BrCit2qnv6sqetSvSntuSkc7nwqs2eogxhm3wYSw-7EqZpSUp7myishOHvk-fjEc4FElnYbz5Po-Od5xZWEpFYBUqp2xvKWH=w90-h62-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 4880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha3AWX_cEAt17MCOHH6_8q_lf0ZgARyI9zdJBakzTHzmDht2y2PNz0-UV5F0nDmlJp_ByNnqVawPl68RKbjY5wdALQ_-kKCfFf_5u3eOFpB24fzADyK0YKpqHapgxihAXyx066kvW-5M7j8xAO_79UXPyJ8kVfHjC9IfRkiD9DIPoHo3KjD_rqQkbUT_qgd0Ej_doHM=w145-h100-p-k-no-nu

142.250.74.1

200 OK

6.7 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3AWX_cEAt17MCOHH6_8q_lf0ZgARyI9zdJBakzTHzmDht2y2PNz0-UV5F0nDmlJp_ByNnqVawPl68RKbjY5wdALQ_-kKCfFf_5u3eOFpB24fzADyK0YKpqHapgxihAXyx066kvW-5M7j8xAO_79UXPyJ8kVfHjC9IfRkiD9DIPoHo3KjD_rqQkbUT_qgd0Ej_doHM=w145-h100-p-k-no-nu
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 145x100, components 3\012- data
Size
6.7 kB (6719 bytes)
Hash
7541cb98543fec179c9ab24de07daf5c
e5d21f36c6da828251e291f2c227728ac0ccfbb0
1a01f274bc3cf1416b85a5db36c1962881eadf9a716c1ce94d7578a018bcb730

HTTP Headers

GET /blogger_img_proxy/ANbyha3AWX_cEAt17MCOHH6_8q_lf0ZgARyI9zdJBakzTHzmDht2y2PNz0-UV5F0nDmlJp_ByNnqVawPl68RKbjY5wdALQ_-kKCfFf_5u3eOFpB24fzADyK0YKpqHapgxihAXyx066kvW-5M7j8xAO_79UXPyJ8kVfHjC9IfRkiD9DIPoHo3KjD_rqQkbUT_qgd0Ej_doHM=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 6719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha2rcRZYT8QnNsjKyUcF-Px--EkKt6JOJQdpxbwvx-aPqCtW7BrNoxWm7lZBipA9_LYZWvW9e56wCrZbfvRJNWvzLq8sQ8HZEstXuqLP7OwSaReeigSmsz6-J0IS8OSQUwT6F6L4JD0cesEUvYwZW-VQBUX12HJE_EtiybBB8xjWheKruz46s5o75ZuDaFDc0jZ-eQ=w145-h100-p-k-no-nu

142.250.74.1

200 OK

5.5 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2rcRZYT8QnNsjKyUcF-Px--EkKt6JOJQdpxbwvx-aPqCtW7BrNoxWm7lZBipA9_LYZWvW9e56wCrZbfvRJNWvzLq8sQ8HZEstXuqLP7OwSaReeigSmsz6-J0IS8OSQUwT6F6L4JD0cesEUvYwZW-VQBUX12HJE_EtiybBB8xjWheKruz46s5o75ZuDaFDc0jZ-eQ=w145-h100-p-k-no-nu
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 145x100, components 3\012- data
Size
5.5 kB (5521 bytes)
Hash
8fcb564d04a618afae880b241d191972
1463b8a748f0b9d8fd4a0937c563db1d3909164f
90fa240b1b2e495dc4ae3e967403dc815182616af110fdab8239997e036ce0e6

HTTP Headers

GET /blogger_img_proxy/ANbyha2rcRZYT8QnNsjKyUcF-Px--EkKt6JOJQdpxbwvx-aPqCtW7BrNoxWm7lZBipA9_LYZWvW9e56wCrZbfvRJNWvzLq8sQ8HZEstXuqLP7OwSaReeigSmsz6-J0IS8OSQUwT6F6L4JD0cesEUvYwZW-VQBUX12HJE_EtiybBB8xjWheKruz46s5o75ZuDaFDc0jZ-eQ=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 5521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

statically.io/?ref=imgext0

151.101.193.91

200 OK

31 kB

URL HTTP/2
statically.io/?ref=imgext0
IP
151.101.193.91:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31025 bytes)
Hash
91543b8259217d9179139186d9efa0ec
1e6d58f7fdb64d1c35ee9fbf6ce33031fba59d1e
4d6cb8efd9f3bdceb59bf66bb8126a4c7af35adf9f634e007479981fd1cd9c5f

HTTP Headers

GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1664191404.378061,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2

statically.io/?ref=imgext0

151.101.193.91

200 OK

31 kB

URL HTTP/2
statically.io/?ref=imgext0
IP
151.101.193.91:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31025 bytes)
Hash
91543b8259217d9179139186d9efa0ec
1e6d58f7fdb64d1c35ee9fbf6ce33031fba59d1e
4d6cb8efd9f3bdceb59bf66bb8126a4c7af35adf9f634e007479981fd1cd9c5f

HTTP Headers

GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1664191404.404364,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha31ttiHOqil9LMn6slOzukuWhIUYVRcZSdVTbkhGoPDlrYs779Ek-HYe6MusHXpgrsK4KH5aF7juce7DZTSvBSsPoqWUpzBOXn7TRoNI_rd8OrxdeDtwpoTXrWS-aKp7kM9q3PtdUiTbA9gKLFndw-4u4dBtPHIOZsFSAkg0pUcKA=w90-h62-p-k-no-nu

142.250.74.1

200 OK

5.6 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha31ttiHOqil9LMn6slOzukuWhIUYVRcZSdVTbkhGoPDlrYs779Ek-HYe6MusHXpgrsK4KH5aF7juce7DZTSvBSsPoqWUpzBOXn7TRoNI_rd8OrxdeDtwpoTXrWS-aKp7kM9q3PtdUiTbA9gKLFndw-4u4dBtPHIOZsFSAkg0pUcKA=w90-h62-p-k-no-nu
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x62, components 3\012- data
Size
5.6 kB (5554 bytes)
Hash
cbf40053bc8e6988f962ce3ae1642a9f
89357eb62908ae83c109b47242b05af4a659cc99
6d3332c5a0f6636cf5b6ba96dc295d4fd430950e498540e7ea81cfa5bf7f463d

HTTP Headers

GET /blogger_img_proxy/ANbyha31ttiHOqil9LMn6slOzukuWhIUYVRcZSdVTbkhGoPDlrYs779Ek-HYe6MusHXpgrsK4KH5aF7juce7DZTSvBSsPoqWUpzBOXn7TRoNI_rd8OrxdeDtwpoTXrWS-aKp7kM9q3PtdUiTbA9gKLFndw-4u4dBtPHIOZsFSAkg0pUcKA=w90-h62-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 5554
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

statically.io/?ref=imgext0

151.101.193.91

200 OK

31 kB

URL HTTP/2
statically.io/?ref=imgext0
IP
151.101.193.91:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31025 bytes)
Hash
91543b8259217d9179139186d9efa0ec
1e6d58f7fdb64d1c35ee9fbf6ce33031fba59d1e
4d6cb8efd9f3bdceb59bf66bb8126a4c7af35adf9f634e007479981fd1cd9c5f

HTTP Headers

GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 12
x-timer: S1664191404.405246,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00a3d214b0faaacf883560ec3885cc95
b0826d3d88ac03f0b6498181417062fa5f871b45
8f8700f507f5487d0614e896bcd82e9ee9b99b4293811de829363a874a04a2e1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8700F507F5487D0614E896BCD82E9EE9B99B4293811DE829363A874A04A2E1"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12852
Expires: Mon, 26 Sep 2022 14:57:36 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00a3d214b0faaacf883560ec3885cc95
b0826d3d88ac03f0b6498181417062fa5f871b45
8f8700f507f5487d0614e896bcd82e9ee9b99b4293811de829363a874a04a2e1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8700F507F5487D0614E896BCD82E9EE9B99B4293811DE829363A874A04A2E1"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1168
Expires: Mon, 26 Sep 2022 11:42:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive

qualificationsomehow.com/a6/7b/e6/a67be604660a0094f32a365302cb001e.js

192.243.59.20

200 OK

13 kB

URL HTTP/1.1
qualificationsomehow.com/a6/7b/e6/a67be604660a0094f32a365302cb001e.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37127), with no line terminators
Size
13 kB (13403 bytes)
Hash
2c46021a055faffb938a258208f12704
0eb9ba2980582dd144648fbbe73b605eff85997b
594914d6f146d15b9b2da04473fc9a6a0e9264b5563caf822812a7cb98a50a53

HTTP Headers

GET /a6/7b/e6/a67be604660a0094f32a365302cb001e.js HTTP/1.1
Host: qualificationsomehow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 832e5a9d5a836b1205f49bcbd67e30f1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d

151.101.86.137

200 OK

130 kB

URL HTTP/2
www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1242x710, components 3\012- data
Size
130 kB (129838 bytes)
Hash
1a1b4f1e23f4a7404e6e89dee80fa502
418d6da1f43f1fd1e3e45de8c6fb9d493910e8cb
88ff4dd1614a14bee90781ed1b9953272105a7d3a62d4fa92ab36055bed15491

HTTP Headers

GET /thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d HTTP/1.1
Host: www.investopedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 9GouAyPQlwIpsH0CK8t7ETtu+6fXEAqKQSxSWa4hszdzUhoxIBPPPSIhYSE2rOBbUpaizM8AkBA=
x-amz-request-id: ZERM5J4ER55MPXNW
last-modified: Wed, 05 Dec 2018 20:00:56 GMT
etag: "1a1b4f1e23f4a7404e6e89dee80fa502"
content-type: image/jpeg
server: AmazonS3
cache-control: max-age=31536000,public,no-transform
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/555/re.p"}]}
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
age: 1115534
x-served-by: cache-iad-kjyo7100111-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-length: 129838
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Last-Modified: Mon, 26 Sep 2022 09:55:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4708
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4708
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4708
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive

qualificationsomehow.com/95/24/13/952413d0662b81bf005b2dee80e7c6a1.js

192.243.59.20

200 OK

21 kB

URL HTTP/1.1
qualificationsomehow.com/95/24/13/952413d0662b81bf005b2dee80e7c6a1.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59770)
Size
21 kB (20569 bytes)
Hash
4787c386f0782810142152bd76aebb69
e0a5e4f38499152b4f63db433f0c3e258a29ca21
5baafc140c320b6e1dd7e170de7d03df0a90a1c416770b2d21849aea82c33359

HTTP Headers

GET /95/24/13/952413d0662b81bf005b2dee80e7c6a1.js HTTP/1.1
Host: qualificationsomehow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd-28118_1=0; expires=Tue, 04 Oct 2022 11:23:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd9b13e7922de440bdbc8a92d903694b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8851 bytes)
Hash
431ff1171a3d7c60a31cc1c3f62164ee
4b32113aaf50132b38c8034017a6eb5a32d7040b
65d598db252fb3979d3df3cb8d052861bb31d6187552f9c694ec27a322b308c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8851
x-amzn-requestid: dbe6ba4c-3d38-48e8-9d08-088d8e26e7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUDAE23oAMF_yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd46-4f3b85952fa3109d2921d0e1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wbbfzE5nQkhK_nsXX8XGJbOl3Yf6NDA1r_AC-0dOzqJDkLQ2BLxK9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:15:06 GMT
age: 43698
etag: "4b32113aaf50132b38c8034017a6eb5a32d7040b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F744f3733-ce02-4fd8-bd5a-62fdf6e03e58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14161 bytes)
Hash
45bfaa4f09146505d73d50365c63e9df
f31946e5ed8806c8c8ca0b7e7bcc8e3ea8df9c85
107d33f184be7c156e133b679752ee324be33c9c5e242ce67e0aafad811a592e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F744f3733-ce02-4fd8-bd5a-62fdf6e03e58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14161
x-amzn-requestid: e2dec384-fbe8-44d6-9024-dcf46ed71e27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSJuGQFIAMFS9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca3e-004eb3805201c42170903ac5;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ydsxR8YxLX5go4Ti83lBg05bRXvYryUWiFQe_qxYqerzlChGKwYV9A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:24 GMT
age: 48840
etag: "f31946e5ed8806c8c8ca0b7e7bcc8e3ea8df9c85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11728 bytes)
Hash
968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 45208
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 49549
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10944 bytes)
Hash
b6e43e36ae283d6ec12fb5c9c692fa83
a3b3a4396da5beac2430e8facdb4d4b799621c9d
49ed7dccf0fe8abb7b0bfdc34ff89b30ef719288571bb1d89d29a1cb8857310e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: 2711886c-e022-4a77-862e-9d7bbd0db02e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvxHsSIAMF8Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-6b464e2e489825b51447d74d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-nUwIxG9TDPRBSt8-RuITSg0nVZIMMidfKme75OXsqDXJ-vcXA41Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:25:00 GMT
age: 46704
etag: "a3b3a4396da5beac2430e8facdb4d4b799621c9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 46964
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
287d2412da1baf3c6215a6fcd00c7093
11d609821fa875407c9a943ff30875aa44459adb
accdc26685c3a61244f0fdc3b054c1cf26093c167e7a2e633f35f258dd7a2e45

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 11:23:24 GMT
Last-Modified: Mon, 26 Sep 2022 10:05:26 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nk_6ARNhefZfaJjLUl6-xQRYEhPv-mt9y1LtOcu_Vc5T5Azz95skMA==
Age: 4678

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11527
Expires: Mon, 26 Sep 2022 14:35:31 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive

simplewebanalysis.com/stats

52.29.95.124

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.95.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
254dbe1a4b94cfdc6eb454596b063e22
80a04ab612cc93c3e514d5cb2bef473dace8b2f5
102f04b4a7c0893b3517f86e53f39d855d9cff2214849c1d3930e32c173cfdfe

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://heavyfarm.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; expires=Thu, 23 Sep 2032 11:23:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.29.95.124

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.95.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f7766ba95b1f9c37e6946177200605db
dd341fd0a24564c162452023003577528f81c394
a406afc5c3098dc33097324f81a91aa006058855125d87cabac86fd3e00cf40e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://heavyfarm.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=16ccafe4-1033-4f59-9592-ce7f9fac42db:3:1; expires=Thu, 23 Sep 2032 11:23:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Last-Modified: Mon, 26 Sep 2022 09:55:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11527
Expires: Mon, 26 Sep 2022 14:35:31 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c7ea800ead2098437c53ff8af72fc54
6f92ca434ac508c6ade9e6dd4b5b7128b9cf09d3
c0b6c2602c3851630a6037f345a0ea0097ebc3249d1d40eed57d1493be69bd1d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0B6C2602C3851630A6037F345A0EA0097EBC3249D1D40EED57D1493BE69BD1D"
Last-Modified: Sat, 24 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10771
Expires: Mon, 26 Sep 2022 14:22:56 GMT
Date: Mon, 26 Sep 2022 11:23:25 GMT
Connection: keep-alive

wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=2419&rd=2419&fd=845&bv=22.9.v.1&tmpl=70

192.243.61.227

200 OK

0 B

URL HTTP/1.1
wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=2419&rd=2419&fd=845&bv=22.9.v.1&tmpl=70
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2419&rd=2419&fd=845&bv=22.9.v.1&tmpl=70 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 11:23:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d60144b96f72539719011cc71dcaa7c2
02a0962fe84b3466d77542f7b1b42a9efcc84479
814e75d1f248cd7bdc505fabec42b103880ed89329940be06d039b84d1f1b95f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "814E75D1F248CD7BDC505FABEC42B103880ED89329940BE06D039B84D1F1B95F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4402
Expires: Mon, 26 Sep 2022 12:36:47 GMT
Date: Mon, 26 Sep 2022 11:23:25 GMT
Connection: keep-alive

i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg

151.101.84.84

200 OK

193 kB

URL HTTP/2
i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 955x2518, components 3\012- data
Size
193 kB (193167 bytes)
Hash
27dc7c86fb1fb6c9c690d50a9b883bdd
865ea4c7b6a8c8dfa5e0c82b8644b50944ea58ee
f58e83f338524cf55215eb1560c854d38cc2d6c4dce10dc7fdf6b36d8da0db18

HTTP Headers

GET /originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "27dc7c86fb1fb6c9c690d50a9b883bdd"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 193167
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
35cb097903aed4a356615609258b02c6
9d13cf32015897c383b2a9117b3110927f3c3de3
3df8f2cd462368b8a981347224a54b1a4c3f284fdc44b13baeb2b8d53c49562c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5364
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:25 GMT
Last-Modified: Mon, 26 Sep 2022 09:54:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:17:18 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 933790101
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7aadec0470d3800b51d309acbb919f0b
ac624bfb598d1da6c0d9b7a42b4e1b888177f8f6
4469615d457c89c99dbb5fda8729f68d32f01d080c47fd991742c7d7fb4c6c17

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4469615D457C89C99DBB5FDA8729F68D32F01D080C47FD991742C7D7FB4C6C17"
Last-Modified: Sat, 24 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10615
Expires: Mon, 26 Sep 2022 14:20:20 GMT
Date: Mon, 26 Sep 2022 11:23:25 GMT
Connection: keep-alive

i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg

151.101.84.84

200 OK

26 kB

URL HTTP/2
i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 735x384, components 3\012- data
Size
26 kB (26530 bytes)
Hash
906ade6d4c3c29f2e66254e6d95b997f
efc9cc0fb05ebc6f7ac86af49bd1628f2b105bf0
9deafb62347767e34a93c670b8794826f4d3c2f7f22c4fb8320bae9c16da1457

HTTP Headers

GET /736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "906ade6d4c3c29f2e66254e6d95b997f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 26530
X-Firefox-Spdy: h2

i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg

151.101.84.84

200 OK

60 kB

URL HTTP/2
i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 590x755, components 3\012- data
Size
60 kB (59937 bytes)
Hash
12849301d921cf6b9e7571a26ec0939d
9cc20ed3fcb7d942107a4437feeb43ea0c35d155
3bc5ba809cc4376d1189c758af448635d1dbb9079e5196a79bca176ee084b447

HTTP Headers

GET /736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "12849301d921cf6b9e7571a26ec0939d"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 59937
X-Firefox-Spdy: h2

i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg

151.101.84.84

200 OK

21 kB

URL HTTP/2
i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 219x400, components 3\012- data
Size
21 kB (20993 bytes)
Hash
96d6642e696e654d556ae5277d2d88a5
5f6397509c95e02bee4f2b8f8f75a3fdcfaaaf07
0f3c5045fce88e0adc36d4675e9f4db6ad7f088ec0c9625dfb343690f1b984bb

HTTP Headers

GET /236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "96d6642e696e654d556ae5277d2d88a5"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 20993
X-Firefox-Spdy: h2

i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg

151.101.84.84

200 OK

7.4 kB

URL HTTP/2
i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 507x505, components 3\012- data
Size
7.4 kB (7351 bytes)
Hash
367452f98f5817d7c294662fd8d320a6
85a34a93c0b87e5294636178b618ebfc197e8b82
c97c1348635af074d8da6a4106e5988af2764957093c85746a14031dd31894c2

HTTP Headers

GET /564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "367452f98f5817d7c294662fd8d320a6"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 7351
X-Firefox-Spdy: h2

i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg

151.101.84.84

200 OK

18 kB

URL HTTP/2
i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 479x296, components 3\012- data
Size
18 kB (18139 bytes)
Hash
f7280b4f7bc9ad4cd1ea7f297944ddd8
aede3bf3ccc7483a49ee924dcfaf67091e6de76d
bc18d4f505ad0411c90ada79bfce7717a1e1eb78227d7c262471a25cf64491b9

HTTP Headers

GET /736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "f7280b4f7bc9ad4cd1ea7f297944ddd8"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 18139
X-Firefox-Spdy: h2

i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg

151.101.84.84

200 OK

43 kB

URL HTTP/2
i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
gzip compressed data, from Unix\012- data
Size
43 kB (42737 bytes)
Hash
bba7df081e89c78882b7e7b2982a1801
585dd80cf8b7544a84f65d4bc5e8943e9e2da44c
90b95264833d0a45aff410f379946ef8a4e6bb2435ba72330a5cb03af245eed2

HTTP Headers

GET /736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "ae0f68de0a2abe52c62857fcbb3c0c42"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 28686
X-Firefox-Spdy: h2

i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg

151.101.84.84

200 OK

32 kB

URL HTTP/2
i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 735x350, components 3\012- data
Size
32 kB (32172 bytes)
Hash
2990797064fd2540cdc5214b3466d424
efd08ed536ea229875d5f76089c2ac024424855a
32cdba3c3fd72a09ff826673873d318619abcde7f528574d1f648884b9747ad9

HTTP Headers

GET /736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "2990797064fd2540cdc5214b3466d424"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 32172
X-Firefox-Spdy: h2

i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg

151.101.84.84

200 OK

22 kB

URL HTTP/2
i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 735x413, components 3\012- data
Size
22 kB (22193 bytes)
Hash
1e47f4db1b6ba76df3fe4b2a90c9f67f
7c1d0e794e4c46eb0333ee9daffbd9b824b3941e
9d7f7e3724da6f3319f45be54b3a5fb930dd5648005e3bc5696fc51d72a3c5b0

HTTP Headers

GET /736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "1e47f4db1b6ba76df3fe4b2a90c9f67f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 22193
X-Firefox-Spdy: h2

i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg

151.101.84.84

200 OK

21 kB

URL HTTP/2
i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x340, components 3\012- data
Size
21 kB (20875 bytes)
Hash
3ff82cdab797d8cca3249b58999b7fe9
d9b5aa067823201c28cf18f8ceafe2dd8c06df69
5e61327e0071121b6f2bf1e267f779badc0afa26e49d9118fd6fa8228eeb1047

HTTP Headers

GET /736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "3ff82cdab797d8cca3249b58999b7fe9"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 20875
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

172.64.132.22

200 OK

52 kB

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.132.22:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
52 kB (52383 bytes)
Hash
a66a4502fa3bf1d2636e4f7004c1b925
e8c88967f79cc26eb36a82f4a211058373df04a8
fd90e5bb1546c57b5bbba99db5c4de50c08b7cc6c37e6d787f6efd3e0a1cd5b7

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c2bc0c4c3ab702974259f1b85d06fe94
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 11:23:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7U6Fi7p2NrMMfPexMSacf%2Bi0pQl%2BYF9LZ6Ofy%2Bb%2BWGtV6GBYYU1XANf0nyy26NQgub55eGHgQWqdpD1lPVhxz%2Bp52L3pK8fz3BCaiXMP4s2RfGl1qfzfMSoagv0waWZltGPZuCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba097eb74759d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg

151.101.84.84

200 OK

39 kB

URL HTTP/2
i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x537, components 3\012- data
Size
39 kB (39179 bytes)
Hash
ab6fc677f4aa0e53c1b1a831983aa16e
9810f2228082513156190c9896f70e7a98f35cc4
1e267d360ba7a62ffe740d0d3aefad094cc9726f11042016c979648914148363

HTTP Headers

GET /736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "ab6fc677f4aa0e53c1b1a831983aa16e"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 39179
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

172.64.129.12

200 OK

92 kB

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.129.12:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
92 kB (91715 bytes)
Hash
0f35fae0dccb4011fad805762ecef7fe
72a3bc5301932ae2e948476ba9d7d6e6c65c9919
6d82f6da01b029af795471c132bb7c16ade769d665d2f7c77c1c50f74de4b6e7

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: abac503add4e9da89c83c3e8726b07b2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 11:23:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIWm14wB6A5kY32wqHD3u4YCZx6gRcVie6a4mrc773vUh1JiIPPLBLcl333F7%2BzhQlpyZoDIyaCTaLXK3ILD9E3yN7EQqSYulEPOsbaHNJcI%2FxSY4lJf2eP73M6Gig59Lm6EU1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0972e8176d2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg

151.101.84.84

200 OK

92 kB

URL HTTP/2
i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x1324, components 3\012- data
Size
92 kB (92388 bytes)
Hash
4374f95e45053c375856b56901501e10
e043bda1a61a401d82f9d3e868c4dec584ab3c25
c33039e4d72406faf5b1381ecfc9c8ed0e456beda3ce539891b007a450979a81

HTTP Headers

GET /736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "4374f95e45053c375856b56901501e10"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 92388
X-Firefox-Spdy: h2

i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg

151.101.84.84

200 OK

158 kB

URL HTTP/2
i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 683x1024, components 3\012- data
Size
158 kB (157633 bytes)
Hash
4de40f37154fedeeff5e244e0bc4f5cc
bca4598673f95a906e09a2637d9bad999444f229
000888ccfc3b8af02bff60e648fb1a639ea2d86406b67436447e48a026787c9b

HTTP Headers

GET /originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "4de40f37154fedeeff5e244e0bc4f5cc"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 157633
X-Firefox-Spdy: h2

i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg

151.101.84.84

200 OK

87 kB

URL HTTP/2
i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x920, components 3\012- data
Size
87 kB (87217 bytes)
Hash
2a496260decfc283a2f251b8df4c849b
fd2c9acd8e1d023eb61d161aa0a36a7e3636d50b
f85532a144be78524318034d572119586f530de70d61a7c7e4d97ab22d3202f4

HTTP Headers

GET /736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "2a496260decfc283a2f251b8df4c849b"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 87217
X-Firefox-Spdy: h2

i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg

151.101.84.84

200 OK

74 kB

URL HTTP/2
i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 683x1024, components 3\012- data
Size
74 kB (73829 bytes)
Hash
5f2c73357b406b9c83509b45f2f0baa4
f07a8975c1385330b5134c87e739d3c9f83ea432
f88440c846a7c693e09e821c4551cfbfd85a2c5047fd0cfbcb547bc0a72cb48e

HTTP Headers

GET /736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "5f2c73357b406b9c83509b45f2f0baa4"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 73829
X-Firefox-Spdy: h2

i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg

151.101.84.84

200 OK

100 kB

URL HTTP/2
i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 723x688, components 3\012- data
Size
100 kB (100152 bytes)
Hash
c9afc1eb706cf0a160d2c8f3453507fe
6f36b7031321f4259c75dfa824a26617bd25a880
1e3cbe9e042725923e7800bae5b2a27dbaaf68274ac264261fc179871384e86e

HTTP Headers

GET /736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "c9afc1eb706cf0a160d2c8f3453507fe"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 100152
X-Firefox-Spdy: h2

i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg

151.101.84.84

200 OK

256 kB

URL HTTP/2
i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1326x2454, components 3\012- data
Size
256 kB (256426 bytes)
Hash
1af09bb4a9deee1e608ee43f206a2495
7aeb78d5f55eb64984af8720ee1f9ee809fec59f
e85b9239056741c1cd4ee443942f8d7fe4033bfb0d4abf8349d8058d2060ea65

HTTP Headers

GET /originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "1af09bb4a9deee1e608ee43f206a2495"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 256426
X-Firefox-Spdy: h2

i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png

151.101.84.84

200 OK

168 kB

URL HTTP/2
i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
PNG image data, 555 x 710, 8-bit/color RGBA, non-interlaced\012- data
Size
168 kB (167889 bytes)
Hash
cca62731197f50f1c045aa689f0939a0
64a27094ac20af139a645c52753818a1c6f92360
33fa53e614e802be8f729c9658547cd36490218a5b48d32d5ee08cb6c649fb10

HTTP Headers

GET /originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "cca62731197f50f1c045aa689f0939a0"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 167889
X-Firefox-Spdy: h2

i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg

151.101.84.84

200 OK

307 kB

URL HTTP/2
i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2500x1376, components 3\012- data
Size
307 kB (306985 bytes)
Hash
ea2d5739bb46225a08fd101f246e947f
ff20bc40a78fc024127e143de95dee49241a8fca
4dc290467e7005bc265f36401e8b880acd0d988a631b3bdf594a786c13d0fc9d

HTTP Headers

GET /originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "ea2d5739bb46225a08fd101f246e947f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 306985
X-Firefox-Spdy: h2

grumblecrytopless.com/sbar.json?key=a67be604660a0094f32a365302cb001e&uuid=a4146d6e-6d20-47f3-b60a-3eb01b16bd51%3A3%3A1

173.233.139.164

200 OK

4.1 kB

URL HTTP/1.1
grumblecrytopless.com/sbar.json?key=a67be604660a0094f32a365302cb001e&uuid=a4146d6e-6d20-47f3-b60a-3eb01b16bd51%3A3%3A1
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5783), with no line terminators
Size
4.1 kB (4073 bytes)
Hash
dfe12d9ed1607c07c3363dbf5017403d
da2009472bd0af6bf04f60f4b399a0944703f7f7
0cc4e500aa0dcac63e9a50f7bd2678bda836550b6e2afb2d361ea40c60616e46

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=a67be604660a0094f32a365302cb001e&uuid=a4146d6e-6d20-47f3-b60a-3eb01b16bd51%3A3%3A1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:25 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://heavyfarm.blogspot.com
Access-Control-Allow-Origin: https://heavyfarm.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16812971; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; expires=Mon, 03 Oct 2022 11:23:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
uncs=1; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
sleca67be604660a0094f32a365302cb001e=[3364848]; expires=Mon, 26 Sep 2022 11:23:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22f8a2eda8c51d80e910ce8098d1c6d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg

151.101.84.84

200 OK

829 kB

URL HTTP/2
i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 3648x2736, components 3\012- data
Size
829 kB (828597 bytes)
Hash
0f1306b3f18bc920035102939e42fffb
c1df0f040df5ac0cf7cad90bbea1d67e72a9a16d
c3b10eb15da020a3f45a40f928e60999574549fbae9da39607a370cb87988249

HTTP Headers

GET /originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "0f1306b3f18bc920035102939e42fffb"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 828597
X-Firefox-Spdy: h2

hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg

103.20.202.153

200 OK

274 kB

URL HTTP/1.1
hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg
IP
103.20.202.153:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1920x990, components 3\012- data
Size
274 kB (274534 bytes)
Hash
337d2da3b8ef81351e62169951f7255d
dc8c031b1131f63979f6267dffca50bc3999e216
f56ba7b6fa9559a3a0da917eda7c4185648eba5a1dd3abde3bcf074750a47fc8

HTTP Headers

GET /wp-content/uploads/2020/05/about-1920x990.jpg HTTP/1.1
Host: hkchef.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: image/jpeg
Content-Length: 274534
Connection: keep-alive
Last-Modified: Wed, 06 May 2020 04:40:29 GMT
Accept-Ranges: bytes

i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png

151.101.84.84

200 OK

1.8 MB

URL HTTP/2
i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
PNG image data, 1000 x 1500, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 MB (1779331 bytes)
Hash
380cb23f5f4345b1c78001a96d32fbe2
cb06cad3ac891bb51858a2a35ef2cc44c63b53f8
a1170d8cf1017d9f9ef4d9b6aa8735af0075182cdb894630e5001c6b0b58204a

HTTP Headers

GET /originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "380cb23f5f4345b1c78001a96d32fbe2"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 1779331
X-Firefox-Spdy: h2

grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ3fOejxQRIRhFOHHkgEIH8%2BvOg%2Bd2VjO7t2cXyCICRUpzFPTrd3askICIRJsInSOlsISUo3KB%2FwYQUioKdBeLg6%2F53tv3irfvm292ixNCUbDjy1fttjaGLS7Vae2tT8PwQm1Vp0W%2F1l9OPksaF2qu924rqdO3ax8qsWkXIxpSGtKwtqKdatv%2B4kSEzh60wnqL1htRPVxqoO%2F%2Bz30RwLMAsndCXoWW4%2FknwVloMULa%2Femy8pu5zd75oFsYlluHnjz4JN1MbZmiO4NtF6CdHpy6Yf2zlcew6f40LmzvXyPXYxI8fQyeHpyGBO%2FtTXNyA5WCy5dR9kZQZgTNRhD2FrR8RgAhcW0NaffuNetKtvVCZRN1TOaf%2FwVdjsn872eRdn%2B8ZHS%2FdsOaItc29ei3K%2Bj%2BCLozQlYcIt8%2BA10eQuRfQctfyeLzVaTdvTVvLLQ8Ps8aYSORiVpIZEQXGs12vMATyhZixWnIw4TLpXBakNYj6PYIRg3A%2FBwKH6DQAYp2gCIL0JXHNRGGYZNKwehyS4hYNhVPJA1Zsx2ykCbLKMTkHwbIswGEGUC4HWRuB5t6AFf8Ar9RwcsAPifoyQqlIig9QckISk1Q5gRlr9qXxke%2BuiuNL3h4uqPTHVdDm3d22b7NOyolu9kJeWVSXEDu3MemOq6xpMlVQhtJQhmlrUY7jlicLMU0EpzSUMHrCtqfAfMBtvWYnHv0HTI9JmfOr4OzQ3hzCKHPgRVvgJXDZkTBNoaNZYrt9CETue6xXEnldSetCwtpK2T5PPKtYNeckNemV4xv%2FgElji5%2Bzq%2BO%2F7z3N4SrkLkKX%2BgnBB1ze7huS7K3bktPHq5lue7qbTa58I2c5Wru%2B4%2FUVmmdvHLZD%2B69JybCBD74WPl8laVSpx1P7l%2FSUiq3Yp1Q5NEVf1Px64XfuFS4tMhWr7%2B%2FcqWbOeW9tukITI8JeXoEocfkpZ%2F3p4%2F39a%2B%2FhHYjuKJCtzgipwNtDyGyHfhslt%2FbOTgz8%2FAsQFlUQxfx2UejCYyaccYr%2BP9wPsO7%2FjY67k2w%2FBbSboWeq9AzFZgZwBdzwzxzRxd%2Fi6cDboIhNy7Y48aZb1%2BU6%2FVxrRnHlCWtpbDZZKrJG9FyOwklY1EjiZKExcj9WIR3fvgHAAD%2F%2FwEAAP%2F%2Fu%2BJYk4cEAAA%3D

173.233.139.164

200 OK

7 B

URL HTTP/1.1
grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ3fOejxQRIRhFOHHkgEIH8%2BvOg%2Bd2VjO7t2cXyCICRUpzFPTrd3askICIRJsInSOlsISUo3KB%2FwYQUioKdBeLg6%2F53tv3irfvm292ixNCUbDjy1fttjaGLS7Vae2tT8PwQm1Vp0W%2F1l9OPksaF2qu924rqdO3ax8qsWkXIxpSGtKwtqKdatv%2B4kSEzh60wnqL1htRPVxqoO%2F%2Bz30RwLMAsndCXoWW4%2FknwVloMULa%2Femy8pu5zd75oFsYlluHnjz4JN1MbZmiO4NtF6CdHpy6Yf2zlcew6f40LmzvXyPXYxI8fQyeHpyGBO%2FtTXNyA5WCy5dR9kZQZgTNRhD2FrR8RgAhcW0NaffuNetKtvVCZRN1TOaf%2FwVdjsn872eRdn%2B8ZHS%2FdsOaItc29ei3K%2Bj%2BCLozQlYcIt8%2BA10eQuRfQctfyeLzVaTdvTVvLLQ8Ps8aYSORiVpIZEQXGs12vMATyhZixWnIw4TLpXBakNYj6PYIRg3A%2FBwKH6DQAYp2gCIL0JXHNRGGYZNKwehyS4hYNhVPJA1Zsx2ykCbLKMTkHwbIswGEGUC4HWRuB5t6AFf8Ar9RwcsAPifoyQqlIig9QckISk1Q5gRlr9qXxke%2BuiuNL3h4uqPTHVdDm3d22b7NOyolu9kJeWVSXEDu3MemOq6xpMlVQhtJQhmlrUY7jlicLMU0EpzSUMHrCtqfAfMBtvWYnHv0HTI9JmfOr4OzQ3hzCKHPgRVvgJXDZkTBNoaNZYrt9CETue6xXEnldSetCwtpK2T5PPKtYNeckNemV4xv%2FgElji5%2Bzq%2BO%2F7z3N4SrkLkKX%2BgnBB1ze7huS7K3bktPHq5lue7qbTa58I2c5Wru%2B4%2FUVmmdvHLZD%2B69JybCBD74WPl8laVSpx1P7l%2FSUiq3Yp1Q5NEVf1Px64XfuFS4tMhWr7%2B%2FcqWbOeW9tukITI8JeXoEocfkpZ%2F3p4%2F39a%2B%2FhHYjuKJCtzgipwNtDyGyHfhslt%2FbOTgz8%2FAsQFlUQxfx2UejCYyaccYr%2BP9wPsO7%2FjY67k2w%2FBbSboWeq9AzFZgZwBdzwzxzRxd%2Fi6cDboIhNy7Y48aZb1%2BU6%2FVxrRnHlCWtpbDZZKrJG9FyOwklY1EjiZKExcj9WIR3fvgHAAD%2F%2FwEAAP%2F%2Fu%2BJYk4cEAAA%3D
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ3fOejxQRIRhFOHHkgEIH8%2BvOg%2Bd2VjO7t2cXyCICRUpzFPTrd3askICIRJsInSOlsISUo3KB%2FwYQUioKdBeLg6%2F53tv3irfvm292ixNCUbDjy1fttjaGLS7Vae2tT8PwQm1Vp0W%2F1l9OPksaF2qu924rqdO3ax8qsWkXIxpSGtKwtqKdatv%2B4kSEzh60wnqL1htRPVxqoO%2F%2Bz30RwLMAsndCXoWW4%2FknwVloMULa%2Femy8pu5zd75oFsYlluHnjz4JN1MbZmiO4NtF6CdHpy6Yf2zlcew6f40LmzvXyPXYxI8fQyeHpyGBO%2FtTXNyA5WCy5dR9kZQZgTNRhD2FrR8RgAhcW0NaffuNetKtvVCZRN1TOaf%2FwVdjsn872eRdn%2B8ZHS%2FdsOaItc29ei3K%2Bj%2BCLozQlYcIt8%2BA10eQuRfQctfyeLzVaTdvTVvLLQ8Ps8aYSORiVpIZEQXGs12vMATyhZixWnIw4TLpXBakNYj6PYIRg3A%2FBwKH6DQAYp2gCIL0JXHNRGGYZNKwehyS4hYNhVPJA1Zsx2ykCbLKMTkHwbIswGEGUC4HWRuB5t6AFf8Ar9RwcsAPifoyQqlIig9QckISk1Q5gRlr9qXxke%2BuiuNL3h4uqPTHVdDm3d22b7NOyolu9kJeWVSXEDu3MemOq6xpMlVQhtJQhmlrUY7jlicLMU0EpzSUMHrCtqfAfMBtvWYnHv0HTI9JmfOr4OzQ3hzCKHPgRVvgJXDZkTBNoaNZYrt9CETue6xXEnldSetCwtpK2T5PPKtYNeckNemV4xv%2FgElji5%2Bzq%2BO%2F7z3N4SrkLkKX%2BgnBB1ze7huS7K3bktPHq5lue7qbTa58I2c5Wru%2B4%2FUVmmdvHLZD%2B69JybCBD74WPl8laVSpx1P7l%2FSUiq3Yp1Q5NEVf1Px64XfuFS4tMhWr7%2B%2FcqWbOeW9tukITI8JeXoEocfkpZ%2F3p4%2F39a%2B%2FhHYjuKJCtzgipwNtDyGyHfhslt%2FbOTgz8%2FAsQFlUQxfx2UejCYyaccYr%2BP9wPsO7%2FjY67k2w%2FBbSboWeq9AzFZgZwBdzwzxzRxd%2Fi6cDboIhNy7Y48aZb1%2BU6%2FVxrRnHlCWtpbDZZKrJG9FyOwklY1EjiZKExcj9WIR3fvgHAAD%2F%2FwEAAP%2F%2Fu%2BJYk4cEAAA%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5fa8b2836e725b8fbfa4e1157526dac6
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d6901262bc1a9e9a70324a3aa32e5c6f
57774ebdd2cbeaa01b7c1694eecc79480799d7f3
a2241df56c24736a566e75a08c8d1213682809229ea3230316aab054428aedb0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 816
Cache-Control: max-age=108918
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:26 GMT
Etag: "63308ef4-117"
Expires: Tue, 27 Sep 2022 17:38:44 GMT
Last-Modified: Sun, 25 Sep 2022 17:25:08 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

s4.histats.com/stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w

192.99.8.34

200 OK

50 B

URL HTTP/1.1
s4.histats.com/stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w
IP
192.99.8.34:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
8def6afac4ffbdde378205a7ff7d26b6
d4c96c4febdee7c1453c71590b10c5dcfb46c5c1
4d4ee7b94223d6cc914f7312556d8106ff0ba5a32ef7ccc107e776136f712fba

HTTP Headers

GET /stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
30f7bd40b234f7d4313f4d35ecef68a2
de0049b26d8484ad57bb61d0d84eabf4dae81e1d
536197d9b0247e1899a2d96c85fd95c3d7f2fa592fe5371e0f147a297f372982

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "536197D9B0247E1899A2D96C85FD95C3D7F2FA592FE5371E0F147A297F372982"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14355
Expires: Mon, 26 Sep 2022 15:22:41 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 12:17:26 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 12:17:26 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a67be604660a0094f32a365302cb001e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a67be604660a0094f32a365302cb001e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a67be604660a0094f32a365302cb001e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7fcd29de5746eef0d7f07cf63e1f667
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html

172.67.74.218

200 OK

596 B

URL HTTP/2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
IP
172.67.74.218:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
596 B (596 bytes)
Hash
2bb74ed6057da5549215f27be9259978
29d846959f23ecc05066ff6d4a5a81ce43990c2c
3b13560546a94267cefba02c4ba81853c9de6e01d439c0f3550d0d712eff6717

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot2Ge5TsKSJMS5GmOgkssVmVux%2BzKS61wY%2BdRPxDLVnye8NK9WUwVG5rf9zlQUwh7BnCuN2oXPEQEkPGuoViwXQG%2Brb6gp%2B61v%2BPDl%2BynGJP7kVGyVGVL2I9yym2GcSMdvxKlWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a0aafbb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=952413d0662b81bf005b2dee80e7c6a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=952413d0662b81bf005b2dee80e7c6a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=952413d0662b81bf005b2dee80e7c6a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f899377d789933182db86af7547baa82
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png

172.64.200.2

200 OK

2.0 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2008 bytes)
Hash
ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87xs5InbpJgWFfuCzIbPXijvK25RcBkf0vBGDV2R3K8E6L6U0UD4cQfcqNbmmsFxEYm5NsOzxzTpxnOuLYi7ISZQ00yP8a3U7PRLAbG%2F3g0DlqYpVDu7v8F5Pd0gEJXv7ss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b3b75db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png

172.64.200.2

200 OK

1.1 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1138 bytes)
Hash
9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pv7OGKy%2FnRhtfEo1IVN4Bibessf%2F1jUfaQ2qXfEFE83V5WBaVgVqZlDPZT4Fzsh5V159lC2MFRXuD%2B%2BGNPnbXNUmbJK9ts1GpWe9wxRa0qxU9Y12V8tXFCTCv6stLQZ1VDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b3f75db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png

172.64.200.2

200 OK

6.0 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65t1%2Bz8EwWAvLa71r8RAyf7ay88VpS02qnMKAi88VaBzbixdspJY6OUl2%2F89NofvM4S0AAM9KxSc3SQSfASlqTJkQKq8OEhvgn6Yi84LPtiZ0ZwnRXgw2qUaJUtxgGMoUy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a50b3775db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png

172.64.200.2

200 OK

157 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size
157 kB (157252 bytes)
Hash
70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grn5pPsUvwcnHIuDPGa1GaSP4koNoDcK9%2FvbJhGt0OEogzB2IpmASfTjGD6vKrj0qPcQfLHjpwwQdEtRiX1nDDIh%2Bin7d2sTm4wIXPrc5bYMjoe0Ijs79wTw%2F6%2Bm6hhiWW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b4175db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 12:17:26 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.10

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1131 bytes)
Hash
df4b75d3fc643d50362311da68ef4477
39591e69768471e8ce7130cf71d2a11369a1b514
d0ba8ad4168d2c6fbc6e29ec7728a92cefd7f47da06dfa0bf9f2123f245bd99e

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 11:23:26 GMT
date: Mon, 26 Sep 2022 11:23:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css

172.64.200.2

200 OK

4.8 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.8 kB (4847 bytes)
Hash
c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g40G0kqvZ5pnV5l3%2B5HWuPNCOzFPlTDpEaVWugL12iWySImXYu19Jljg6e2yaMsmyRtwugkGXh8SmE%2BHFpJhOQ1OOadzv2GkoAWjNmaak8gqRzHxygI6keDE%2BoFE9AjFoa4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a4eafd75db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=336

173.233.139.164

200 OK

0 B

URL HTTP/1.1
grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=336
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=336 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js

172.64.200.2

200 OK

16 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
16 kB (16061 bytes)
Hash
da7b59c153ec8506cfec5787662b101b
aa94b9aeb4131d61b32d3b64edd3095831ba1c6d
d5c9a6460319a82e95dca9e408881dbd97669de2a7dcea64d920a6e688917899

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:27 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvL8iTat8EmX7KCYVD7i5xM%2BeJMXAtZm8PcmiSuZteUrd4QvdCFa4F0Rci4KC9%2FZEs7z0GiPwFGhFRtDkeK6QeXRdmDaXZ%2FR8oywkffoZ%2Bp9NpQo%2FDBSnsCqDbBcBlFDfY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a5cc3c75db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css

172.64.200.2

200 OK

18 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
18 kB (18115 bytes)
Hash
6b32ae9b4123f2596b64e3059bc18255
32bea2f5e6303900fa9133a03a1b1986aa862204
857160fb719b3bf990ad11742480bf0aa3f59d1303257acc256de14868e85537

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:27 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVrCyB2Z7UG3rg7dbo2%2FWMRt4tuJES0sWegJ%2BEsvhipr4neR7Uhx9ng4A4ko7pQvGnIPkRHQdh093txNWy2P2qns6doi956gNiWQOI7WgHUfxg68npZCP0gxTniBWG3Ixa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a4daf375db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

173.233.139.164

200 OK

0 B

URL HTTP/1.1
grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=278
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=278 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ%2B7F3JkVEMEYWThw5oNDB%2FNrz4Lmd1czu7dkFsohAkdIcBf36nR0rJCAi0SZC50gpLCHlqFzgvwGElIoC3cXi4Gu%2B9%2Fa94u375pu9%2FJRQ5Oxk%2Bard0cawxWaVVt76NAwvVdZ0kvcr%2FXb0WdS4VHG9d5eiKn278qESW3axRkNKQxpWVrRTse0vTkTo9MFSWF2i1UatGjYb6Lv%2Fc58H8CyA7J2SV6HleP5JcB5ajJB0f1pWfiuz6TsfdHPDMuvQk4efJFuJLRJ0ZzB2AeLk8MwN65%2BtPIZNDqZxYXv%2FGrkek%2BDpY%2FDk8CwkeG9%2FmpMbqARcvoyiN4IyI2g2grC3oOUzAgiJa%2BtIunevWVew7Rcqm6hjMv%2F8L%2BhiTOZ%2FP4%2Bk%2B%2BMVo%2FuVG9bkmbaJRz8uofsj6M4IaX6EbOccdHEEkX0FLX8li8%2FXkHT3172x0PLkImuEjUhGaiGSNbrQaMX1BR5RtlBXnIY8jLhshtOCtB5BxyMYNQDzc8h9gFwHyOMAeRqgK08qIgzDFpWC0faSEHXZUjySNGStOGQhjdrIxeQfBsjSAYQZQLhdpG4XW3oAl%2F8Cv1nCywA%2BI%2BjJEoUiKDxBwQgKTVBkBEWvPJDG13x5Vxqf8%2FBs1852vRzarLPHDmzWUQnZS0%2FJK5PiAnLnPrbUSYVFLa4i2ogiyihdasT1GqtHzTqtCU5pqOB1Ce3PgfkAO3pMLjz6Dqkek3MXN8DZEbw5gtAXwPI3wIphq0bBNoeNNsVO8pCJTPdYpqTyupNUhYW0JdJsHtl2sGdOyWvTK9Zv%2FgElji9%2Fzq%2BO%2F7z3N4QrkboSX%2BgnBB1ze7hhC7K%2FYQtPHq6nme7qHTa58I2MZWru%2B4%2FUdmGdXF32g3vviYkwgQ8%2BVj5bY4nUSceT%2B1e0lMqtWCcUebTqbyp%2BPfebV3KX5Ona9fdXVrupU95rm4zA9JiQp8cQekxe%2Bvlg%2Bnhf%2F%2FpLaDeCy0t082NyNtD2CCLdhU9n%2Bb2dgzMzD08DFHk5dDU%2B%2B2g0gVEzzngJ%2Fx%2FOZ3jP30bHvQmW3ULSLdFzJXqmBDMD%2BHxumKXu%2BPJv9emAm2DIjQv2uXHm2xflen1SqVPZ4ipWLa4azUashOTNJqciFrwu222BzI9FeOeHfwAAAP%2F%2FAQAA%2F%2F87No17hwQAAA%3D%3D

173.233.139.164

200 OK

7 B

URL HTTP/1.1
grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ%2B7F3JkVEMEYWThw5oNDB%2FNrz4Lmd1czu7dkFsohAkdIcBf36nR0rJCAi0SZC50gpLCHlqFzgvwGElIoC3cXi4Gu%2B9%2Fa94u375pu9%2FJRQ5Oxk%2Bard0cawxWaVVt76NAwvVdZ0kvcr%2FXb0WdS4VHG9d5eiKn278qESW3axRkNKQxpWVrRTse0vTkTo9MFSWF2i1UatGjYb6Lv%2Fc58H8CyA7J2SV6HleP5JcB5ajJB0f1pWfiuz6TsfdHPDMuvQk4efJFuJLRJ0ZzB2AeLk8MwN65%2BtPIZNDqZxYXv%2FGrkek%2BDpY%2FDk8CwkeG9%2FmpMbqARcvoyiN4IyI2g2grC3oOUzAgiJa%2BtIunevWVew7Rcqm6hjMv%2F8L%2BhiTOZ%2FP4%2Bk%2B%2BMVo%2FuVG9bkmbaJRz8uofsj6M4IaX6EbOccdHEEkX0FLX8li8%2FXkHT3172x0PLkImuEjUhGaiGSNbrQaMX1BR5RtlBXnIY8jLhshtOCtB5BxyMYNQDzc8h9gFwHyOMAeRqgK08qIgzDFpWC0faSEHXZUjySNGStOGQhjdrIxeQfBsjSAYQZQLhdpG4XW3oAl%2F8Cv1nCywA%2BI%2BjJEoUiKDxBwQgKTVBkBEWvPJDG13x5Vxqf8%2FBs1852vRzarLPHDmzWUQnZS0%2FJK5PiAnLnPrbUSYVFLa4i2ogiyihdasT1GqtHzTqtCU5pqOB1Ce3PgfkAO3pMLjz6Dqkek3MXN8DZEbw5gtAXwPI3wIphq0bBNoeNNsVO8pCJTPdYpqTyupNUhYW0JdJsHtl2sGdOyWvTK9Zv%2FgElji9%2Fzq%2BO%2F7z3N4QrkboSX%2BgnBB1ze7hhC7K%2FYQtPHq6nme7qHTa58I2MZWru%2B4%2FUdmGdXF32g3vviYkwgQ8%2BVj5bY4nUSceT%2B1e0lMqtWCcUebTqbyp%2BPfebV3KX5Ona9fdXVrupU95rm4zA9JiQp8cQekxe%2Bvlg%2Bnhf%2F%2FpLaDeCy0t082NyNtD2CCLdhU9n%2Bb2dgzMzD08DFHk5dDU%2B%2B2g0gVEzzngJ%2Fx%2FOZ3jP30bHvQmW3ULSLdFzJXqmBDMD%2BHxumKXu%2BPJv9emAm2DIjQv2uXHm2xflen1SqVPZ4ipWLa4azUashOTNJqciFrwu222BzI9FeOeHfwAAAP%2F%2FAQAA%2F%2F87No17hwQAAA%3D%3D
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ%2B7F3JkVEMEYWThw5oNDB%2FNrz4Lmd1czu7dkFsohAkdIcBf36nR0rJCAi0SZC50gpLCHlqFzgvwGElIoC3cXi4Gu%2B9%2Fa94u375pu9%2FJRQ5Oxk%2Bard0cawxWaVVt76NAwvVdZ0kvcr%2FXb0WdS4VHG9d5eiKn278qESW3axRkNKQxpWVrRTse0vTkTo9MFSWF2i1UatGjYb6Lv%2Fc58H8CyA7J2SV6HleP5JcB5ajJB0f1pWfiuz6TsfdHPDMuvQk4efJFuJLRJ0ZzB2AeLk8MwN65%2BtPIZNDqZxYXv%2FGrkek%2BDpY%2FDk8CwkeG9%2FmpMbqARcvoyiN4IyI2g2grC3oOUzAgiJa%2BtIunevWVew7Rcqm6hjMv%2F8L%2BhiTOZ%2FP4%2Bk%2B%2BMVo%2FuVG9bkmbaJRz8uofsj6M4IaX6EbOccdHEEkX0FLX8li8%2FXkHT3172x0PLkImuEjUhGaiGSNbrQaMX1BR5RtlBXnIY8jLhshtOCtB5BxyMYNQDzc8h9gFwHyOMAeRqgK08qIgzDFpWC0faSEHXZUjySNGStOGQhjdrIxeQfBsjSAYQZQLhdpG4XW3oAl%2F8Cv1nCywA%2BI%2BjJEoUiKDxBwQgKTVBkBEWvPJDG13x5Vxqf8%2FBs1852vRzarLPHDmzWUQnZS0%2FJK5PiAnLnPrbUSYVFLa4i2ogiyihdasT1GqtHzTqtCU5pqOB1Ce3PgfkAO3pMLjz6Dqkek3MXN8DZEbw5gtAXwPI3wIphq0bBNoeNNsVO8pCJTPdYpqTyupNUhYW0JdJsHtl2sGdOyWvTK9Zv%2FgElji9%2Fzq%2BO%2F7z3N4QrkboSX%2BgnBB1ze7hhC7K%2FYQtPHq6nme7qHTa58I2MZWru%2B4%2FUdmGdXF32g3vviYkwgQ8%2BVj5bY4nUSceT%2B1e0lMqtWCcUebTqbyp%2BPfebV3KX5Ona9fdXVrupU95rm4zA9JiQp8cQekxe%2Bvlg%2Bnhf%2F%2FpLaDeCy0t082NyNtD2CCLdhU9n%2Bb2dgzMzD08DFHk5dDU%2B%2B2g0gVEzzngJ%2Fx%2FOZ3jP30bHvQmW3ULSLdFzJXqmBDMD%2BHxumKXu%2BPJv9emAm2DIjQv2uXHm2xflen1SqVPZ4ipWLa4azUashOTNJqciFrwu222BzI9FeOeHfwAAAP%2F%2FAQAA%2F%2F87No17hwQAAA%3D%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38a0cc68f632153cbd91cc31dc12b4b5
Strict-Transport-Security: max-age=0; includeSubdomains

grumblecrytopless.com/pixel/sbs?c=1

173.233.139.164

200 OK

0 B

URL HTTP/1.1
grumblecrytopless.com/pixel/sbs?c=1
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

statically.io/?ref=imgext0

151.101.193.91

200 OK

0 B

URL HTTP/2
statically.io/?ref=imgext0
IP
151.101.193.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 11
x-timer: S1664191404.404506,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2

statically.io/?ref=imgext0

151.101.193.91

200 OK

0 B

URL HTTP/2
statically.io/?ref=imgext0
IP
151.101.193.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 11
x-timer: S1664191404.404523,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js

172.64.200.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JnfTzraPpxx%2BjWfeVG5EpVs%2FZJTjk0EOzns8mR3EePIZxlmbGuPBOH9pXHgTkj0sUwMPTbaYo0ZDp0OnBXg%2Bapm8okvX78s%2BH721S3b7%2B8f7aMq9YBCGn3I2O7L8FBQ1jw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b4375db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations