r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6333
Expires: Mon, 26 Sep 2022 13:08:55 GMT
Date: Mon, 26 Sep 2022 11:23:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 11:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mAH8BBLcHW77erUkMkSENwnyeYZU1KhqNu0t04W0Sy8vkgBTbsDMIQ==
Age: 484
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x9H3xlUigVBMf5W1uzEhoLKbMJUdaTNOYfb6UPUf6YCbKQgth8M2kw==
age: 24487
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 11:23:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 11:10:46 GMT
Expires: Mon, 26 Sep 2022 11:28:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fIDKzYrjyvYAEVZpGBVxIj5k7Prf5sb6klf9YEhqvrw7sgh0WJo6KA==
Age: 756
heavyfarm.blogspot.com/
142.250.74.161301 Moved Permanently 178 B IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash adb6717b342e39726b0971bfd0b7013c
e9dd64e856497a6a42e836c82dae25b075db3a24
ab05a3417604bc33aecc60d2d8445e4e008bbb0fa9f41a1d2659bbbcb1208cd9
GET / HTTP/1.1
Host: heavyfarm.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://heavyfarm.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 11:23:22 GMT
Expires: Mon, 26 Sep 2022 11:23:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 178
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5081dc1508d43c1e614957b7a94bab1a
4eecce92d0ed0a867a5c6545238b8ec255aded8b
17aeec36af397aa62a479b610a5dd05987c22cbb58d26d4e79b3e403af5cf9b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2005
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Last-Modified: Mon, 26 Sep 2022 10:49:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CFZJH08dwsg3d/Elso0Gqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0dXIysARDPdtBSJbE6CkR4Lrymo=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5081dc1508d43c1e614957b7a94bab1a
4eecce92d0ed0a867a5c6545238b8ec255aded8b
17aeec36af397aa62a479b610a5dd05987c22cbb58d26d4e79b3e403af5cf9b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/fontawesome.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/fontawesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (57317)
Hash cb27e13a5b2d90fe0d96a865efc886f8
dfa5d3d9602ceab98080c8be727146d1c4908be3
b0eb3372324c99452ca27a1850c9d9a868090fcc0af0ba1e33392daf1d5304e5
GET /ajax/libs/font-awesome/5.14.0/css/fontawesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:23 GMT
content-type: text/css; charset=utf-8
content-length: 10184
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f0f47d3-e09f"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9538981
expires: Sat, 16 Sep 2023 11:23:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojKMyFNeFDzh1WU09Ze1fhPLdIi7Wf%2F51r956E2yETFPkZc%2Fdr9xSd6TO0y3j3A20nyQyVa06w7Pv5no1wnI3Xl1qzNlQ0YBphpSxnqo450WO%2Ff4jUSQow4nxWUhh0WsoSnbe2nh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750ba090cfe7b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
heavyfarm.blogspot.com/
142.250.74.161200 OK 34 kB IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1361)
Hash 6efb77bb7ef016737c2a3a18d7c8ad3d
a6f4896826702055057825bde9ee4a84346a171f
cefaf555fbe7115838c7ef9eb343e37aa4c8ccb6a26f4352ffb36fa02cb71022
GET / HTTP/1.1
Host: heavyfarm.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 26 Sep 2022 11:23:23 GMT
date: Mon, 26 Sep 2022 11:23:23 GMT
cache-control: private, max-age=0
last-modified: Mon, 19 Sep 2022 08:16:15 GMT
etag: W/"e00714442037adefa81d39422cca8acbaf9c2e35d5a3800547ef83d7ef74f211"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 34080
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/aryvkurniawan/kinan/sidebar.js
151.101.85.229200 OK 21 B URL HTTP/2 cdn.jsdelivr.net/gh/aryvkurniawan/kinan/sidebar.js
IP 151.101.85.229:0
File type very short file (no magic)
Hash 1a60c330fb42841e8dcf3cd507a70bfc
9ba9c8d18f6be7851b4d88e3b608a9979f56a083
7fa5a93246b84491c51c9c8b4493d30518932a2bb45d67df757bc8a332b1f2d1
GET /gh/aryvkurniawan/kinan/sidebar.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"1-rcg7GeeTSRscbqD9i0bNnzLlkvw"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:23 GMT
age: 32014
x-served-by: cache-fra19144-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8c5ef2f4f663344f1632b3eb8d0649c3
6c2b58649ef2cf95baa7738144b39ed986580c95
26b6489dab75fc0e12f7cf1249ede296389ab38eb034d67daeb3e9750dec81d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer1.js
151.101.85.229200 OK 203 B URL HTTP/2 cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer1.js
IP 151.101.85.229:0
Hash c61f0773acb99e4f315f5b749c9511e4
ff28827668e614447da248a1c5b3b6dc1b0ed2bc
792d81a04f662a0fe27d78c9e7f8d1c12c4eaefca53cd8b646b981ef4e14fd0b
GET /gh/aryvkurniawan/kinan/footer1.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"10c-Q+Dvli8M1N+yku8cSuD9R0mo7/o"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:23 GMT
age: 5846
x-served-by: cache-fra19158-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 203
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer2.js
151.101.85.229200 OK 204 B URL HTTP/2 cdn.jsdelivr.net/gh/aryvkurniawan/kinan/footer2.js
IP 151.101.85.229:0
Hash 777be15fae99c60b99af2de1fe57a47e
65d1d052d6ef11a18fd51b8c05758e0244eefc49
53d30793a15efb07b2f03f27c6f7140b40cb1772b16351e440238dc11ca308b4
GET /gh/aryvkurniawan/kinan/footer2.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"10c-bL4v3nnpr9dfTsItAczZ39YZ5Gc"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:23 GMT
age: 14148
x-served-by: cache-fra19158-FRA, cache-bma1672-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 204
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/4150139458-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 70013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
142.250.74.163200 OK 52 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 52404, version 1.0\012- data
Hash b3447ba24a6e2329f683c53cbb42b0cb
1f2357ad8aa011e0a67c60086c5e3eb4c8ccd4cc
4d44818149772885a471e8bedfac070b642f433961c01829b50fa4dcaadba5e6
GET /s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 52404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 06:42:03 GMT
expires: Wed, 20 Sep 2023 06:42:03 GMT
cache-control: public, max-age=31536000
age: 535280
last-modified: Fri, 26 Jun 2020 02:46:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 9c7f9aa8cbbe9f9538b7b40e2ddd9583
b7db0f7b9fdac06b31b35e3bbe1c2a61bae35349
c3a71158a0eda86ff7f2325e10e37ae9dcc74b4a2f2086c991e8e2e38be6fda7
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 11:23:23 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "267A4072ECD212ABC39FF3D34368095FEFBCE234"
Expires: Mon, 26 Sep 2022 22:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1639
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750ba091cd011bfe-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8c5ef2f4f663344f1632b3eb8d0649c3
6c2b58649ef2cf95baa7738144b39ed986580c95
26b6489dab75fc0e12f7cf1249ede296389ab38eb034d67daeb3e9750dec81d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha08W_YBJMvhbSHBkTXmsB1heVTBS_ycf1C7VbnRK7-9ie4PThgVML-xYCpAb_vzrseiCeU__XHaBKttYXWvmroFoUGKFcP5x2LHdkccvGKH-8bGKsVR-F48vmVB9EMEeBieexhAGaajX_UKWl9oA-tpWi2b7ziSM7aEgepbluGItIBUJCThMx7Vq1-XzgRzEwZy1x3MkYxj=w145-h100-p-k-no-nu
142.250.74.1404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha08W_YBJMvhbSHBkTXmsB1heVTBS_ycf1C7VbnRK7-9ie4PThgVML-xYCpAb_vzrseiCeU__XHaBKttYXWvmroFoUGKFcP5x2LHdkccvGKH-8bGKsVR-F48vmVB9EMEeBieexhAGaajX_UKWl9oA-tpWi2b7ziSM7aEgepbluGItIBUJCThMx7Vq1-XzgRzEwZy1x3MkYxj=w145-h100-p-k-no-nu
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 4e26ead020605c8da04ea31eca32ddeb
8f8462562aace11f95574ef5ad0c3b5410115769
eb59802e8f710449b44519d2119f82ee2bb3f3575290fdbc8ed1c5734940f889
GET /blogger_img_proxy/ANbyha08W_YBJMvhbSHBkTXmsB1heVTBS_ycf1C7VbnRK7-9ie4PThgVML-xYCpAb_vzrseiCeU__XHaBKttYXWvmroFoUGKFcP5x2LHdkccvGKH-8bGKsVR-F48vmVB9EMEeBieexhAGaajX_UKWl9oA-tpWi2b7ziSM7aEgepbluGItIBUJCThMx7Vq1-XzgRzEwZy1x3MkYxj=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 1807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w90-h62-p-k-no-nu
142.250.74.1404 Not Found 1.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w90-h62-p-k-no-nu
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8bc006423781761f60eaa9da1a20d31a
6e6c755ae2523ef8e37a865e34c22564050c4808
7beb08ef98f330417aa489868b0b56db87939ef0aa078479f02498375f07b099
GET /blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w90-h62-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 1911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w145-h100-p-k-no-nu
142.250.74.1404 Not Found 1.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w145-h100-p-k-no-nu
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c718ae87f44c9ff39036e0091de47ce8
264a53b620e1320f70a129ac51d3e719cd29e511
2856f9f630fe579996a233d8af3ff3502fb36b378f05dcd3f3c1922c0147c19b
GET /blogger_img_proxy/ANbyha0Y-jPX9N4kSIYJmqxEWx0oehM2y3zqjH5g43msRvDO8X7rSep3N5H4TRbzWgvHFyS-HkaVtKXgm_goln7m19Im8wp-afS3r1_2HG1IOqbz8kFFXlSvwJtQD2hxSwQqQdFAkbtOYpCV23sYAR9Nsr21ReuQMtvfPobebom4LQm9K01hvu1lidugJ8yzYpwJXIRzTv4PEKn22585c7r-bwtB3y3KObhQADBaAfuOyJvuyRjuPPdVtjnzI7lt_1ujJwTpnq-2YwE5mvsjwMXx5xPMGOcV5m5IMpq1rulAqV5kMHsc_boHhQ=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 1913
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/06/greenhills-1024x414.jpg
151.101.85.91400 Bad Request 722 B URL HTTP/2 cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/06/greenhills-1024x414.jpg
IP 151.101.85.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ce36f6f2e152066335e11e4adf2d1a26
27277d881fcafd3b7e7daa0a4be075ad0d5d9e2f
eea8e5d14c86e10b74d216228d086bf074b4b3047b2756b9f47cd224d63ab420
GET /img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/06/greenhills-1024x414.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
content-type: text/html
date: Mon, 26 Sep 2022 11:23:24 GMT
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: MISS
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 722
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d
151.101.85.91301 Moved Permanently 0 B URL HTTP/2 cdn.statically.io/img/www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d
IP 151.101.85.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/93/cf/dc/93cfdc7ee1b3fb2f5886448e5ae4a31e.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/b3/21/2c/b3212c559ae5218b6fa8e50d020ad604.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
151.101.85.91301 Moved Permanently 30 B URL HTTP/2 cdn.statically.io/img/i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
IP 151.101.85.91:0
File type ASCII text, with no line terminators
Hash e3865605dd5f30c730b091941513f2cd
7a84cfb40e4351cdcb28039c1f48466159871b9f
c2d2beff86bc96290cbe88407aaa3bf7d92b3b6ea2c2e9edbe1079eacf966571
GET /img/i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
X-Firefox-Spdy: h2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=116488793067524
151.101.85.91301 Moved Permanently 0 B URL HTTP/2 cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=116488793067524
IP 151.101.85.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=116488793067524 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2
cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg
151.101.85.91400 Bad Request 722 B URL HTTP/2 cdn.statically.io/img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg
IP 151.101.85.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ce36f6f2e152066335e11e4adf2d1a26
27277d881fcafd3b7e7daa0a4be075ad0d5d9e2f
eea8e5d14c86e10b74d216228d086bf074b4b3047b2756b9f47cd224d63ab420
GET /img/cdn.statically.io/img/hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
content-type: text/html
date: Mon, 26 Sep 2022 11:23:24 GMT
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: MISS
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 722
X-Firefox-Spdy: h2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100079448235933
151.101.85.91301 Moved Permanently 0 B URL HTTP/2 cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100079448235933
IP 151.101.85.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100079448235933 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408153908921
151.101.85.91301 Moved Permanently 0 B URL HTTP/2 cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408153908921
IP 151.101.85.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408153908921 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2
cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408133908923
151.101.85.91301 Moved Permanently 0 B URL HTTP/2 cdn.statically.io/img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408133908923
IP 151.101.85.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=141408133908923 HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5
date: Mon, 26 Sep 2022 11:23:24 GMT
location: https://statically.io/?ref=imgext0
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1645-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash e743943ac44438892faf1cef2665e819
710d9d7f1e3b7d82aa989fd4fa36d7214345d58b
d6bec6b885ec2a7550daecadbab34363e6eb1b5b7d88d51a610f5962b2999a11
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F449F881E330DC014B0D83A546D80E6936C1AD"
Expires: Mon, 26 Sep 2022 22:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2540
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750ba094f87b1bfe-OSL
lh3.googleusercontent.com/blogger_img_proxy/ANbyha22Do1hyUd73KCr2MvfkGQ7pxosEPI6ht8bSLVWstHz6oMVHf2vo6rky8xK9rRi41rMP9w9fAjuFPr8Pve8BrCit2qnv6sqetSvSntuSkc7nwqs2eogxhm3wYSw-7EqZpSUp7myishOHvk-fjEc4FElnYbz5Po-Od5xZWEpFYBUqp2xvKWH=w90-h62-p-k-no-nu
142.250.74.1200 OK 4.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha22Do1hyUd73KCr2MvfkGQ7pxosEPI6ht8bSLVWstHz6oMVHf2vo6rky8xK9rRi41rMP9w9fAjuFPr8Pve8BrCit2qnv6sqetSvSntuSkc7nwqs2eogxhm3wYSw-7EqZpSUp7myishOHvk-fjEc4FElnYbz5Po-Od5xZWEpFYBUqp2xvKWH=w90-h62-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x62, components 3\012- data
Hash 188a680b35ff674f3b9ea5a0835b2947
1812c1ce581149ea2209d61dceb01d67f0c748e0
8ff7256cd86dbe3fa2d84983fba48f3867194d21299ce6063ee8e9caa2bf24fd
GET /blogger_img_proxy/ANbyha22Do1hyUd73KCr2MvfkGQ7pxosEPI6ht8bSLVWstHz6oMVHf2vo6rky8xK9rRi41rMP9w9fAjuFPr8Pve8BrCit2qnv6sqetSvSntuSkc7nwqs2eogxhm3wYSw-7EqZpSUp7myishOHvk-fjEc4FElnYbz5Po-Od5xZWEpFYBUqp2xvKWH=w90-h62-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 4880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3AWX_cEAt17MCOHH6_8q_lf0ZgARyI9zdJBakzTHzmDht2y2PNz0-UV5F0nDmlJp_ByNnqVawPl68RKbjY5wdALQ_-kKCfFf_5u3eOFpB24fzADyK0YKpqHapgxihAXyx066kvW-5M7j8xAO_79UXPyJ8kVfHjC9IfRkiD9DIPoHo3KjD_rqQkbUT_qgd0Ej_doHM=w145-h100-p-k-no-nu
142.250.74.1200 OK 6.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3AWX_cEAt17MCOHH6_8q_lf0ZgARyI9zdJBakzTHzmDht2y2PNz0-UV5F0nDmlJp_ByNnqVawPl68RKbjY5wdALQ_-kKCfFf_5u3eOFpB24fzADyK0YKpqHapgxihAXyx066kvW-5M7j8xAO_79UXPyJ8kVfHjC9IfRkiD9DIPoHo3KjD_rqQkbUT_qgd0Ej_doHM=w145-h100-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 145x100, components 3\012- data
Hash 7541cb98543fec179c9ab24de07daf5c
e5d21f36c6da828251e291f2c227728ac0ccfbb0
1a01f274bc3cf1416b85a5db36c1962881eadf9a716c1ce94d7578a018bcb730
GET /blogger_img_proxy/ANbyha3AWX_cEAt17MCOHH6_8q_lf0ZgARyI9zdJBakzTHzmDht2y2PNz0-UV5F0nDmlJp_ByNnqVawPl68RKbjY5wdALQ_-kKCfFf_5u3eOFpB24fzADyK0YKpqHapgxihAXyx066kvW-5M7j8xAO_79UXPyJ8kVfHjC9IfRkiD9DIPoHo3KjD_rqQkbUT_qgd0Ej_doHM=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 6719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2rcRZYT8QnNsjKyUcF-Px--EkKt6JOJQdpxbwvx-aPqCtW7BrNoxWm7lZBipA9_LYZWvW9e56wCrZbfvRJNWvzLq8sQ8HZEstXuqLP7OwSaReeigSmsz6-J0IS8OSQUwT6F6L4JD0cesEUvYwZW-VQBUX12HJE_EtiybBB8xjWheKruz46s5o75ZuDaFDc0jZ-eQ=w145-h100-p-k-no-nu
142.250.74.1200 OK 5.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2rcRZYT8QnNsjKyUcF-Px--EkKt6JOJQdpxbwvx-aPqCtW7BrNoxWm7lZBipA9_LYZWvW9e56wCrZbfvRJNWvzLq8sQ8HZEstXuqLP7OwSaReeigSmsz6-J0IS8OSQUwT6F6L4JD0cesEUvYwZW-VQBUX12HJE_EtiybBB8xjWheKruz46s5o75ZuDaFDc0jZ-eQ=w145-h100-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 145x100, components 3\012- data
Hash 8fcb564d04a618afae880b241d191972
1463b8a748f0b9d8fd4a0937c563db1d3909164f
90fa240b1b2e495dc4ae3e967403dc815182616af110fdab8239997e036ce0e6
GET /blogger_img_proxy/ANbyha2rcRZYT8QnNsjKyUcF-Px--EkKt6JOJQdpxbwvx-aPqCtW7BrNoxWm7lZBipA9_LYZWvW9e56wCrZbfvRJNWvzLq8sQ8HZEstXuqLP7OwSaReeigSmsz6-J0IS8OSQUwT6F6L4JD0cesEUvYwZW-VQBUX12HJE_EtiybBB8xjWheKruz46s5o75ZuDaFDc0jZ-eQ=w145-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 5521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
statically.io/?ref=imgext0
151.101.193.91200 OK 31 kB URL HTTP/2 statically.io/?ref=imgext0
IP 151.101.193.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash 91543b8259217d9179139186d9efa0ec
1e6d58f7fdb64d1c35ee9fbf6ce33031fba59d1e
4d6cb8efd9f3bdceb59bf66bb8126a4c7af35adf9f634e007479981fd1cd9c5f
GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1664191404.378061,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2
statically.io/?ref=imgext0
151.101.193.91200 OK 31 kB URL HTTP/2 statically.io/?ref=imgext0
IP 151.101.193.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash 91543b8259217d9179139186d9efa0ec
1e6d58f7fdb64d1c35ee9fbf6ce33031fba59d1e
4d6cb8efd9f3bdceb59bf66bb8126a4c7af35adf9f634e007479981fd1cd9c5f
GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1664191404.404364,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha31ttiHOqil9LMn6slOzukuWhIUYVRcZSdVTbkhGoPDlrYs779Ek-HYe6MusHXpgrsK4KH5aF7juce7DZTSvBSsPoqWUpzBOXn7TRoNI_rd8OrxdeDtwpoTXrWS-aKp7kM9q3PtdUiTbA9gKLFndw-4u4dBtPHIOZsFSAkg0pUcKA=w90-h62-p-k-no-nu
142.250.74.1200 OK 5.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha31ttiHOqil9LMn6slOzukuWhIUYVRcZSdVTbkhGoPDlrYs779Ek-HYe6MusHXpgrsK4KH5aF7juce7DZTSvBSsPoqWUpzBOXn7TRoNI_rd8OrxdeDtwpoTXrWS-aKp7kM9q3PtdUiTbA9gKLFndw-4u4dBtPHIOZsFSAkg0pUcKA=w90-h62-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x62, components 3\012- data
Hash cbf40053bc8e6988f962ce3ae1642a9f
89357eb62908ae83c109b47242b05af4a659cc99
6d3332c5a0f6636cf5b6ba96dc295d4fd430950e498540e7ea81cfa5bf7f463d
GET /blogger_img_proxy/ANbyha31ttiHOqil9LMn6slOzukuWhIUYVRcZSdVTbkhGoPDlrYs779Ek-HYe6MusHXpgrsK4KH5aF7juce7DZTSvBSsPoqWUpzBOXn7TRoNI_rd8OrxdeDtwpoTXrWS-aKp7kM9q3PtdUiTbA9gKLFndw-4u4dBtPHIOZsFSAkg0pUcKA=w90-h62-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 11:23:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 11:23:24 GMT
server: fife
content-length: 5554
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
statically.io/?ref=imgext0
151.101.193.91200 OK 31 kB URL HTTP/2 statically.io/?ref=imgext0
IP 151.101.193.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash 91543b8259217d9179139186d9efa0ec
1e6d58f7fdb64d1c35ee9fbf6ce33031fba59d1e
4d6cb8efd9f3bdceb59bf66bb8126a4c7af35adf9f634e007479981fd1cd9c5f
GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 12
x-timer: S1664191404.405246,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00a3d214b0faaacf883560ec3885cc95
b0826d3d88ac03f0b6498181417062fa5f871b45
8f8700f507f5487d0614e896bcd82e9ee9b99b4293811de829363a874a04a2e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8700F507F5487D0614E896BCD82E9EE9B99B4293811DE829363A874A04A2E1"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12852
Expires: Mon, 26 Sep 2022 14:57:36 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00a3d214b0faaacf883560ec3885cc95
b0826d3d88ac03f0b6498181417062fa5f871b45
8f8700f507f5487d0614e896bcd82e9ee9b99b4293811de829363a874a04a2e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8700F507F5487D0614E896BCD82E9EE9B99B4293811DE829363A874A04A2E1"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1168
Expires: Mon, 26 Sep 2022 11:42:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive
qualificationsomehow.com/a6/7b/e6/a67be604660a0094f32a365302cb001e.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 qualificationsomehow.com/a6/7b/e6/a67be604660a0094f32a365302cb001e.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37127), with no line terminators
Hash 2c46021a055faffb938a258208f12704
0eb9ba2980582dd144648fbbe73b605eff85997b
594914d6f146d15b9b2da04473fc9a6a0e9264b5563caf822812a7cb98a50a53
GET /a6/7b/e6/a67be604660a0094f32a365302cb001e.js HTTP/1.1
Host: qualificationsomehow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 832e5a9d5a836b1205f49bcbd67e30f1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d
151.101.86.137200 OK 130 kB URL HTTP/2 www.investopedia.com/thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d
IP 151.101.86.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1242x710, components 3\012- data
Size 130 kB (129838 bytes)
Hash 1a1b4f1e23f4a7404e6e89dee80fa502
418d6da1f43f1fd1e3e45de8c6fb9d493910e8cb
88ff4dd1614a14bee90781ed1b9953272105a7d3a62d4fa92ab36055bed15491
GET /thmb/kNj_8a-kkDZCmjGvJ_jJpPR7xbA=/1242x710/filters:no_upscale():max_bytes(150000):strip_icc()/treasury_yield_spreads_1-5bfd93ba46e0fb002643029d HTTP/1.1
Host: www.investopedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9GouAyPQlwIpsH0CK8t7ETtu+6fXEAqKQSxSWa4hszdzUhoxIBPPPSIhYSE2rOBbUpaizM8AkBA=
x-amz-request-id: ZERM5J4ER55MPXNW
last-modified: Wed, 05 Dec 2018 20:00:56 GMT
etag: "1a1b4f1e23f4a7404e6e89dee80fa502"
content-type: image/jpeg
server: AmazonS3
cache-control: max-age=31536000,public,no-transform
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/555/re.p"}]}
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
age: 1115534
x-served-by: cache-iad-kjyo7100111-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-length: 129838
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Last-Modified: Mon, 26 Sep 2022 09:55:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4708
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4708
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4708
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive
qualificationsomehow.com/95/24/13/952413d0662b81bf005b2dee80e7c6a1.js
192.243.59.20200 OK 21 kB URL HTTP/1.1 qualificationsomehow.com/95/24/13/952413d0662b81bf005b2dee80e7c6a1.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59770)
Hash 4787c386f0782810142152bd76aebb69
e0a5e4f38499152b4f63db433f0c3e258a29ca21
5baafc140c320b6e1dd7e170de7d03df0a90a1c416770b2d21849aea82c33359
GET /95/24/13/952413d0662b81bf005b2dee80e7c6a1.js HTTP/1.1
Host: qualificationsomehow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd-28118_1=0; expires=Tue, 04 Oct 2022 11:23:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd9b13e7922de440bdbc8a92d903694b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 431ff1171a3d7c60a31cc1c3f62164ee
4b32113aaf50132b38c8034017a6eb5a32d7040b
65d598db252fb3979d3df3cb8d052861bb31d6187552f9c694ec27a322b308c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8851
x-amzn-requestid: dbe6ba4c-3d38-48e8-9d08-088d8e26e7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUDAE23oAMF_yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd46-4f3b85952fa3109d2921d0e1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wbbfzE5nQkhK_nsXX8XGJbOl3Yf6NDA1r_AC-0dOzqJDkLQ2BLxK9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:15:06 GMT
age: 43698
etag: "4b32113aaf50132b38c8034017a6eb5a32d7040b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F744f3733-ce02-4fd8-bd5a-62fdf6e03e58.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F744f3733-ce02-4fd8-bd5a-62fdf6e03e58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45bfaa4f09146505d73d50365c63e9df
f31946e5ed8806c8c8ca0b7e7bcc8e3ea8df9c85
107d33f184be7c156e133b679752ee324be33c9c5e242ce67e0aafad811a592e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F744f3733-ce02-4fd8-bd5a-62fdf6e03e58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14161
x-amzn-requestid: e2dec384-fbe8-44d6-9024-dcf46ed71e27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSJuGQFIAMFS9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca3e-004eb3805201c42170903ac5;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ydsxR8YxLX5go4Ti83lBg05bRXvYryUWiFQe_qxYqerzlChGKwYV9A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:24 GMT
age: 48840
etag: "f31946e5ed8806c8c8ca0b7e7bcc8e3ea8df9c85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 45208
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 49549
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6e43e36ae283d6ec12fb5c9c692fa83
a3b3a4396da5beac2430e8facdb4d4b799621c9d
49ed7dccf0fe8abb7b0bfdc34ff89b30ef719288571bb1d89d29a1cb8857310e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: 2711886c-e022-4a77-862e-9d7bbd0db02e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvxHsSIAMF8Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-6b464e2e489825b51447d74d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-nUwIxG9TDPRBSt8-RuITSg0nVZIMMidfKme75OXsqDXJ-vcXA41Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:25:00 GMT
age: 46704
etag: "a3b3a4396da5beac2430e8facdb4d4b799621c9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 46964
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 287d2412da1baf3c6215a6fcd00c7093
11d609821fa875407c9a943ff30875aa44459adb
accdc26685c3a61244f0fdc3b054c1cf26093c167e7a2e633f35f258dd7a2e45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 11:23:24 GMT
Last-Modified: Mon, 26 Sep 2022 10:05:26 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nk_6ARNhefZfaJjLUl6-xQRYEhPv-mt9y1LtOcu_Vc5T5Azz95skMA==
Age: 4678
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11527
Expires: Mon, 26 Sep 2022 14:35:31 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 254dbe1a4b94cfdc6eb454596b063e22
80a04ab612cc93c3e514d5cb2bef473dace8b2f5
102f04b4a7c0893b3517f86e53f39d855d9cff2214849c1d3930e32c173cfdfe
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://heavyfarm.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; expires=Thu, 23 Sep 2032 11:23:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash f7766ba95b1f9c37e6946177200605db
dd341fd0a24564c162452023003577528f81c394
a406afc5c3098dc33097324f81a91aa006058855125d87cabac86fd3e00cf40e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://heavyfarm.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=16ccafe4-1033-4f59-9592-ce7f9fac42db:3:1; expires=Thu, 23 Sep 2032 11:23:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:24 GMT
Last-Modified: Mon, 26 Sep 2022 09:55:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11527
Expires: Mon, 26 Sep 2022 14:35:31 GMT
Date: Mon, 26 Sep 2022 11:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c7ea800ead2098437c53ff8af72fc54
6f92ca434ac508c6ade9e6dd4b5b7128b9cf09d3
c0b6c2602c3851630a6037f345a0ea0097ebc3249d1d40eed57d1493be69bd1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0B6C2602C3851630A6037F345A0EA0097EBC3249D1D40EED57D1493BE69BD1D"
Last-Modified: Sat, 24 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10771
Expires: Mon, 26 Sep 2022 14:22:56 GMT
Date: Mon, 26 Sep 2022 11:23:25 GMT
Connection: keep-alive
wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=2419&rd=2419&fd=845&bv=22.9.v.1&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=2419&rd=2419&fd=845&bv=22.9.v.1&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2419&rd=2419&fd=845&bv=22.9.v.1&tmpl=70 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 11:23:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d60144b96f72539719011cc71dcaa7c2
02a0962fe84b3466d77542f7b1b42a9efcc84479
814e75d1f248cd7bdc505fabec42b103880ed89329940be06d039b84d1f1b95f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "814E75D1F248CD7BDC505FABEC42B103880ED89329940BE06D039B84D1F1B95F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4402
Expires: Mon, 26 Sep 2022 12:36:47 GMT
Date: Mon, 26 Sep 2022 11:23:25 GMT
Connection: keep-alive
i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
151.101.84.84200 OK 193 kB URL HTTP/2 i.pinimg.com/originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 955x2518, components 3\012- data
Size 193 kB (193167 bytes)
Hash 27dc7c86fb1fb6c9c690d50a9b883bdd
865ea4c7b6a8c8dfa5e0c82b8644b50944ea58ee
f58e83f338524cf55215eb1560c854d38cc2d6c4dce10dc7fdf6b36d8da0db18
GET /originals/6f/98/df/6f98dfd2009dc5ff636bb748c36cf58a.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "27dc7c86fb1fb6c9c690d50a9b883bdd"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 193167
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 35cb097903aed4a356615609258b02c6
9d13cf32015897c383b2a9117b3110927f3c3de3
3df8f2cd462368b8a981347224a54b1a4c3f284fdc44b13baeb2b8d53c49562c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5364
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:25 GMT
Last-Modified: Mon, 26 Sep 2022 09:54:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:17:18 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 933790101
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7aadec0470d3800b51d309acbb919f0b
ac624bfb598d1da6c0d9b7a42b4e1b888177f8f6
4469615d457c89c99dbb5fda8729f68d32f01d080c47fd991742c7d7fb4c6c17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4469615D457C89C99DBB5FDA8729F68D32F01D080C47FD991742C7D7FB4C6C17"
Last-Modified: Sat, 24 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10615
Expires: Mon, 26 Sep 2022 14:20:20 GMT
Date: Mon, 26 Sep 2022 11:23:25 GMT
Connection: keep-alive
i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
151.101.84.84200 OK 26 kB URL HTTP/2 i.pinimg.com/736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 735x384, components 3\012- data
Hash 906ade6d4c3c29f2e66254e6d95b997f
efc9cc0fb05ebc6f7ac86af49bd1628f2b105bf0
9deafb62347767e34a93c670b8794826f4d3c2f7f22c4fb8320bae9c16da1457
GET /736x/c6/19/ea/c619ead81b39fe324ffb336f0ccfb80e.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "906ade6d4c3c29f2e66254e6d95b997f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 26530
X-Firefox-Spdy: h2
i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
151.101.84.84200 OK 60 kB URL HTTP/2 i.pinimg.com/736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 590x755, components 3\012- data
Hash 12849301d921cf6b9e7571a26ec0939d
9cc20ed3fcb7d942107a4437feeb43ea0c35d155
3bc5ba809cc4376d1189c758af448635d1dbb9079e5196a79bca176ee084b447
GET /736x/4d/0f/b4/4d0fb403adb8dac3167bdf74751f6046--denim-blouse-vans.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "12849301d921cf6b9e7571a26ec0939d"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 59937
X-Firefox-Spdy: h2
i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
151.101.84.84200 OK 21 kB URL HTTP/2 i.pinimg.com/236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 219x400, components 3\012- data
Hash 96d6642e696e654d556ae5277d2d88a5
5f6397509c95e02bee4f2b8f8f75a3fdcfaaaf07
0f3c5045fce88e0adc36d4675e9f4db6ad7f088ec0c9625dfb343690f1b984bb
GET /236x/91/66/49/916649ad84593008c6db5aaaa71849cb.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "96d6642e696e654d556ae5277d2d88a5"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 20993
X-Firefox-Spdy: h2
i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
151.101.84.84200 OK 7.4 kB URL HTTP/2 i.pinimg.com/564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 507x505, components 3\012- data
Hash 367452f98f5817d7c294662fd8d320a6
85a34a93c0b87e5294636178b618ebfc197e8b82
c97c1348635af074d8da6a4106e5988af2764957093c85746a14031dd31894c2
GET /564x/73/83/d3/7383d335ca8a1cc856c0665037fd88df.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "367452f98f5817d7c294662fd8d320a6"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 7351
X-Firefox-Spdy: h2
i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
151.101.84.84200 OK 18 kB URL HTTP/2 i.pinimg.com/736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 479x296, components 3\012- data
Hash f7280b4f7bc9ad4cd1ea7f297944ddd8
aede3bf3ccc7483a49ee924dcfaf67091e6de76d
bc18d4f505ad0411c90ada79bfce7717a1e1eb78227d7c262471a25cf64491b9
GET /736x/33/ef/ee/33efee74e5f9235df74ddd3ad4c40c0f--mastic-metabolism.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "f7280b4f7bc9ad4cd1ea7f297944ddd8"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 18139
X-Firefox-Spdy: h2
i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
151.101.84.84200 OK 43 kB URL HTTP/2 i.pinimg.com/736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg
IP 151.101.84.84:0
File type gzip compressed data, from Unix\012- data
Hash bba7df081e89c78882b7e7b2982a1801
585dd80cf8b7544a84f65d4bc5e8943e9e2da44c
90b95264833d0a45aff410f379946ef8a4e6bb2435ba72330a5cb03af245eed2
GET /736x/3b/e3/61/3be361372bcb4446982174f7674632cf--vans.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "ae0f68de0a2abe52c62857fcbb3c0c42"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 28686
X-Firefox-Spdy: h2
i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
151.101.84.84200 OK 32 kB URL HTTP/2 i.pinimg.com/736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 735x350, components 3\012- data
Hash 2990797064fd2540cdc5214b3466d424
efd08ed536ea229875d5f76089c2ac024424855a
32cdba3c3fd72a09ff826673873d318619abcde7f528574d1f648884b9747ad9
GET /736x/d6/32/7a/d6327acb5f96b3f71ef8dac1b4b96cb2.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "2990797064fd2540cdc5214b3466d424"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 32172
X-Firefox-Spdy: h2
i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
151.101.84.84200 OK 22 kB URL HTTP/2 i.pinimg.com/736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 735x413, components 3\012- data
Hash 1e47f4db1b6ba76df3fe4b2a90c9f67f
7c1d0e794e4c46eb0333ee9daffbd9b824b3941e
9d7f7e3724da6f3319f45be54b3a5fb930dd5648005e3bc5696fc51d72a3c5b0
GET /736x/44/db/18/44db185acbc4c2559d1a5f9fe1ffb84b.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "1e47f4db1b6ba76df3fe4b2a90c9f67f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 22193
X-Firefox-Spdy: h2
i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
151.101.84.84200 OK 21 kB URL HTTP/2 i.pinimg.com/736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x340, components 3\012- data
Hash 3ff82cdab797d8cca3249b58999b7fe9
d9b5aa067823201c28cf18f8ceafe2dd8c06df69
5e61327e0071121b6f2bf1e267f779badc0afa26e49d9118fd6fa8228eeb1047
GET /736x/64/e4/1e/64e41e07b3f428c02ca8765e03e325a0--interest-rates.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "3ff82cdab797d8cca3249b58999b7fe9"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 20875
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.132.22200 OK 52 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.132.22:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash a66a4502fa3bf1d2636e4f7004c1b925
e8c88967f79cc26eb36a82f4a211058373df04a8
fd90e5bb1546c57b5bbba99db5c4de50c08b7cc6c37e6d787f6efd3e0a1cd5b7
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c2bc0c4c3ab702974259f1b85d06fe94
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 11:23:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7U6Fi7p2NrMMfPexMSacf%2Bi0pQl%2BYF9LZ6Ofy%2Bb%2BWGtV6GBYYU1XANf0nyy26NQgub55eGHgQWqdpD1lPVhxz%2Bp52L3pK8fz3BCaiXMP4s2RfGl1qfzfMSoagv0waWZltGPZuCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba097eb74759d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
151.101.84.84200 OK 39 kB URL HTTP/2 i.pinimg.com/736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x537, components 3\012- data
Hash ab6fc677f4aa0e53c1b1a831983aa16e
9810f2228082513156190c9896f70e7a98f35cc4
1e267d360ba7a62ffe740d0d3aefad094cc9726f11042016c979648914148363
GET /736x/1b/6a/aa/1b6aaaed65c33278cd6f0a16a2ce817d.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "ab6fc677f4aa0e53c1b1a831983aa16e"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 39179
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.129.12200 OK 92 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.129.12:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 0f35fae0dccb4011fad805762ecef7fe
72a3bc5301932ae2e948476ba9d7d6e6c65c9919
6d82f6da01b029af795471c132bb7c16ade769d665d2f7c77c1c50f74de4b6e7
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: abac503add4e9da89c83c3e8726b07b2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 11:23:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIWm14wB6A5kY32wqHD3u4YCZx6gRcVie6a4mrc773vUh1JiIPPLBLcl333F7%2BzhQlpyZoDIyaCTaLXK3ILD9E3yN7EQqSYulEPOsbaHNJcI%2FxSY4lJf2eP73M6Gig59Lm6EU1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0972e8176d2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
151.101.84.84200 OK 92 kB URL HTTP/2 i.pinimg.com/736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x1324, components 3\012- data
Hash 4374f95e45053c375856b56901501e10
e043bda1a61a401d82f9d3e868c4dec584ab3c25
c33039e4d72406faf5b1381ecfc9c8ed0e456beda3ce539891b007a450979a81
GET /736x/6f/38/6f/6f386f7cb000d916ba8fef40dea5df04.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "4374f95e45053c375856b56901501e10"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 92388
X-Firefox-Spdy: h2
i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
151.101.84.84200 OK 158 kB URL HTTP/2 i.pinimg.com/originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 683x1024, components 3\012- data
Size 158 kB (157633 bytes)
Hash 4de40f37154fedeeff5e244e0bc4f5cc
bca4598673f95a906e09a2637d9bad999444f229
000888ccfc3b8af02bff60e648fb1a639ea2d86406b67436447e48a026787c9b
GET /originals/e8/f4/77/e8f477040f2ae04e3c282043c54517b6.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "4de40f37154fedeeff5e244e0bc4f5cc"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 157633
X-Firefox-Spdy: h2
i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
151.101.84.84200 OK 87 kB URL HTTP/2 i.pinimg.com/736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x920, components 3\012- data
Hash 2a496260decfc283a2f251b8df4c849b
fd2c9acd8e1d023eb61d161aa0a36a7e3636d50b
f85532a144be78524318034d572119586f530de70d61a7c7e4d97ab22d3202f4
GET /736x/30/7b/31/307b3174be9afe6b9475d9a5dc2461e8.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "2a496260decfc283a2f251b8df4c849b"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 87217
X-Firefox-Spdy: h2
i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
151.101.84.84200 OK 74 kB URL HTTP/2 i.pinimg.com/736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 683x1024, components 3\012- data
Hash 5f2c73357b406b9c83509b45f2f0baa4
f07a8975c1385330b5134c87e739d3c9f83ea432
f88440c846a7c693e09e821c4551cfbfd85a2c5047fd0cfbcb547bc0a72cb48e
GET /736x/b4/a0/3a/b4a03a1c8dc59e9bf0ce529507a8a789.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "5f2c73357b406b9c83509b45f2f0baa4"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 73829
X-Firefox-Spdy: h2
i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
151.101.84.84200 OK 100 kB URL HTTP/2 i.pinimg.com/736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 723x688, components 3\012- data
Size 100 kB (100152 bytes)
Hash c9afc1eb706cf0a160d2c8f3453507fe
6f36b7031321f4259c75dfa824a26617bd25a880
1e3cbe9e042725923e7800bae5b2a27dbaaf68274ac264261fc179871384e86e
GET /736x/5e/75/99/5e75995ec19a75a54acef6936b85027f.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "c9afc1eb706cf0a160d2c8f3453507fe"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 100152
X-Firefox-Spdy: h2
i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
151.101.84.84200 OK 256 kB URL HTTP/2 i.pinimg.com/originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1326x2454, components 3\012- data
Size 256 kB (256426 bytes)
Hash 1af09bb4a9deee1e608ee43f206a2495
7aeb78d5f55eb64984af8720ee1f9ee809fec59f
e85b9239056741c1cd4ee443942f8d7fe4033bfb0d4abf8349d8058d2060ea65
GET /originals/13/b9/7f/13b97f2291dc4ebc47cd7e64985d74f7.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "1af09bb4a9deee1e608ee43f206a2495"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 256426
X-Firefox-Spdy: h2
i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
151.101.84.84200 OK 168 kB URL HTTP/2 i.pinimg.com/originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png
IP 151.101.84.84:0
File type PNG image data, 555 x 710, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (167889 bytes)
Hash cca62731197f50f1c045aa689f0939a0
64a27094ac20af139a645c52753818a1c6f92360
33fa53e614e802be8f729c9658547cd36490218a5b48d32d5ee08cb6c649fb10
GET /originals/6c/e6/d1/6ce6d106b843a9af5fb4fb158fbab7bc.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "cca62731197f50f1c045aa689f0939a0"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 167889
X-Firefox-Spdy: h2
i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
151.101.84.84200 OK 307 kB URL HTTP/2 i.pinimg.com/originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2500x1376, components 3\012- data
Size 307 kB (306985 bytes)
Hash ea2d5739bb46225a08fd101f246e947f
ff20bc40a78fc024127e143de95dee49241a8fca
4dc290467e7005bc265f36401e8b880acd0d988a631b3bdf594a786c13d0fc9d
GET /originals/16/c5/87/16c587f5d5166f4c52aa6d05c63acdae.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "ea2d5739bb46225a08fd101f246e947f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 306985
X-Firefox-Spdy: h2
grumblecrytopless.com/sbar.json?key=a67be604660a0094f32a365302cb001e&uuid=a4146d6e-6d20-47f3-b60a-3eb01b16bd51%3A3%3A1
173.233.139.164200 OK 4.1 kB URL HTTP/1.1 grumblecrytopless.com/sbar.json?key=a67be604660a0094f32a365302cb001e&uuid=a4146d6e-6d20-47f3-b60a-3eb01b16bd51%3A3%3A1
IP 173.233.139.164:0
File type JSON data\012- , ASCII text, with very long lines (5783), with no line terminators
Hash dfe12d9ed1607c07c3363dbf5017403d
da2009472bd0af6bf04f60f4b399a0944703f7f7
0cc4e500aa0dcac63e9a50f7bd2678bda836550b6e2afb2d361ea40c60616e46
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a67be604660a0094f32a365302cb001e&uuid=a4146d6e-6d20-47f3-b60a-3eb01b16bd51%3A3%3A1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:25 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://heavyfarm.blogspot.com
Access-Control-Allow-Origin: https://heavyfarm.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16812971; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; expires=Mon, 03 Oct 2022 11:23:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
uncs=1; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 27 Sep 2022 11:23:25 GMT; secure; SameSite=None
sleca67be604660a0094f32a365302cb001e=[3364848]; expires=Mon, 26 Sep 2022 11:23:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22f8a2eda8c51d80e910ce8098d1c6d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
151.101.84.84200 OK 829 kB URL HTTP/2 i.pinimg.com/originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 3648x2736, components 3\012- data
Size 829 kB (828597 bytes)
Hash 0f1306b3f18bc920035102939e42fffb
c1df0f040df5ac0cf7cad90bbea1d67e72a9a16d
c3b10eb15da020a3f45a40f928e60999574549fbae9da39607a370cb87988249
GET /originals/e6/b6/d4/e6b6d4770ce001570ff2f2f01a8ab96c.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "0f1306b3f18bc920035102939e42fffb"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 828597
X-Firefox-Spdy: h2
hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg
103.20.202.153200 OK 274 kB URL HTTP/1.1 hkchef.com.au/wp-content/uploads/2020/05/about-1920x990.jpg
IP 103.20.202.153:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1920x990, components 3\012- data
Size 274 kB (274534 bytes)
Hash 337d2da3b8ef81351e62169951f7255d
dc8c031b1131f63979f6267dffca50bc3999e216
f56ba7b6fa9559a3a0da917eda7c4185648eba5a1dd3abde3bcf074750a47fc8
GET /wp-content/uploads/2020/05/about-1920x990.jpg HTTP/1.1
Host: hkchef.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 11:23:24 GMT
Content-Type: image/jpeg
Content-Length: 274534
Connection: keep-alive
Last-Modified: Wed, 06 May 2020 04:40:29 GMT
Accept-Ranges: bytes
i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
151.101.84.84200 OK 1.8 MB URL HTTP/2 i.pinimg.com/originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png
IP 151.101.84.84:0
File type PNG image data, 1000 x 1500, 8-bit/color RGBA, non-interlaced\012- data
Size 1.8 MB (1779331 bytes)
Hash 380cb23f5f4345b1c78001a96d32fbe2
cb06cad3ac891bb51858a2a35ef2cc44c63b53f8
a1170d8cf1017d9f9ef4d9b6aa8735af0075182cdb894630e5001c6b0b58204a
GET /originals/be/61/b7/be61b763a0f029ddacc4b572d6233e91.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "380cb23f5f4345b1c78001a96d32fbe2"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 26 Sep 2022 11:23:25 GMT
content-length: 1779331
X-Firefox-Spdy: h2
grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ3fOejxQRIRhFOHHkgEIH8%2BvOg%2Bd2VjO7t2cXyCICRUpzFPTrd3askICIRJsInSOlsISUo3KB%2FwYQUioKdBeLg6%2F53tv3irfvm292ixNCUbDjy1fttjaGLS7Vae2tT8PwQm1Vp0W%2F1l9OPksaF2qu924rqdO3ax8qsWkXIxpSGtKwtqKdatv%2B4kSEzh60wnqL1htRPVxqoO%2F%2Bz30RwLMAsndCXoWW4%2FknwVloMULa%2Femy8pu5zd75oFsYlluHnjz4JN1MbZmiO4NtF6CdHpy6Yf2zlcew6f40LmzvXyPXYxI8fQyeHpyGBO%2FtTXNyA5WCy5dR9kZQZgTNRhD2FrR8RgAhcW0NaffuNetKtvVCZRN1TOaf%2FwVdjsn872eRdn%2B8ZHS%2FdsOaItc29ei3K%2Bj%2BCLozQlYcIt8%2BA10eQuRfQctfyeLzVaTdvTVvLLQ8Ps8aYSORiVpIZEQXGs12vMATyhZixWnIw4TLpXBakNYj6PYIRg3A%2FBwKH6DQAYp2gCIL0JXHNRGGYZNKwehyS4hYNhVPJA1Zsx2ykCbLKMTkHwbIswGEGUC4HWRuB5t6AFf8Ar9RwcsAPifoyQqlIig9QckISk1Q5gRlr9qXxke%2BuiuNL3h4uqPTHVdDm3d22b7NOyolu9kJeWVSXEDu3MemOq6xpMlVQhtJQhmlrUY7jlicLMU0EpzSUMHrCtqfAfMBtvWYnHv0HTI9JmfOr4OzQ3hzCKHPgRVvgJXDZkTBNoaNZYrt9CETue6xXEnldSetCwtpK2T5PPKtYNeckNemV4xv%2FgElji5%2Bzq%2BO%2F7z3N4SrkLkKX%2BgnBB1ze7huS7K3bktPHq5lue7qbTa58I2c5Wru%2B4%2FUVmmdvHLZD%2B69JybCBD74WPl8laVSpx1P7l%2FSUiq3Yp1Q5NEVf1Px64XfuFS4tMhWr7%2B%2FcqWbOeW9tukITI8JeXoEocfkpZ%2F3p4%2F39a%2B%2FhHYjuKJCtzgipwNtDyGyHfhslt%2FbOTgz8%2FAsQFlUQxfx2UejCYyaccYr%2BP9wPsO7%2FjY67k2w%2FBbSboWeq9AzFZgZwBdzwzxzRxd%2Fi6cDboIhNy7Y48aZb1%2BU6%2FVxrRnHlCWtpbDZZKrJG9FyOwklY1EjiZKExcj9WIR3fvgHAAD%2F%2FwEAAP%2F%2Fu%2BJYk4cEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ3fOejxQRIRhFOHHkgEIH8%2BvOg%2Bd2VjO7t2cXyCICRUpzFPTrd3askICIRJsInSOlsISUo3KB%2FwYQUioKdBeLg6%2F53tv3irfvm292ixNCUbDjy1fttjaGLS7Vae2tT8PwQm1Vp0W%2F1l9OPksaF2qu924rqdO3ax8qsWkXIxpSGtKwtqKdatv%2B4kSEzh60wnqL1htRPVxqoO%2F%2Bz30RwLMAsndCXoWW4%2FknwVloMULa%2Femy8pu5zd75oFsYlluHnjz4JN1MbZmiO4NtF6CdHpy6Yf2zlcew6f40LmzvXyPXYxI8fQyeHpyGBO%2FtTXNyA5WCy5dR9kZQZgTNRhD2FrR8RgAhcW0NaffuNetKtvVCZRN1TOaf%2FwVdjsn872eRdn%2B8ZHS%2FdsOaItc29ei3K%2Bj%2BCLozQlYcIt8%2BA10eQuRfQctfyeLzVaTdvTVvLLQ8Ps8aYSORiVpIZEQXGs12vMATyhZixWnIw4TLpXBakNYj6PYIRg3A%2FBwKH6DQAYp2gCIL0JXHNRGGYZNKwehyS4hYNhVPJA1Zsx2ykCbLKMTkHwbIswGEGUC4HWRuB5t6AFf8Ar9RwcsAPifoyQqlIig9QckISk1Q5gRlr9qXxke%2BuiuNL3h4uqPTHVdDm3d22b7NOyolu9kJeWVSXEDu3MemOq6xpMlVQhtJQhmlrUY7jlicLMU0EpzSUMHrCtqfAfMBtvWYnHv0HTI9JmfOr4OzQ3hzCKHPgRVvgJXDZkTBNoaNZYrt9CETue6xXEnldSetCwtpK2T5PPKtYNeckNemV4xv%2FgElji5%2Bzq%2BO%2F7z3N4SrkLkKX%2BgnBB1ze7huS7K3bktPHq5lue7qbTa58I2c5Wru%2B4%2FUVmmdvHLZD%2B69JybCBD74WPl8laVSpx1P7l%2FSUiq3Yp1Q5NEVf1Px64XfuFS4tMhWr7%2B%2FcqWbOeW9tukITI8JeXoEocfkpZ%2F3p4%2F39a%2B%2FhHYjuKJCtzgipwNtDyGyHfhslt%2FbOTgz8%2FAsQFlUQxfx2UejCYyaccYr%2BP9wPsO7%2FjY67k2w%2FBbSboWeq9AzFZgZwBdzwzxzRxd%2Fi6cDboIhNy7Y48aZb1%2BU6%2FVxrRnHlCWtpbDZZKrJG9FyOwklY1EjiZKExcj9WIR3fvgHAAD%2F%2FwEAAP%2F%2Fu%2BJYk4cEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ3fOejxQRIRhFOHHkgEIH8%2BvOg%2Bd2VjO7t2cXyCICRUpzFPTrd3askICIRJsInSOlsISUo3KB%2FwYQUioKdBeLg6%2F53tv3irfvm292ixNCUbDjy1fttjaGLS7Vae2tT8PwQm1Vp0W%2F1l9OPksaF2qu924rqdO3ax8qsWkXIxpSGtKwtqKdatv%2B4kSEzh60wnqL1htRPVxqoO%2F%2Bz30RwLMAsndCXoWW4%2FknwVloMULa%2Femy8pu5zd75oFsYlluHnjz4JN1MbZmiO4NtF6CdHpy6Yf2zlcew6f40LmzvXyPXYxI8fQyeHpyGBO%2FtTXNyA5WCy5dR9kZQZgTNRhD2FrR8RgAhcW0NaffuNetKtvVCZRN1TOaf%2FwVdjsn872eRdn%2B8ZHS%2FdsOaItc29ei3K%2Bj%2BCLozQlYcIt8%2BA10eQuRfQctfyeLzVaTdvTVvLLQ8Ps8aYSORiVpIZEQXGs12vMATyhZixWnIw4TLpXBakNYj6PYIRg3A%2FBwKH6DQAYp2gCIL0JXHNRGGYZNKwehyS4hYNhVPJA1Zsx2ykCbLKMTkHwbIswGEGUC4HWRuB5t6AFf8Ar9RwcsAPifoyQqlIig9QckISk1Q5gRlr9qXxke%2BuiuNL3h4uqPTHVdDm3d22b7NOyolu9kJeWVSXEDu3MemOq6xpMlVQhtJQhmlrUY7jlicLMU0EpzSUMHrCtqfAfMBtvWYnHv0HTI9JmfOr4OzQ3hzCKHPgRVvgJXDZkTBNoaNZYrt9CETue6xXEnldSetCwtpK2T5PPKtYNeckNemV4xv%2FgElji5%2Bzq%2BO%2F7z3N4SrkLkKX%2BgnBB1ze7huS7K3bktPHq5lue7qbTa58I2c5Wru%2B4%2FUVmmdvHLZD%2B69JybCBD74WPl8laVSpx1P7l%2FSUiq3Yp1Q5NEVf1Px64XfuFS4tMhWr7%2B%2FcqWbOeW9tukITI8JeXoEocfkpZ%2F3p4%2F39a%2B%2FhHYjuKJCtzgipwNtDyGyHfhslt%2FbOTgz8%2FAsQFlUQxfx2UejCYyaccYr%2BP9wPsO7%2FjY67k2w%2FBbSboWeq9AzFZgZwBdzwzxzRxd%2Fi6cDboIhNy7Y48aZb1%2BU6%2FVxrRnHlCWtpbDZZKrJG9FyOwklY1EjiZKExcj9WIR3fvgHAAD%2F%2FwEAAP%2F%2Fu%2BJYk4cEAAA%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5fa8b2836e725b8fbfa4e1157526dac6
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d6901262bc1a9e9a70324a3aa32e5c6f
57774ebdd2cbeaa01b7c1694eecc79480799d7f3
a2241df56c24736a566e75a08c8d1213682809229ea3230316aab054428aedb0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 816
Cache-Control: max-age=108918
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:26 GMT
Etag: "63308ef4-117"
Expires: Tue, 27 Sep 2022 17:38:44 GMT
Last-Modified: Sun, 25 Sep 2022 17:25:08 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
s4.histats.com/stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w
192.99.8.34200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w
IP 192.99.8.34:0
File type ASCII text, with no line terminators
Hash 8def6afac4ffbdde378205a7ff7d26b6
d4c96c4febdee7c1453c71590b10c5dcfb46c5c1
4d4ee7b94223d6cc914f7312556d8106ff0ba5a32ef7ccc107e776136f712fba
GET /stats/0.php?4620883&@f16&@g1&@h1&@i1&@j1664191403699&@k0&@l1&@mHeavy%20Farm&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40229312&@b3:1664191404&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fheavyfarm.blogspot.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 30f7bd40b234f7d4313f4d35ecef68a2
de0049b26d8484ad57bb61d0d84eabf4dae81e1d
536197d9b0247e1899a2d96c85fd95c3d7f2fa592fe5371e0f147a297f372982
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "536197D9B0247E1899A2D96C85FD95C3D7F2FA592FE5371E0F147A297F372982"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14355
Expires: Mon, 26 Sep 2022 15:22:41 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 12:17:26 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 12:17:26 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a67be604660a0094f32a365302cb001e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a67be604660a0094f32a365302cb001e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a67be604660a0094f32a365302cb001e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7fcd29de5746eef0d7f07cf63e1f667
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
172.67.74.218200 OK 596 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
IP 172.67.74.218:0
File type HTML document, ASCII text
Hash 2bb74ed6057da5549215f27be9259978
29d846959f23ecc05066ff6d4a5a81ce43990c2c
3b13560546a94267cefba02c4ba81853c9de6e01d439c0f3550d0d712eff6717
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot2Ge5TsKSJMS5GmOgkssVmVux%2BzKS61wY%2BdRPxDLVnye8NK9WUwVG5rf9zlQUwh7BnCuN2oXPEQEkPGuoViwXQG%2Brb6gp%2B61v%2BPDl%2BynGJP7kVGyVGVL2I9yym2GcSMdvxKlWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a0aafbb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=952413d0662b81bf005b2dee80e7c6a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=952413d0662b81bf005b2dee80e7c6a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=16ccafe4-1033-4f59-9592-ce7f9fac42db&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=952413d0662b81bf005b2dee80e7c6a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 11:23:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f899377d789933182db86af7547baa82
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
172.64.200.2200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP 172.64.200.2:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87xs5InbpJgWFfuCzIbPXijvK25RcBkf0vBGDV2R3K8E6L6U0UD4cQfcqNbmmsFxEYm5NsOzxzTpxnOuLYi7ISZQ00yP8a3U7PRLAbG%2F3g0DlqYpVDu7v8F5Pd0gEJXv7ss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b3b75db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
172.64.200.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP 172.64.200.2:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pv7OGKy%2FnRhtfEo1IVN4Bibessf%2F1jUfaQ2qXfEFE83V5WBaVgVqZlDPZT4Fzsh5V159lC2MFRXuD%2B%2BGNPnbXNUmbJK9ts1GpWe9wxRa0qxU9Y12V8tXFCTCv6stLQZ1VDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b3f75db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 11:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
172.64.200.2200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
IP 172.64.200.2:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65t1%2Bz8EwWAvLa71r8RAyf7ay88VpS02qnMKAi88VaBzbixdspJY6OUl2%2F89NofvM4S0AAM9KxSc3SQSfASlqTJkQKq8OEhvgn6Yi84LPtiZ0ZwnRXgw2qUaJUtxgGMoUy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a50b3775db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
172.64.200.2200 OK 157 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP 172.64.200.2:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 157 kB (157252 bytes)
Hash 70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grn5pPsUvwcnHIuDPGa1GaSP4koNoDcK9%2FvbJhGt0OEogzB2IpmASfTjGD6vKrj0qPcQfLHjpwwQdEtRiX1nDDIh%2Bin7d2sTm4wIXPrc5bYMjoe0Ijs79wTw%2F6%2Bm6hhiWW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b4175db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Mon, 26 Sep 2022 12:17:26 GMT
Date: Mon, 26 Sep 2022 11:23:26 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash df4b75d3fc643d50362311da68ef4477
39591e69768471e8ce7130cf71d2a11369a1b514
d0ba8ad4168d2c6fbc6e29ec7728a92cefd7f47da06dfa0bf9f2123f245bd99e
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 11:23:26 GMT
date: Mon, 26 Sep 2022 11:23:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
172.64.200.2200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP 172.64.200.2:0
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g40G0kqvZ5pnV5l3%2B5HWuPNCOzFPlTDpEaVWugL12iWySImXYu19Jljg6e2yaMsmyRtwugkGXh8SmE%2BHFpJhOQ1OOadzv2GkoAWjNmaak8gqRzHxygI6keDE%2BoFE9AjFoa4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a4eafd75db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=336
173.233.139.164200 OK 0 B URL HTTP/1.1 grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=336
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=336 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
172.64.200.2200 OK 16 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
IP 172.64.200.2:0
Hash da7b59c153ec8506cfec5787662b101b
aa94b9aeb4131d61b32d3b64edd3095831ba1c6d
d5c9a6460319a82e95dca9e408881dbd97669de2a7dcea64d920a6e688917899
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:27 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvL8iTat8EmX7KCYVD7i5xM%2BeJMXAtZm8PcmiSuZteUrd4QvdCFa4F0Rci4KC9%2FZEs7z0GiPwFGhFRtDkeK6QeXRdmDaXZ%2FR8oywkffoZ%2Bp9NpQo%2FDBSnsCqDbBcBlFDfY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a5cc3c75db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
172.64.200.2200 OK 18 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
IP 172.64.200.2:0
Hash 6b32ae9b4123f2596b64e3059bc18255
32bea2f5e6303900fa9133a03a1b1986aa862204
857160fb719b3bf990ad11742480bf0aa3f59d1303257acc256de14868e85537
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heavyfarm.blogspot.com
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:27 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVrCyB2Z7UG3rg7dbo2%2FWMRt4tuJES0sWegJ%2BEsvhipr4neR7Uhx9ng4A4ko7pQvGnIPkRHQdh093txNWy2P2qns6doi956gNiWQOI7WgHUfxg68npZCP0gxTniBWG3Ixa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a4daf375db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=278
173.233.139.164200 OK 0 B URL HTTP/1.1 grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=278
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=278 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ%2B7F3JkVEMEYWThw5oNDB%2FNrz4Lmd1czu7dkFsohAkdIcBf36nR0rJCAi0SZC50gpLCHlqFzgvwGElIoC3cXi4Gu%2B9%2Fa94u375pu9%2FJRQ5Oxk%2Bard0cawxWaVVt76NAwvVdZ0kvcr%2FXb0WdS4VHG9d5eiKn278qESW3axRkNKQxpWVrRTse0vTkTo9MFSWF2i1UatGjYb6Lv%2Fc58H8CyA7J2SV6HleP5JcB5ajJB0f1pWfiuz6TsfdHPDMuvQk4efJFuJLRJ0ZzB2AeLk8MwN65%2BtPIZNDqZxYXv%2FGrkek%2BDpY%2FDk8CwkeG9%2FmpMbqARcvoyiN4IyI2g2grC3oOUzAgiJa%2BtIunevWVew7Rcqm6hjMv%2F8L%2BhiTOZ%2FP4%2Bk%2B%2BMVo%2FuVG9bkmbaJRz8uofsj6M4IaX6EbOccdHEEkX0FLX8li8%2FXkHT3172x0PLkImuEjUhGaiGSNbrQaMX1BR5RtlBXnIY8jLhshtOCtB5BxyMYNQDzc8h9gFwHyOMAeRqgK08qIgzDFpWC0faSEHXZUjySNGStOGQhjdrIxeQfBsjSAYQZQLhdpG4XW3oAl%2F8Cv1nCywA%2BI%2BjJEoUiKDxBwQgKTVBkBEWvPJDG13x5Vxqf8%2FBs1852vRzarLPHDmzWUQnZS0%2FJK5PiAnLnPrbUSYVFLa4i2ogiyihdasT1GqtHzTqtCU5pqOB1Ce3PgfkAO3pMLjz6Dqkek3MXN8DZEbw5gtAXwPI3wIphq0bBNoeNNsVO8pCJTPdYpqTyupNUhYW0JdJsHtl2sGdOyWvTK9Zv%2FgElji9%2Fzq%2BO%2F7z3N4QrkboSX%2BgnBB1ze7hhC7K%2FYQtPHq6nme7qHTa58I2MZWru%2B4%2FUdmGdXF32g3vviYkwgQ8%2BVj5bY4nUSceT%2B1e0lMqtWCcUebTqbyp%2BPfebV3KX5Ona9fdXVrupU95rm4zA9JiQp8cQekxe%2Bvlg%2Bnhf%2F%2FpLaDeCy0t082NyNtD2CCLdhU9n%2Bb2dgzMzD08DFHk5dDU%2B%2B2g0gVEzzngJ%2Fx%2FOZ3jP30bHvQmW3ULSLdFzJXqmBDMD%2BHxumKXu%2BPJv9emAm2DIjQv2uXHm2xflen1SqVPZ4ipWLa4azUashOTNJqciFrwu222BzI9FeOeHfwAAAP%2F%2FAQAA%2F%2F87No17hwQAAA%3D%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ%2B7F3JkVEMEYWThw5oNDB%2FNrz4Lmd1czu7dkFsohAkdIcBf36nR0rJCAi0SZC50gpLCHlqFzgvwGElIoC3cXi4Gu%2B9%2Fa94u375pu9%2FJRQ5Oxk%2Bard0cawxWaVVt76NAwvVdZ0kvcr%2FXb0WdS4VHG9d5eiKn278qESW3axRkNKQxpWVrRTse0vTkTo9MFSWF2i1UatGjYb6Lv%2Fc58H8CyA7J2SV6HleP5JcB5ajJB0f1pWfiuz6TsfdHPDMuvQk4efJFuJLRJ0ZzB2AeLk8MwN65%2BtPIZNDqZxYXv%2FGrkek%2BDpY%2FDk8CwkeG9%2FmpMbqARcvoyiN4IyI2g2grC3oOUzAgiJa%2BtIunevWVew7Rcqm6hjMv%2F8L%2BhiTOZ%2FP4%2Bk%2B%2BMVo%2FuVG9bkmbaJRz8uofsj6M4IaX6EbOccdHEEkX0FLX8li8%2FXkHT3172x0PLkImuEjUhGaiGSNbrQaMX1BR5RtlBXnIY8jLhshtOCtB5BxyMYNQDzc8h9gFwHyOMAeRqgK08qIgzDFpWC0faSEHXZUjySNGStOGQhjdrIxeQfBsjSAYQZQLhdpG4XW3oAl%2F8Cv1nCywA%2BI%2BjJEoUiKDxBwQgKTVBkBEWvPJDG13x5Vxqf8%2FBs1852vRzarLPHDmzWUQnZS0%2FJK5PiAnLnPrbUSYVFLa4i2ogiyihdasT1GqtHzTqtCU5pqOB1Ce3PgfkAO3pMLjz6Dqkek3MXN8DZEbw5gtAXwPI3wIphq0bBNoeNNsVO8pCJTPdYpqTyupNUhYW0JdJsHtl2sGdOyWvTK9Zv%2FgElji9%2Fzq%2BO%2F7z3N4QrkboSX%2BgnBB1ze7hhC7K%2FYQtPHq6nme7qHTa58I2MZWru%2B4%2FUdmGdXF32g3vviYkwgQ8%2BVj5bY4nUSceT%2B1e0lMqtWCcUebTqbyp%2BPfebV3KX5Ona9fdXVrupU95rm4zA9JiQp8cQekxe%2Bvlg%2Bnhf%2F%2FpLaDeCy0t082NyNtD2CCLdhU9n%2Bb2dgzMzD08DFHk5dDU%2B%2B2g0gVEzzngJ%2Fx%2FOZ3jP30bHvQmW3ULSLdFzJXqmBDMD%2BHxumKXu%2BPJv9emAm2DIjQv2uXHm2xflen1SqVPZ4ipWLa4azUashOTNJqciFrwu222BzI9FeOeHfwAAAP%2F%2FAQAA%2F%2F87No17hwQAAA%3D%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjV0gUYGSAiTQFSlAwufZ%2B7F3JkVEMEYWThw5oNDB%2FNrz4Lmd1czu7dkFsohAkdIcBf36nR0rJCAi0SZC50gpLCHlqFzgvwGElIoC3cXi4Gu%2B9%2Fa94u375pu9%2FJRQ5Oxk%2Bard0cawxWaVVt76NAwvVdZ0kvcr%2FXb0WdS4VHG9d5eiKn278qESW3axRkNKQxpWVrRTse0vTkTo9MFSWF2i1UatGjYb6Lv%2Fc58H8CyA7J2SV6HleP5JcB5ajJB0f1pWfiuz6TsfdHPDMuvQk4efJFuJLRJ0ZzB2AeLk8MwN65%2BtPIZNDqZxYXv%2FGrkek%2BDpY%2FDk8CwkeG9%2FmpMbqARcvoyiN4IyI2g2grC3oOUzAgiJa%2BtIunevWVew7Rcqm6hjMv%2F8L%2BhiTOZ%2FP4%2Bk%2B%2BMVo%2FuVG9bkmbaJRz8uofsj6M4IaX6EbOccdHEEkX0FLX8li8%2FXkHT3172x0PLkImuEjUhGaiGSNbrQaMX1BR5RtlBXnIY8jLhshtOCtB5BxyMYNQDzc8h9gFwHyOMAeRqgK08qIgzDFpWC0faSEHXZUjySNGStOGQhjdrIxeQfBsjSAYQZQLhdpG4XW3oAl%2F8Cv1nCywA%2BI%2BjJEoUiKDxBwQgKTVBkBEWvPJDG13x5Vxqf8%2FBs1852vRzarLPHDmzWUQnZS0%2FJK5PiAnLnPrbUSYVFLa4i2ogiyihdasT1GqtHzTqtCU5pqOB1Ce3PgfkAO3pMLjz6Dqkek3MXN8DZEbw5gtAXwPI3wIphq0bBNoeNNsVO8pCJTPdYpqTyupNUhYW0JdJsHtl2sGdOyWvTK9Zv%2FgElji9%2Fzq%2BO%2F7z3N4QrkboSX%2BgnBB1ze7hhC7K%2FYQtPHq6nme7qHTa58I2MZWru%2B4%2FUdmGdXF32g3vviYkwgQ8%2BVj5bY4nUSceT%2B1e0lMqtWCcUebTqbyp%2BPfebV3KX5Ona9fdXVrupU95rm4zA9JiQp8cQekxe%2Bvlg%2Bnhf%2F%2FpLaDeCy0t082NyNtD2CCLdhU9n%2Bb2dgzMzD08DFHk5dDU%2B%2B2g0gVEzzngJ%2Fx%2FOZ3jP30bHvQmW3ULSLdFzJXqmBDMD%2BHxumKXu%2BPJv9emAm2DIjQv2uXHm2xflen1SqVPZ4ipWLa4azUashOTNJqciFrwu222BzI9FeOeHfwAAAP%2F%2FAQAA%2F%2F87No17hwQAAA%3D%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38a0cc68f632153cbd91cc31dc12b4b5
Strict-Transport-Security: max-age=0; includeSubdomains
grumblecrytopless.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 grumblecrytopless.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heavyfarm.blogspot.com/
Cookie: u_pl=16812971; uid_id2=a4146d6e-6d20-47f3-b60a-3eb01b16bd51:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca67be604660a0094f32a365302cb001e=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 11:23:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
statically.io/?ref=imgext0
151.101.193.91200 OK 0 B URL HTTP/2 statically.io/?ref=imgext0
IP 151.101.193.91:0
GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 11
x-timer: S1664191404.404506,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2
statically.io/?ref=imgext0
151.101.193.91200 OK 0 B URL HTTP/2 statically.io/?ref=imgext0
IP 151.101.193.91:0
GET /?ref=imgext0 HTTP/1.1
Host: statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://heavyfarm.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt_GiUz-r60WkxS4C_9FtSlMIbVndDlx1Bwbp6s5zbCBzJEO0Y8dQCC1Nf4ZdEA0rniYEZ4MuRZiXzjs6tf1sTEawpN5keo
x-goog-generation: 1652084586228199
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31025
content-encoding: gzip
x-goog-hash: crc32c=/ZiUrA==, md5=kVQ7glkhfZF5E5GG2e+g7A==
x-goog-storage-class: REGIONAL
server: UploadServer
expires: Wed, 21 Sep 2022 05:28:24 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 May 2022 08:23:06 GMT
etag: "91543b8259217d9179139186d9efa0ec"
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Mon, 26 Sep 2022 11:23:24 GMT
via: 1.1 varnish
age: 805
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 11
x-timer: S1664191404.404523,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31025
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 11:23:26 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4670332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JnfTzraPpxx%2BjWfeVG5EpVs%2FZJTjk0EOzns8mR3EePIZxlmbGuPBOH9pXHgTkj0sUwMPTbaYo0ZDp0OnBXg%2Bapm8okvX78s%2BH721S3b7%2B8f7aMq9YBCGn3I2O7L8FBQ1jw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750ba0a51b4375db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2