gempaqgiler.blogspot.nl/
142.250.74.161302 Moved Temporarily 179 B IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f96dc13aca73d98dde5faf4bec90a107
a7ba5525e3aea659402230614afa8d9e59bc88ce
50394bf96defb9e9f487f2e947df9b21985323ecc9c236b43e28c1ce05be4369
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gempaqgiler.blogspot.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://gempaqgiler.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 03:16:40 GMT
Expires: Mon, 28 Nov 2022 03:16:40 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 179
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13300
Expires: Mon, 28 Nov 2022 06:58:20 GMT
Date: Mon, 28 Nov 2022 03:16:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3682
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:40 GMT
Last-Modified: Mon, 28 Nov 2022 02:15:18 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11999
Expires: Mon, 28 Nov 2022 06:36:39 GMT
Date: Mon, 28 Nov 2022 03:16:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 02:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3535
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3Th73xGXoAG68bZ7bdCSfp6N0oyZ0FJxQ6+iqxov99ZdhnBhwDVRDCrOSBZqiZgorA3FJrdCL18=
x-amz-request-id: 70DN0ZD22HTNP1GW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 02:41:53 GMT
age: 2087
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 03:16:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 03:11:12 GMT
cache-control: public,max-age=3600
age: 329
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
w.sharethis.com/button/buttons.js
54.230.111.82301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/buttons.js
IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 28 Nov 2022 03:16:41 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/buttons.js
X-Cache: Redirect from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: u53o2Wqr6S9Jvnhmud3_oO8M5UCwDPWKUtr6GPlKdu6zgBF8p-YVbA==
gempaqgiler.blogspot.com/
142.250.74.161200 OK 41 kB URL HTTP/1.1 gempaqgiler.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6788)
Hash e3acfb065e06432de0d5b074768a5d71
6651eee4d4c45d9c419a153d7ec8510cee476879
ee965f63c1c221713a525e8018c0282df237058ff4a0e26efe06680b2d1e9b60
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Mon, 28 Nov 2022 03:16:41 GMT
Date: Mon, 28 Nov 2022 03:16:41 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 19 Nov 2022 23:12:58 GMT
ETag: W/"af6e034295aee465921bf5b48ef65f261ecb601325f867c5429d1bf31f4dc88e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 40601
Server: GSE
cdn.innity.net/admanager.js
23.32.97.102200 OK 3.3 kB URL HTTP/1.1 cdn.innity.net/admanager.js
IP 23.32.97.102:0
File type ASCII text, with very long lines (10252), with no line terminators
Hash 67f70474488554526256d7b6c332ab34
e4e77246c8564d7ed7983ed1b665f78a87d3d4ac
1c7447c854562f1cb49f51443725ecb7a1483cab2a5ff39382528236af20014f
GET /admanager.js HTTP/1.1
Host: cdn.innity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sat, 28 Aug 2021 09:22:10 GMT
ETag: "280c-5ca9b226f1480-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 3250
Content-Type: application/javascript
Unused62: 8096267
Cache-Control: max-age=86400
Expires: Tue, 29 Nov 2022 03:16:41 GMT
Date: Mon, 28 Nov 2022 03:16:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 142.250.74.74:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:52:18 GMT
Expires: Fri, 24 Nov 2023 05:52:18 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 336263
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4266
Cache-Control: max-age=111677
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:41 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:17:58 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash ca9a5a187a9301acd15cc891755a13c8
1522515a371821fe1c94ce773898f2e913e03012
469bcc07c9e15d43d093697277d75eaa3199cb3f455b6fd32daaa0153f4e0f98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 456243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gempaqgiler.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 gempaqgiler.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 16:17:31 GMT
Expires: Wed, 30 Nov 2022 16:17:31 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 23 Nov 2022 13:50:40 GMT
Content-Type: text/javascript
Age: 385150
apis.google.com/js/plusone.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 28 Nov 2022 03:16:41 GMT
expires: Mon, 28 Nov 2022 03:16:41 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "34fae0e5dab49917"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 558878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 28 Nov 2022 03:16:41 GMT
expires: Mon, 28 Nov 2022 03:16:41 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-z8XDHu8-TJQ/U2DmqdfWUHI/AAAAAAAAT_0/1iTJciRg1_E/s72-c/mainn.JPG
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 3.bp.blogspot.com/-z8XDHu8-TJQ/U2DmqdfWUHI/AAAAAAAAT_0/1iTJciRg1_E/s72-c/mainn.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8f36a1577f49c96c38d561823f94c0a0
0cae48ae752a6f4d83bae0e47937382204373a2e
8b1c4be21c4fe0922762d2462f5e8a9c1c5a0f258414652bf17a053d278bfa8d
GET /-z8XDHu8-TJQ/U2DmqdfWUHI/AAAAAAAAT_0/1iTJciRg1_E/s72-c/mainn.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="mainn.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2899
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:41 GMT
Expires: Fri, 25 Nov 2022 04:32:30 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4ffe"
Content-Type: image/jpeg
Age: 0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash a5aeb8dce52dc81116cc434ff43d3f63
c74721ddc9b87ba5a9deb2a361f44c9293f928b7
333fbf33d55990f58551357644398b7b571c25cd56bc25ad3ea7270571f96118
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 13:33:11 GMT
expires: Wed, 22 Nov 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 481410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (4885)
Hash 47e8f8806d912f7fbd00cfc51d0febb8
649e35d61a8ac8de4fb71973edde62d6ae226782
c6b74bec8f40905fdb7c9af409b53f35f963091d412c3d89d502432960f93053
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Mon, 28 Nov 2022 03:16:41 GMT
Expires: Mon, 28 Nov 2022 03:16:41 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 15740275104743895981
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 51713
X-XSS-Protection: 0
4.bp.blogspot.com/-3UEwo_pZ7uM/U6OqXpvqGrI/AAAAAAAAU6E/XOYsMKVcqxI/s1600/buah+dada+besar.jpg
142.250.74.161200 OK 79 kB URL HTTP/1.1 4.bp.blogspot.com/-3UEwo_pZ7uM/U6OqXpvqGrI/AAAAAAAAU6E/XOYsMKVcqxI/s1600/buah+dada+besar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x387, components 3\012- data
Hash 39a4c6f4c60252a073b4b0fc57671fc8
615aca5f85923c8568cb323524619375032cd23e
808e624657da089ed3246180d7be80973d21703730f56812a981ee98b3aaee5d
GET /-3UEwo_pZ7uM/U6OqXpvqGrI/AAAAAAAAU6E/XOYsMKVcqxI/s1600/buah+dada+besar.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v53a2"
Expires: Tue, 29 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="buah dada besar.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:41 GMT
Server: fife
Content-Length: 79323
X-XSS-Protection: 0
2.bp.blogspot.com/-SDEN3vh-3sw/UbQo9cttyRI/AAAAAAAAMR4/C5GbqCoqzoE/s72-c/stim.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 2.bp.blogspot.com/-SDEN3vh-3sw/UbQo9cttyRI/AAAAAAAAMR4/C5GbqCoqzoE/s72-c/stim.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 187a760a69a4baff21cc2cbd68e8c8ee
353bbb6f4f40d581eb2836f98a46553b42c28eaa
6679e450549c9b7b8a58a5ab1cfcb9f1d24aed20674c262436ed19892476b34e
GET /-SDEN3vh-3sw/UbQo9cttyRI/AAAAAAAAMR4/C5GbqCoqzoE/s72-c/stim.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="stim.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3496
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:41 GMT
Expires: Thu, 24 Nov 2022 16:17:30 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v311f"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-PWj-ApK0zxg/UlKW9Uj2jvI/AAAAAAAAQKk/r6EdNgFpwbc/s72-c/doktor+ani.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 2.bp.blogspot.com/-PWj-ApK0zxg/UlKW9Uj2jvI/AAAAAAAAQKk/r6EdNgFpwbc/s72-c/doktor+ani.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash de50d1dd0e89f2a112919529fd702752
4b7d3fdfe5f13f913ea147ff0c04d5d55029498d
72300702c233f10161f3645ed2e9703dd4b88436908014d569bfb04fb00071d7
GET /-PWj-ApK0zxg/UlKW9Uj2jvI/AAAAAAAAQKk/r6EdNgFpwbc/s72-c/doktor+ani.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="doktor ani.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3308
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:41 GMT
Expires: Mon, 28 Nov 2022 09:35:51 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v40aa"
Content-Type: image/jpeg
Age: 0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs
142.250.74.174200 OK 655 B URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (518)
Hash 6acf8a32cddde78cf2ea58c86e2dfc35
594c05756d11bd27a1d2b150b597dce0a9c7dd3b
c241305863449d320445b6102e087dac091afe4e84bde26cbc2d0fae6ebe1c53
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 655
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:50:31 GMT
expires: Wed, 22 Nov 2023 14:50:31 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 476770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CyrgR8DueIQ66daWYcv8sQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qOtKHpToAnISOcKS04pUj7cnurw=
2.bp.blogspot.com/-wbEFCWCuLT0/UiFd4XCvruI/AAAAAAAAPNc/6uUA5sdNEpQ/s72-c/doktor+gtl.JPG
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 2.bp.blogspot.com/-wbEFCWCuLT0/UiFd4XCvruI/AAAAAAAAPNc/6uUA5sdNEpQ/s72-c/doktor+gtl.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash da2e9832bba485626cce224fc35d9582
7dc0e557299885542601228093079ee4c649536a
edc2a3dcd609a1867326777b6a292f529073e13084cb6a8b525d9ce4de985b5d
GET /-wbEFCWCuLT0/UiFd4XCvruI/AAAAAAAAPNc/6uUA5sdNEpQ/s72-c/doktor+gtl.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="doktor gtl.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3825
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:41 GMT
Expires: Mon, 28 Nov 2022 09:35:51 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3cd8"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-pqlbaG1yKak/U27dHeAEeWI/AAAAAAAAUWM/_EZHMnxlV_Y/s72-c/rogol+di+stesyen+minyak.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/1.1 1.bp.blogspot.com/-pqlbaG1yKak/U27dHeAEeWI/AAAAAAAAUWM/_EZHMnxlV_Y/s72-c/rogol+di+stesyen+minyak.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e4b6359c29cebcdf0ac6c35db41071a0
269f3c586a3208edad1d0774d9a96fce6208a5c4
e1d85560f88693d5dd856fe4dbd69933b6acad8969ec7f8576a2bcfc8319ede8
GET /-pqlbaG1yKak/U27dHeAEeWI/AAAAAAAAUWM/_EZHMnxlV_Y/s72-c/rogol+di+stesyen+minyak.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rogol di stesyen minyak.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3435
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:41 GMT
Expires: Mon, 28 Nov 2022 09:35:51 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5164"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/-vb9s5Dzmi_k/U5rhVqHj7JI/AAAAAAAAUzM/CSixMdr3vr0/s1600/thanks.JPG
142.250.74.161200 OK 35 kB URL HTTP/1.1 4.bp.blogspot.com/-vb9s5Dzmi_k/U5rhVqHj7JI/AAAAAAAAUzM/CSixMdr3vr0/s1600/thanks.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 632x479, components 3\012- data
Hash ce43c727a1274f32946832ef01413c8c
c6134cc64575dea851e4daa49f3ea5751174c764
608738d611f505e8b840a7be39dd0c157793cdd9ee362e5700e7fdc180476e0f
GET /-vb9s5Dzmi_k/U5rhVqHj7JI/AAAAAAAAUzM/CSixMdr3vr0/s1600/thanks.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5334"
Expires: Tue, 29 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="thanks.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:41 GMT
Server: fife
Content-Length: 35161
X-XSS-Protection: 0
4.bp.blogspot.com/-cDo0NNibebc/U5uExpMD4wI/AAAAAAAAU0k/0NwwjNpQBzE/s1600/parti+liar.jpg
142.250.74.161200 OK 57 kB URL HTTP/1.1 4.bp.blogspot.com/-cDo0NNibebc/U5uExpMD4wI/AAAAAAAAU0k/0NwwjNpQBzE/s1600/parti+liar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x400, components 3\012- data
Hash 518fd3c52e7500062c7908b5d8c20d5f
4ae42c803fca92e6276f60f11478b76992404d68
8972e6c19119ca7eed9fcf118c20f534e6c711cc119698e88afb8b45f4a3bea5
GET /-cDo0NNibebc/U5uExpMD4wI/AAAAAAAAU0k/0NwwjNpQBzE/s1600/parti+liar.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v534a"
Expires: Tue, 29 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="parti liar.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:41 GMT
Server: fife
Content-Length: 57268
X-XSS-Protection: 0
1.bp.blogspot.com/-5k56afKkkfg/UlaYuppH10I/AAAAAAAAQTI/kJ3RZ-UJZbY/s72-c/gmb.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/1.1 1.bp.blogspot.com/-5k56afKkkfg/UlaYuppH10I/AAAAAAAAQTI/kJ3RZ-UJZbY/s72-c/gmb.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d3f3bd9d171c558aaa48a15347612f4
a644724fb3d742f1b10651c6a8c1b7ba84074d63
eb3302d64a055403b1190c05cf842803c78321998aae375782f807a27d2c287e
GET /-5k56afKkkfg/UlaYuppH10I/AAAAAAAAQTI/kJ3RZ-UJZbY/s72-c/gmb.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gmb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2617
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:41 GMT
Expires: Fri, 25 Nov 2022 04:32:30 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4133"
Content-Type: image/jpeg
Age: 0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes_style_bubble/exm=gapi_iframes,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_2?le=scs
142.250.74.174200 OK 16 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes_style_bubble/exm=gapi_iframes,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_2?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (3295)
Hash 0200f18e61aa04d90168896fd1f3987d
356807877af29abc876810f38db95d58804328ea
7c2fa3468de43a3984097f107748ebb648c20066daf62be332a1ea74780e7c95
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes_style_bubble/exm=gapi_iframes,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_2?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 15933
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 10:13:29 GMT
expires: Thu, 23 Nov 2023 10:13:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 406992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
172.217.21.162200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 172.217.21.162:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 10:51:15 GMT
Expires: Sun, 11 Dec 2022 10:51:15 GMT
Cache-Control: public, max-age=1209600
Age: 59126
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
4.bp.blogspot.com/-6Ogo410dTHM/U5uKEfz4QNI/AAAAAAAAU08/PdoWyZE0rL0/s1600/MH3701.jpg
142.250.74.161200 OK 35 kB URL HTTP/1.1 4.bp.blogspot.com/-6Ogo410dTHM/U5uKEfz4QNI/AAAAAAAAU08/PdoWyZE0rL0/s1600/MH3701.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 650x366, components 3\012- data
Hash 5e81526933ee2b6dc5b3541e00869d2c
61153f738517d650e2ee8110ffcab2947446268a
df2409ef1ef48ad6bc81837794769e2ef7698796427b46b742bcacf42001e580
GET /-6Ogo410dTHM/U5uKEfz4QNI/AAAAAAAAU08/PdoWyZE0rL0/s1600/MH3701.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5350"
Expires: Tue, 29 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="MH3701.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:41 GMT
Server: fife
Content-Length: 35160
X-XSS-Protection: 0
4.bp.blogspot.com/-6Ogo410dTHM/U5uKEfz4QNI/AAAAAAAAU08/PdoWyZE0rL0/s110-c/MH3701.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 4.bp.blogspot.com/-6Ogo410dTHM/U5uKEfz4QNI/AAAAAAAAU08/PdoWyZE0rL0/s110-c/MH3701.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 2e10b2fd557c62b23f7339e8f42e76bb
cfdaed265d2928536be36994431e366cd62ce69f
08d0caf0a8c35315f5060d14a82b47c4da5146105fff4bedb9e7d78ed9e4cbf7
GET /-6Ogo410dTHM/U5uKEfz4QNI/AAAAAAAAU08/PdoWyZE0rL0/s110-c/MH3701.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5350"
Expires: Tue, 29 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="MH3701.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:41 GMT
Server: fife
Content-Length: 4408
X-XSS-Protection: 0
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
date: Mon, 28 Nov 2022 03:08:22 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 723292592
etag: W/"980881274"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:37A9_2E69C9F0:0050_63842819_B05F:12353
x-iplb-instance: 40743
3.bp.blogspot.com/-yzLOvQY4qT8/UeiD5N-g4NI/AAAAAAAAOFs/nUwuIHwK-SE/s72-c/gt.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/1.1 3.bp.blogspot.com/-yzLOvQY4qT8/UeiD5N-g4NI/AAAAAAAAOFs/nUwuIHwK-SE/s72-c/gt.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 2032b56901163ea8f34a7a773ba8cfec
40bc352161f8b570903f64bb6f77b55e84629839
1c2f88284fea38d1ebfddf67d553f90317dd88719b326e4fdbb30462448c385c
GET /-yzLOvQY4qT8/UeiD5N-g4NI/AAAAAAAAOFs/nUwuIHwK-SE/s72-c/gt.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gt.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3420
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:42 GMT
Expires: Mon, 28 Nov 2022 09:35:51 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v385c"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/-EVuNNzG7J9Q/U5uIN0vxjHI/AAAAAAAAU0w/D3VLt6pUng0/s1600/gangguan+jin.png
142.250.74.161200 OK 269 kB URL HTTP/1.1 4.bp.blogspot.com/-EVuNNzG7J9Q/U5uIN0vxjHI/AAAAAAAAU0w/D3VLt6pUng0/s1600/gangguan+jin.png
IP 142.250.74.161:0
File type PNG image data, 591 x 403, 8-bit/color RGB, non-interlaced\012- data
Size 269 kB (269029 bytes)
Hash e8b82b2a8fd46fc945c78efed2228c2c
c79d39203187dc1d42d5032ba25bf6a9612a9b7b
ba42a0f310e6e2c1c76926ddd59502a948f7ff99bd37d4bab64254e3855910cf
GET /-EVuNNzG7J9Q/U5uIN0vxjHI/AAAAAAAAU0w/D3VLt6pUng0/s1600/gangguan+jin.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v534d"
Expires: Tue, 29 Nov 2022 03:16:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gangguan jin.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:41 GMT
Server: fife
Content-Length: 269029
X-XSS-Protection: 0
2.bp.blogspot.com/-nrN-cIIpkVc/UA3TY0ljAqI/AAAAAAAACkk/eFi418P6ocs/s72-c/air-mani.jpg
142.250.74.161200 OK 3.9 kB URL HTTP/1.1 2.bp.blogspot.com/-nrN-cIIpkVc/UA3TY0ljAqI/AAAAAAAACkk/eFi418P6ocs/s72-c/air-mani.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 64d4165bc1719cc50f2f3605974d0ea7
cfd98db515937351114b510f2de0bb2abd054131
2a53b30f6f67d6df12929a8f27d0d0ec6555f0c226d3fda30c7a592691f687db
GET /-nrN-cIIpkVc/UA3TY0ljAqI/AAAAAAAACkk/eFi418P6ocs/s72-c/air-mani.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="air-mani.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3854
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:42 GMT
Expires: Thu, 24 Nov 2022 16:17:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "va49"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-kKYHy_m77Uc/U5qsVajFqyI/AAAAAAAAZRM/rnb8SS23kUg/s1600/nothernraver2.jpg
142.250.74.161200 OK 58 kB URL HTTP/1.1 2.bp.blogspot.com/-kKYHy_m77Uc/U5qsVajFqyI/AAAAAAAAZRM/rnb8SS23kUg/s1600/nothernraver2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x400, components 3\012- data
Hash ec72677746d7f22132b5318d89138747
0beacabff67c14acbb0851f2232057cc569b6225
bed7a720ac19da80c4bf4fa42a6e12f5ab41eea79d8af7e87847d7dadb008f20
GET /-kKYHy_m77Uc/U5qsVajFqyI/AAAAAAAAZRM/rnb8SS23kUg/s1600/nothernraver2.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6514"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="nothernraver2.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 58078
X-XSS-Protection: 0
1.bp.blogspot.com/-x7eZlraCkGw/U1I0uUl9iII/AAAAAAAATos/rRom9lhyKLY/s72-c/sgt.JPG
142.250.74.161200 OK 3.1 kB URL HTTP/1.1 1.bp.blogspot.com/-x7eZlraCkGw/U1I0uUl9iII/AAAAAAAATos/rRom9lhyKLY/s72-c/sgt.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 901d20a054bd12aef91f6b03f19dce22
93e8c69a0c0830d056b9dc4a3f70152434a925d5
9744e0ece19c3948aa776091c066e2eef86e2535288ffb409320b0a34972fe42
GET /-x7eZlraCkGw/U1I0uUl9iII/AAAAAAAATos/rRom9lhyKLY/s72-c/sgt.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sgt.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3141
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:42 GMT
Expires: Mon, 28 Nov 2022 09:35:51 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4e8c"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-Dr4ghM5MgfE/UcuG1BVyyUI/AAAAAAAAM8s/-_Zc5Lw60hc/s72-c/bayi+kembar.jpg
142.250.74.161200 OK 4.7 kB URL HTTP/1.1 1.bp.blogspot.com/-Dr4ghM5MgfE/UcuG1BVyyUI/AAAAAAAAM8s/-_Zc5Lw60hc/s72-c/bayi+kembar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 40de9679f9b2fa6f430534720ed0adbc
a08d5584507fc3258b4064e26544560976b2f8f9
d3022ca45fefc6821f44cf8d3572bad9bb7936ed649a66044d3dd9cef7bafd68
GET /-Dr4ghM5MgfE/UcuG1BVyyUI/AAAAAAAAM8s/-_Zc5Lw60hc/s72-c/bayi+kembar.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bayi kembar.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4674
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:42 GMT
Expires: Fri, 25 Nov 2022 04:32:30 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v33cc"
Content-Type: image/jpeg
Age: 0
blogmalaya.com/button/21c210cef37a05437cddbe1432299ad3.png
209.59.191.64301 Moved Permanently 251 B URL HTTP/1.1 blogmalaya.com/button/21c210cef37a05437cddbe1432299ad3.png
IP 209.59.191.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ded8c175bed627035ddb79fdafa8f23a
dfaa2f6b9b41c47757ca5808a0d1a9ebb1eea342
ece74dacb8d7324a71c88411adee2e85da1233f98a6ba78deb2b43ac772fa079
GET /button/21c210cef37a05437cddbe1432299ad3.png HTTP/1.1
Host: blogmalaya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: Apache
Location: https://www.diveglobal.com/travel/malaysia/
Cache-Control: max-age=600
Expires: Mon, 28 Nov 2022 03:26:42 GMT
Content-Length: 251
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-VZZIVy_JFDs/U5rkoIOQKGI/AAAAAAAAUzs/EDIWi46YvCw/s1600/pkl+sampai+mati.JPG
142.250.74.161200 OK 40 kB URL HTTP/1.1 3.bp.blogspot.com/-VZZIVy_JFDs/U5rkoIOQKGI/AAAAAAAAUzs/EDIWi46YvCw/s1600/pkl+sampai+mati.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 634x462, components 3\012- data
Hash 6d109505bdda47e77572cf06e338e2fd
c37c23f130a01f18035eed8f991b3794754778d3
4aececb10528fd59f1b8cfa020ac8b5c7efd012499a670ea7fc76ef9e11c7485
GET /-VZZIVy_JFDs/U5rkoIOQKGI/AAAAAAAAUzs/EDIWi46YvCw/s1600/pkl+sampai+mati.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v533c"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pkl sampai mati.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 39816
X-XSS-Protection: 0
4.bp.blogspot.com/-3UEwo_pZ7uM/U6OqXpvqGrI/AAAAAAAAU6E/XOYsMKVcqxI/s110-c/buah+dada+besar.jpg
142.250.74.161200 OK 7.4 kB URL HTTP/1.1 4.bp.blogspot.com/-3UEwo_pZ7uM/U6OqXpvqGrI/AAAAAAAAU6E/XOYsMKVcqxI/s110-c/buah+dada+besar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 0dadc738d2a5a8fbfbc2455e0a8bf97b
7efbddd7d4898a0014c1a40778eb33f94f51d4cb
ef5b8b0da56c481eb7289aa9c6a8f790d494be0411c600c463fa0b16e6d43214
GET /-3UEwo_pZ7uM/U6OqXpvqGrI/AAAAAAAAU6E/XOYsMKVcqxI/s110-c/buah+dada+besar.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v53a2"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="buah dada besar.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 7448
X-XSS-Protection: 0
3.bp.blogspot.com/-oUxuQF3i81M/U5ri1yC9kcI/AAAAAAAAUzY/CboTWROLDto/s1600/tolong+pukul.jpg
142.250.74.161200 OK 35 kB URL HTTP/1.1 3.bp.blogspot.com/-oUxuQF3i81M/U5ri1yC9kcI/AAAAAAAAUzY/CboTWROLDto/s1600/tolong+pukul.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 320x427, components 3\012- data
Hash 5f98ac2b3d01a6151eea13459b79e31f
24aa1c92f4900e7785454c6d02d0302a9ab025e1
06482eca6168134c01cf459013a23245c74b92cdf144562ccfb1429393ba54aa
GET /-oUxuQF3i81M/U5ri1yC9kcI/AAAAAAAAUzY/CboTWROLDto/s1600/tolong+pukul.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5337"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tolong pukul.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 35271
X-XSS-Protection: 0
www.carimember.com/banner.png
85.208.116.194404 Not Found 4.8 kB URL HTTP/1.1 www.carimember.com/banner.png
IP 85.208.116.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 003039d2127216ae418bc159c62ca04c
9337fef90450d22340a9f661ac74617c70767f50
da1a604a8ed97cbe9feab8c1001a066083c34a6f95877dbbfbae6c21f973d8bd
GET /banner.png HTTP/1.1
Host: www.carimember.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Date: Mon, 28 Nov 2022 03:16:41 GMT
Content-Length: 4837
2.bp.blogspot.com/-QCJFOKUS4F4/U5rftLWJJRI/AAAAAAAAUy8/0t6lV5hnYew/s1600/bangga+angkat+awek.JPG
142.250.74.161200 OK 59 kB URL HTTP/1.1 2.bp.blogspot.com/-QCJFOKUS4F4/U5rftLWJJRI/AAAAAAAAUy8/0t6lV5hnYew/s1600/bangga+angkat+awek.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 793x513, components 3\012- data
Hash a03f6c87e2330b7c5ad494fc72a0dc82
b6be833b0cbaffc22670ee89b197360278ab5a72
246459830fc27dc5faefe0e3cff79ec76515e652b01fb49216b8cc10ffa47b29
GET /-QCJFOKUS4F4/U5rftLWJJRI/AAAAAAAAUy8/0t6lV5hnYew/s1600/bangga+angkat+awek.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bangga angkat awek.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 59107
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 03:16:42 GMT
Expires: Thu, 24 Nov 2022 16:17:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5330"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s1600/cina+hina+islam.JPG
142.250.74.161200 OK 36 kB URL HTTP/1.1 3.bp.blogspot.com/-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s1600/cina+hina+islam.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 438x479, components 3\012- data
Hash 3d89582b590099cfd512cb0316802547
a3dc9d1ae4af1343fe9e5dc97a9c8bbb9a4bfcf4
a02c7df1a9bece608af353da3e1070ef58bde26239b4aeba0fa14f357fda0877
GET /-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s1600/cina+hina+islam.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v539a"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cina hina islam.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 36108
X-XSS-Protection: 0
3.bp.blogspot.com/-cddmApzdBTI/U5sKY3XGBTI/AAAAAAAAU0U/Z93Rha5-2l4/s1600/isap.png
142.250.74.161200 OK 290 kB URL HTTP/1.1 3.bp.blogspot.com/-cddmApzdBTI/U5sKY3XGBTI/AAAAAAAAU0U/Z93Rha5-2l4/s1600/isap.png
IP 142.250.74.161:0
File type PNG image data, 640 x 469, 8-bit/color RGB, non-interlaced\012- data
Size 290 kB (289977 bytes)
Hash 1585b2b773e36f8000c092148fc8729c
c3e6b13fbf63712c08c10b179bb2d422b233ef22
cd99a5cdb4df624e14113754635bdd3b8d62bedbd1046dc44cd7313bb9945334
GET /-cddmApzdBTI/U5sKY3XGBTI/AAAAAAAAU0U/Z93Rha5-2l4/s1600/isap.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5346"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="isap.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 289977
X-XSS-Protection: 0
4.bp.blogspot.com/-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s1600/dicabul+jurujual+gas.JPG
142.250.74.161200 OK 68 kB URL HTTP/1.1 4.bp.blogspot.com/-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s1600/dicabul+jurujual+gas.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 643x445, components 3\012- data
Hash 78845c1ff18567b92d466056a70be27b
216791128e38043389c60bf694a1c726e33d5be6
22dea6ec2b5bf82614fdcfc6d1f98dfa00a2cd07fa663acb495a61956438dd2e
GET /-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s1600/dicabul+jurujual+gas.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v535a"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dicabul jurujual gas.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 67818
X-XSS-Protection: 0
4.bp.blogspot.com/-vb9s5Dzmi_k/U5rhVqHj7JI/AAAAAAAAUzM/CSixMdr3vr0/s110-c/thanks.JPG
142.250.74.161200 OK 5.3 kB URL HTTP/1.1 4.bp.blogspot.com/-vb9s5Dzmi_k/U5rhVqHj7JI/AAAAAAAAUzM/CSixMdr3vr0/s110-c/thanks.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 83be01db5adfbb69d87a2c0b57798518
7623e9afa9fade0a81dfe74e4ed31f3b90ddf78d
387fffc21e503f897c40f540b861bc26b59485681e6e9b48d1f32aa6c1ad15a7
GET /-vb9s5Dzmi_k/U5rhVqHj7JI/AAAAAAAAUzM/CSixMdr3vr0/s110-c/thanks.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5334"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="thanks.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 5338
X-XSS-Protection: 0
3.bp.blogspot.com/-OcK7TFzWQDY/U5qsVajW-MI/AAAAAAAAZRE/Zaprdp32Hu4/s1600/nothernraver3.jpg
142.250.74.161200 OK 55 kB URL HTTP/1.1 3.bp.blogspot.com/-OcK7TFzWQDY/U5qsVajW-MI/AAAAAAAAZRE/Zaprdp32Hu4/s1600/nothernraver3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x400, components 3\012- data
Hash 9e85d2495697798432842c4c53051dde
8676035cdbaaac73c2940209f59c84bdcc5547db
db1dcd3cff7c186a8f01a4e39c8391f1142b449b16b3cd1281e41915c788dae9
GET /-OcK7TFzWQDY/U5qsVajW-MI/AAAAAAAAZRE/Zaprdp32Hu4/s1600/nothernraver3.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6511"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="nothernraver3.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 54613
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-VgQETvNxxEM/U5uqHnfSR6I/AAAAAAAAU2E/h84zWsr2nE4/s110-c/panggilan+hangit+haram.jpg
142.250.74.161200 OK 5.2 kB URL HTTP/1.1 1.bp.blogspot.com/-VgQETvNxxEM/U5uqHnfSR6I/AAAAAAAAU2E/h84zWsr2nE4/s110-c/panggilan+hangit+haram.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 8f68327f46bced89cea8dd317cc9558a
eb73c7cd99cd8810c4361f8e0f09da2d049d8afa
83cabde820c7ba6ff5fe636b3e1ebb6393b20d19a42043d054a5d3febbd42e8a
GET /-VgQETvNxxEM/U5uqHnfSR6I/AAAAAAAAU2E/h84zWsr2nE4/s110-c/panggilan+hangit+haram.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5362"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="panggilan hangit haram.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 5216
X-XSS-Protection: 0
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 27 Nov 2022 11:45:52 GMT
expires: Sun, 11 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 55850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s110-c/cina+hina+islam.JPG
142.250.74.161200 OK 7.0 kB URL HTTP/1.1 3.bp.blogspot.com/-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s110-c/cina+hina+islam.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 85a2be90d79e1137968fcce9f07bcd82
c1c8786d241b59add26fe8572b3fd5bc83afab36
b355cfdebbec5ce4d149dbb520ffca75b6c99bdceff6695f5deceb206d24e814
GET /-6x09LGyKEGs/U6AdP-t9AGI/AAAAAAAAU5k/dqjga2uAna8/s110-c/cina+hina+islam.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v539a"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cina hina islam.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 6994
X-XSS-Protection: 0
4.bp.blogspot.com/-EVuNNzG7J9Q/U5uIN0vxjHI/AAAAAAAAU0w/D3VLt6pUng0/s110-c/gangguan+jin.png
142.250.74.161200 OK 22 kB URL HTTP/1.1 4.bp.blogspot.com/-EVuNNzG7J9Q/U5uIN0vxjHI/AAAAAAAAU0w/D3VLt6pUng0/s110-c/gangguan+jin.png
IP 142.250.74.161:0
File type PNG image data, 110 x 110, 8-bit/color RGB, non-interlaced\012- data
Hash 4697d2a35c2240d6e3c62e50d3081414
ef9e0b535e27cb3fe3d092f2a31bad940ad0e384
10f4c8ca1142b2f0a25dbf720b61135215614cd8c62965dd369a8daee84c3c37
GET /-EVuNNzG7J9Q/U5uIN0vxjHI/AAAAAAAAU0w/D3VLt6pUng0/s110-c/gangguan+jin.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v534d"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gangguan jin.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 22201
X-XSS-Protection: 0
4.bp.blogspot.com/-cDo0NNibebc/U5uExpMD4wI/AAAAAAAAU0k/0NwwjNpQBzE/s110-c/parti+liar.jpg
142.250.74.161200 OK 9.1 kB URL HTTP/1.1 4.bp.blogspot.com/-cDo0NNibebc/U5uExpMD4wI/AAAAAAAAU0k/0NwwjNpQBzE/s110-c/parti+liar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash c971e5d13efdf416a3efa197728bdf2f
6609e1db13779740bcd8f68d9e894307eb1e9e1b
fdac45b617bfb21742ac8549c57cba858e6712e091ae8725075e4ed1f91086f6
GET /-cDo0NNibebc/U5uExpMD4wI/AAAAAAAAU0k/0NwwjNpQBzE/s110-c/parti+liar.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v534a"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="parti liar.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 9121
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2034c4f478581061d113c3cb87e2f362
e9950a76f355c510f0449153fc23f67a9757bbe6
07e5f139ebbc8e61741506be27710036806f9e369c267e80eb9ec12587feab95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3765933820679304&plah=gempaqgiler.blogspot.com&bust=31070923
172.217.21.162200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3765933820679304&plah=gempaqgiler.blogspot.com&bust=31070923
IP 172.217.21.162:0
File type ASCII text, with very long lines (6090)
Size 120 kB (119607 bytes)
Hash 70f6f5368da96c0060db8ead29f0720b
d0d7c6cd45dad7a82b956bd505c70c5445c8f2e9
38928ec17c7a5d5d5c273a881a139f552e9927688455e08e68c1613bd7b9ba73
GET /pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3765933820679304&plah=gempaqgiler.blogspot.com&bust=31070923 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Mon, 28 Nov 2022 03:16:42 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4328671440324293398
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-cddmApzdBTI/U5sKY3XGBTI/AAAAAAAAU0U/Z93Rha5-2l4/s110-c/isap.png
142.250.74.161200 OK 19 kB URL HTTP/1.1 3.bp.blogspot.com/-cddmApzdBTI/U5sKY3XGBTI/AAAAAAAAU0U/Z93Rha5-2l4/s110-c/isap.png
IP 142.250.74.161:0
File type PNG image data, 110 x 110, 8-bit/color RGB, non-interlaced\012- data
Hash 2c4743e29dd1119b931632f0c7b41e06
687b8180f35ef54610237a8c637921fc9fb616ea
4807417683f8137471d90b5230f2f08fd92a61cd1e29d04c0ff49540da82e35a
GET /-cddmApzdBTI/U5sKY3XGBTI/AAAAAAAAU0U/Z93Rha5-2l4/s110-c/isap.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5346"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="isap.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 19142
X-XSS-Protection: 0
3.bp.blogspot.com/-VZZIVy_JFDs/U5rkoIOQKGI/AAAAAAAAUzs/EDIWi46YvCw/s110-c/pkl+sampai+mati.JPG
142.250.74.161200 OK 6.6 kB URL HTTP/1.1 3.bp.blogspot.com/-VZZIVy_JFDs/U5rkoIOQKGI/AAAAAAAAUzs/EDIWi46YvCw/s110-c/pkl+sampai+mati.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 6a8f511fe34edfea0bb3a306f8576097
8fb4cfdef333d56fdfe0284a934f7ad2fd1215eb
b262399e44b6036eff4de2c97d001a17585066d164620ab81702b9a1ceb3e12d
GET /-VZZIVy_JFDs/U5rkoIOQKGI/AAAAAAAAUzs/EDIWi46YvCw/s110-c/pkl+sampai+mati.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v533c"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pkl sampai mati.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 6584
X-XSS-Protection: 0
3.bp.blogspot.com/-qcqxuwepuw8/T7Ts0Iso9VI/AAAAAAAAAkg/oGskZqNwrZY/s1600/search_icon.gif
142.250.74.161404 Not Found 832 B URL HTTP/1.1 3.bp.blogspot.com/-qcqxuwepuw8/T7Ts0Iso9VI/AAAAAAAAAkg/oGskZqNwrZY/s1600/search_icon.gif
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-qcqxuwepuw8/T7Ts0Iso9VI/AAAAAAAAAkg/oGskZqNwrZY/s1600/search_icon.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
2.bp.blogspot.com/-3tX4uKXVG40/UCLjjLW1TyI/AAAAAAAAAu0/iqkFd5F9Oxg/s1600/m.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 2.bp.blogspot.com/-3tX4uKXVG40/UCLjjLW1TyI/AAAAAAAAAu0/iqkFd5F9Oxg/s1600/m.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-3tX4uKXVG40/UCLjjLW1TyI/AAAAAAAAAu0/iqkFd5F9Oxg/s1600/m.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9414d2dcd2ce6f1bae5b8f7bcab893d6
956c8c0b4322157542531d2aecaaffdbd82f0c09
a6dd3b249b82b089eb113c5f909df6b3fe773bf9d29ffc4c899caa23ee6e40b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=102368
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Etag: "638314fa-118"
Expires: Tue, 29 Nov 2022 07:42:50 GMT
Last-Modified: Sun, 27 Nov 2022 07:42:50 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
2.bp.blogspot.com/-Wh_2wLvFM48/U5ucM3KVGzI/AAAAAAAAU1M/CaE2psUVqHo/s110-c/nyaris+culik.jpg
142.250.74.161200 OK 7.0 kB URL HTTP/1.1 2.bp.blogspot.com/-Wh_2wLvFM48/U5ucM3KVGzI/AAAAAAAAU1M/CaE2psUVqHo/s110-c/nyaris+culik.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash fc7e7e1f70c6dbe49fe36bcabac4b455
c52bea600343e9d9cd62784ee4e4c3e8b3e7d55c
f7941fa7cccbe8e3edb60a9e88f80c5d58f5d7d9548d0d10a837f619dd093696
GET /-Wh_2wLvFM48/U5ucM3KVGzI/AAAAAAAAU1M/CaE2psUVqHo/s110-c/nyaris+culik.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5354"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="nyaris culik.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 7048
X-XSS-Protection: 0
1.bp.blogspot.com/-bNkiEiZfwmk/U5sIIb6uF6I/AAAAAAAAU0I/fO3X-DAqVtg/s110-c/Kemaluannya+Tersekat+Pada+Paip.jpg
142.250.74.161200 OK 6.2 kB URL HTTP/1.1 1.bp.blogspot.com/-bNkiEiZfwmk/U5sIIb6uF6I/AAAAAAAAU0I/fO3X-DAqVtg/s110-c/Kemaluannya+Tersekat+Pada+Paip.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 3058e4d9e042f3e77ec5101ac5913055
eef98b3407f585acb3676d5f56a0efdc5b8a13a6
033393a3dab264c4c74c2a154cc19e6bf9aa778ae31e2f5b4f33f63c1f4b3c1f
GET /-bNkiEiZfwmk/U5sIIb6uF6I/AAAAAAAAU0I/fO3X-DAqVtg/s110-c/Kemaluannya+Tersekat+Pada+Paip.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5343"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Kemaluannya Tersekat Pada Paip.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 6205
X-XSS-Protection: 0
1.bp.blogspot.com/-KiiZ1ZphfWw/U5sFfFQdV4I/AAAAAAAAUz8/LXCthVkiRh8/s110-c/lelaki+idaman.jpg
142.250.74.161200 OK 5.5 kB URL HTTP/1.1 1.bp.blogspot.com/-KiiZ1ZphfWw/U5sFfFQdV4I/AAAAAAAAUz8/LXCthVkiRh8/s110-c/lelaki+idaman.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash b329d491d02e1b147f2dc85a519911ea
71c962d496c1ce344a74d599e052b1d72aef22a1
54042d32bc5bea06e0afb8ee70d857d6c59ef78efc369196bc3dbdefbcea076b
GET /-KiiZ1ZphfWw/U5sFfFQdV4I/AAAAAAAAUz8/LXCthVkiRh8/s110-c/lelaki+idaman.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5340"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="lelaki idaman.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 5514
X-XSS-Protection: 0
1.bp.blogspot.com/-bNkiEiZfwmk/U5sIIb6uF6I/AAAAAAAAU0I/fO3X-DAqVtg/s1600/Kemaluannya+Tersekat+Pada+Paip.jpg
142.250.74.161200 OK 34 kB URL HTTP/1.1 1.bp.blogspot.com/-bNkiEiZfwmk/U5sIIb6uF6I/AAAAAAAAU0I/fO3X-DAqVtg/s1600/Kemaluannya+Tersekat+Pada+Paip.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 620x413, components 3\012- data
Hash 803c5054b91b8c732aeca80c42ea7322
17607624f68c789abe9d4a8d454d07dd6c6fc820
f4a7e998b29009e323b6301da3af7068a67ed0fa4486549aa957afa67435b44b
GET /-bNkiEiZfwmk/U5sIIb6uF6I/AAAAAAAAU0I/fO3X-DAqVtg/s1600/Kemaluannya+Tersekat+Pada+Paip.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5343"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Kemaluannya Tersekat Pada Paip.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 33468
X-XSS-Protection: 0
2.bp.blogspot.com/-Wh_2wLvFM48/U5ucM3KVGzI/AAAAAAAAU1M/CaE2psUVqHo/s1600/nyaris+culik.jpg
142.250.74.161200 OK 56 kB URL HTTP/1.1 2.bp.blogspot.com/-Wh_2wLvFM48/U5ucM3KVGzI/AAAAAAAAU1M/CaE2psUVqHo/s1600/nyaris+culik.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x387, components 3\012- data
Hash 9bfd0943d3b6d32369675a8f1b589a2d
7952d1afb2fe997410fe9da0349ff0a844d5fbb7
82da9e385e71641e28e712407d70a4d851fd7ce97bfefc8b1fe14ba560e6d429
GET /-Wh_2wLvFM48/U5ucM3KVGzI/AAAAAAAAU1M/CaE2psUVqHo/s1600/nyaris+culik.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5354"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="nyaris culik.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 55577
X-XSS-Protection: 0
4.bp.blogspot.com/-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s110-c/dicabul+jurujual+gas.JPG
142.250.74.161200 OK 9.0 kB URL HTTP/1.1 4.bp.blogspot.com/-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s110-c/dicabul+jurujual+gas.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 6ca163f9ce81f9af8102e3557ad3f0cf
51a81a9079ebfcb61be5e2a8a57acd7f078fd0de
2b45c004243bb56849c8772b93411f184615ffeb0605dba71245e951404e4a78
GET /-zFJotwpfFhk/U5ulyQT1b0I/AAAAAAAAU1k/gIOEbT6s_T0/s110-c/dicabul+jurujual+gas.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v535a"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dicabul jurujual gas.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 8971
X-XSS-Protection: 0
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8276956487562511376%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://gempaqgiler.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8276956487562511376%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://gempaqgiler.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 459 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8276956487562511376%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://gempaqgiler.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8276956487562511376%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://gempaqgiler.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (503)
Hash 9fea39f298a65c91baeabbdc4287fddb
014e20c69badc170ef614de7e633b87bedf1e69d
e95544f1bb6664ffd4b70c3da461a73c17f49f3bfcd8f22b0869f24757de7a22
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8276956487562511376%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://gempaqgiler.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8276956487562511376%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://gempaqgiler.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://www.blogger.com/followers.g?blogID=8276956487562511376&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-zXB9sXoyRmtCcIL9aA_WYA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 459
server: GSE
set-cookie: __Host-GAPS=1:tJhRHruUyr09WN5u4Zas_YuRIvY7IQ:57__j3ajiOQEdw7g;Path=/;Expires=Wed, 27-Nov-2024 03:16:42 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-KiiZ1ZphfWw/U5sFfFQdV4I/AAAAAAAAUz8/LXCthVkiRh8/s1600/lelaki+idaman.jpg
142.250.74.161200 OK 30 kB URL HTTP/1.1 1.bp.blogspot.com/-KiiZ1ZphfWw/U5sFfFQdV4I/AAAAAAAAUz8/LXCthVkiRh8/s1600/lelaki+idaman.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 700x304, components 3\012- data
Hash af3953dcebb4f518d3320d356f5562e6
61a12176caa93059644487c2fb0c81d1f5439cb3
09a3631ff966ac9471110570257b05228f500f821580c853911cea5e7bdaac38
GET /-KiiZ1ZphfWw/U5sFfFQdV4I/AAAAAAAAUz8/LXCthVkiRh8/s1600/lelaki+idaman.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5340"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="lelaki idaman.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 30165
X-XSS-Protection: 0
2.bp.blogspot.com/-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s110-c/pelacur+muda.jpg
142.250.74.161200 OK 10 kB URL HTTP/1.1 2.bp.blogspot.com/-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s110-c/pelacur+muda.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 82c24550f32b07a4cc003fba6ac5ac19
3fbe62272ef47139cc04c7bd344cd63eccb7e3c5
99780996b1ef7048f426bd67b8ab00dcc7a50fc5742adbe800158e4956810ac6
GET /-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s110-c/pelacur+muda.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v539e"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pelacur muda.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 10433
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=gempaqgiler.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=gempaqgiler.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=gempaqgiler.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 03:16:42 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Mkwzs-3GQ5I/U5uoI58HWJI/AAAAAAAAU14/5L5OQqwnAfU/s110-c/bela+lipas.jpg
142.250.74.161200 OK 9.5 kB URL HTTP/1.1 2.bp.blogspot.com/-Mkwzs-3GQ5I/U5uoI58HWJI/AAAAAAAAU14/5L5OQqwnAfU/s110-c/bela+lipas.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3\012- data
Hash 6b4375d28fb50e7b73c42edfde1072db
63af646a408cd67ec5c7d7ae1e82112fb2658655
3eb48e1a01cd312a27e824a9a1c56348f28826fc215bb8105c8a26dabbb93fa6
GET /-Mkwzs-3GQ5I/U5uoI58HWJI/AAAAAAAAU14/5L5OQqwnAfU/s110-c/bela+lipas.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v535f"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bela lipas.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 9495
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=gempaqgiler.blogspot.com&callback=_gfp_s_&client=ca-pub-3765933820679304&gpid_exp=1
216.58.207.194200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=gempaqgiler.blogspot.com&callback=_gfp_s_&client=ca-pub-3765933820679304&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 8faf067e54a30c0a4d984f308dab8445
818cb71eae8da50dd29f25f2a3b2735374409665
37b766a2b6fa4095e83347afdc6de419150edb8ff5e54a97eed31f5a67e80994
GET /gampad/cookie.js?domain=gempaqgiler.blogspot.com&callback=_gfp_s_&client=ca-pub-3765933820679304&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 03:16:42 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s1600/pelacur+muda.jpg
142.250.74.161200 OK 72 kB URL HTTP/1.1 2.bp.blogspot.com/-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s1600/pelacur+muda.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x383, components 3\012- data
Hash 4928ab7546eb778864edf36982d5384e
758860f9cca0c6e5c211d76125f0646be012512a
832aab4ae700f7171faac60827f1ac479ac938566a16f18ab69077b60bc18350
GET /-pReRQactpts/U6OjrWf9-SI/AAAAAAAAU50/_yW4vpf6gF8/s1600/pelacur+muda.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v539e"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pelacur muda.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 71503
X-XSS-Protection: 0
1.bp.blogspot.com/-VgQETvNxxEM/U5uqHnfSR6I/AAAAAAAAU2E/h84zWsr2nE4/s1600/panggilan+hangit+haram.jpg
142.250.74.161200 OK 32 kB URL HTTP/1.1 1.bp.blogspot.com/-VgQETvNxxEM/U5uqHnfSR6I/AAAAAAAAU2E/h84zWsr2nE4/s1600/panggilan+hangit+haram.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 620x304, components 3\012- data
Hash 2f9c1cfb62db00411697dcc11f1f7968
5093a8baee466e08abaa6232a9e89c4294c6f9e9
5988b4f14d08b7af6069d2fddeb9c0f216be8e7a0c90ecda9df8841317a9c1ca
GET /-VgQETvNxxEM/U5uqHnfSR6I/AAAAAAAAU2E/h84zWsr2nE4/s1600/panggilan+hangit+haram.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5362"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="panggilan hangit haram.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 31807
X-XSS-Protection: 0
adservice.google.no/adsid/integrator.js?domain=gempaqgiler.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=gempaqgiler.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=gempaqgiler.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 03:16:42 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Mkwzs-3GQ5I/U5uoI58HWJI/AAAAAAAAU14/5L5OQqwnAfU/s1600/bela+lipas.jpg
142.250.74.161200 OK 78 kB URL HTTP/1.1 2.bp.blogspot.com/-Mkwzs-3GQ5I/U5uoI58HWJI/AAAAAAAAU14/5L5OQqwnAfU/s1600/bela+lipas.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 642x425, components 3\012- data
Hash 7375b50ad2c9f42a258b7ac907225d25
81a641bd5602da864e81ec16b67bc3a12fd66032
1925b1bfce34618e9bfe27e235fd88ccc6f2c5c44909ab75aebba0e9b9856b70
GET /-Mkwzs-3GQ5I/U5uoI58HWJI/AAAAAAAAU14/5L5OQqwnAfU/s1600/bela+lipas.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v535f"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bela lipas.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 78315
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-kDBA2IC5Je8/U5mJfT9QgHI/AAAAAAAAaMg/YvCbNol-pE8/s1600/Kemaluannya+Tersekat+Pada+Paip-2.jpg
142.250.74.161200 OK 19 kB URL HTTP/1.1 1.bp.blogspot.com/-kDBA2IC5Je8/U5mJfT9QgHI/AAAAAAAAaMg/YvCbNol-pE8/s1600/Kemaluannya+Tersekat+Pada+Paip-2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 348x236, components 3\012- data
Hash 7d1f06fd55289d3d9418e619b1fa5119
d9bc8bcf91daeff557da0ab38cc14581e2d67488
e7bb431c14b8a62d570bb94f82bc8ad1009e6c1cab12ff8f2c2ab98b27faecc3
GET /-kDBA2IC5Je8/U5mJfT9QgHI/AAAAAAAAaMg/YvCbNol-pE8/s1600/Kemaluannya+Tersekat+Pada+Paip-2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v68c9"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Kemaluannya Tersekat Pada Paip-2.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 18941
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-NFq80F30h0s/U5q0Ieh1iFI/AAAAAAAAZRc/U21bgejtfaM/s1600/reportnothernraver.JPG
142.250.74.161200 OK 45 kB URL HTTP/1.1 1.bp.blogspot.com/-NFq80F30h0s/U5q0Ieh1iFI/AAAAAAAAZRc/U21bgejtfaM/s1600/reportnothernraver.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 542x318, components 3\012- data
Hash cff9a26d7d8d4aaf44802520da853d12
7700f9d58090cbf8c123e317ba318160eafb98bb
bdef6118326d0e39d2c1b7e8d2eff2f15839849e33ce24693d02a9eac553d052
GET /-NFq80F30h0s/U5q0Ieh1iFI/AAAAAAAAZRc/U21bgejtfaM/s1600/reportnothernraver.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6518"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="reportnothernraver.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 44562
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws.sharethis.com/button/async-buttons.js
54.230.111.82200 OK 19 kB URL HTTP/2 ws.sharethis.com/button/async-buttons.js
IP 54.230.111.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b3b7d06f8df8276ede0facec198706e
3e42fc6cacb95a5fa1b56c5b3984e8269752fbbe
342ffe242184c80ddf304e21db8b256ccb8aecb1f4bd9363802dcf2f36053837
GET /button/async-buttons.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18813
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
cache-control: max-age=259200
date: Sun, 27 Nov 2022 21:42:44 GMT
expires: Wed, 30 Nov 2022 21:42:44 GMT
etag: W/"634f1895-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E9HPY-y6j-FgJW5aEBzrgKikd1b7dSJ_EvgMkjzHKCAMdZiPTpir4g==
age: 20038
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECIXW7c_X0rWY7gEiC3ZjYXJkX3Bob3RvKig1NDhhMzE5ZDM5NzA5YzhiZWFkNDg5Y2Q1MGQ4NDY0NTMwMmI3ZDY2MAHrAsJslr1R_UFg-fH6u_FERrX2Jg
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECIXW7c_X0rWY7gEiC3ZjYXJkX3Bob3RvKig1NDhhMzE5ZDM5NzA5YzhiZWFkNDg5Y2Q1MGQ4NDY0NTMwMmI3ZDY2MAHrAsJslr1R_UFg-fH6u_FERrX2Jg
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECIXW7c_X0rWY7gEiC3ZjYXJkX3Bob3RvKig1NDhhMzE5ZDM5NzA5YzhiZWFkNDg5Y2Q1MGQ4NDY0NTMwMmI3ZDY2MAHrAsJslr1R_UFg-fH6u_FERrX2Jg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu_aOpTrN90Z_VIOPe-ejBDexZjDQrVJhL_dAaUFlA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-zI0Kh4M1_vQFYTwF1ydtFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=k5_9EBjR6GMfi2maiHJLcHdNkTOErysY2zKxCj2NkxZIzjB6QTa4o7W1a8ivpD1d4Q-gC68f_0DkqmonIEEmTdSWAWimiZffIvZbh43j3c3ASUFkm-Lu6H_FhJzjpG1tU2fSk3ZDZqTitB6BFSzTM6RnHmtG3A8m0E1QqmOCsSA; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECJemosSA8YuZ6wEiC3ZjYXJkX3Bob3RvKigyNzcxNmM2N2M5YmY1YTVmMWE5NmVjMDViOGM5MDJkMjU4YWNjNzdhMAEM1Q0mre1i_gRfr724NCyUi2Y1Dw
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECJemosSA8YuZ6wEiC3ZjYXJkX3Bob3RvKigyNzcxNmM2N2M5YmY1YTVmMWE5NmVjMDViOGM5MDJkMjU4YWNjNzdhMAEM1Q0mre1i_gRfr724NCyUi2Y1Dw
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECJemosSA8YuZ6wEiC3ZjYXJkX3Bob3RvKigyNzcxNmM2N2M5YmY1YTVmMWE5NmVjMDViOGM5MDJkMjU4YWNjNzdhMAEM1Q0mre1i_gRfr724NCyUi2Y1Dw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9mk3zhGRUm7GZyl6QQXTbR64e18PZd4GcuteGv=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-c2ZrNdCwoHMhniJ18rghpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=HsAhzMmuwstPq9fFxdUEdm4W1fOM1s8opwwTODrhaycNgmceIH5qsCHexvER3AaAE3Al_JLYzjgfAtZ1stghlVHxyQ7NfuDayHq5pZK46UitoL3-FM5D0w5y3Xe7FAus2-x761HPFAJz3ih0KtV8_mAoajnwajvIqlVJG3J9nwg; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-eOTkv8TuF2E/VwB7HKw6yWI/AAAAAAAACU4/TdmqpYhgLskKlYrrwUzX4794yLlbCU1vg/s45-c/20150301_135416.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 1.bp.blogspot.com/-eOTkv8TuF2E/VwB7HKw6yWI/AAAAAAAACU4/TdmqpYhgLskKlYrrwUzX4794yLlbCU1vg/s45-c/20150301_135416.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 567a59874f8f7fff44f9cdea1a8ed5d3
fe177a9c1bf63a98e826de034f3908950391c909
426636310fc023de152148c7714c3eb837e9406113cf49394bb67687569e534f
GET /-eOTkv8TuF2E/VwB7HKw6yWI/AAAAAAAACU4/TdmqpYhgLskKlYrrwUzX4794yLlbCU1vg/s45-c/20150301_135416.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20150301_135416.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2194
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Mon, 28 Nov 2022 09:35:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v94f"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCJS6oIjk3MSUMiILdmNhcmRfcGhvdG8qKDllMWRlNmRjODk2ZTMyNDQ3ZTUzODVhMTQzNzgwZjkyY2FmNjI1MTgwAY89104PHlvdLS_nkFn2moCIa33F
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCJS6oIjk3MSUMiILdmNhcmRfcGhvdG8qKDllMWRlNmRjODk2ZTMyNDQ3ZTUzODVhMTQzNzgwZjkyY2FmNjI1MTgwAY89104PHlvdLS_nkFn2moCIa33F
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCJS6oIjk3MSUMiILdmNhcmRfcGhvdG8qKDllMWRlNmRjODk2ZTMyNDQ3ZTUzODVhMTQzNzgwZjkyY2FmNjI1MTgwAY89104PHlvdLS_nkFn2moCIa33F HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu_P87edlKOJtYxppRxLytfjsnd-CcKww1gHFSqgrA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-QCjlRJmKE5LIMf85hLjIIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=dgHCxstgLAFA-0FOJx3nEJFX4o_k0mdhsl7zl4T7mPUpcLW7Mq1eod6rFoE2qDerB0K9Hhow0GmxCtM0BR82uKiGUk-YLZy06AvCi1yXzNXTjPqNhDy72AHOlD__Fkhjg5_r7FMyRQnz7Yze3UpXPwOVtvvLfFC5tiFabyucz_c; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECO2ylpKGh5ntzgEiC3ZjYXJkX3Bob3RvKihjNjUyZWI3OGMzYjM5YjUxNjg1YmY2YTVhODU2MTczMDFkNjcxNGIxMAGJ6oLp8jpFeahb4kXhLfEovY-b1w
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECO2ylpKGh5ntzgEiC3ZjYXJkX3Bob3RvKihjNjUyZWI3OGMzYjM5YjUxNjg1YmY2YTVhODU2MTczMDFkNjcxNGIxMAGJ6oLp8jpFeahb4kXhLfEovY-b1w
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECO2ylpKGh5ntzgEiC3ZjYXJkX3Bob3RvKihjNjUyZWI3OGMzYjM5YjUxNjg1YmY2YTVhODU2MTczMDFkNjcxNGIxMAGJ6oLp8jpFeahb4kXhLfEovY-b1w HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-uCnlYDOi2b1lcABzcZ3yGk3Nh-r8PYlFDMvo5TA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-y-aA82kz7acyH9Lx3d0iyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=l408Nc3CmAGsIwuktvJN52cRNZ5yx6zvLVShsG8UI7Qo78n94DhBjUCLkLbBNXBpBVV74YmPDkiRrYrAt0TYu6JxVC0bbz5l4eeCCGKr7v5fGTv1ucbesjTBUDb-bnDQD1Y7gAfPiVzhl5WezP5GpNfP7a663ZN8wrkcG5C8nUw; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECKfJ5K-t1uOJhQEiC3ZjYXJkX3Bob3RvKigwYTJkYmQxYzQwNTc3NGFlYzZmNmI5MjNkNmU2YTc5MGU3MGUyZWVkMAESIoAtnGX3OPzAkmpX-dWyHsf7aw
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECKfJ5K-t1uOJhQEiC3ZjYXJkX3Bob3RvKigwYTJkYmQxYzQwNTc3NGFlYzZmNmI5MjNkNmU2YTc5MGU3MGUyZWVkMAESIoAtnGX3OPzAkmpX-dWyHsf7aw
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECKfJ5K-t1uOJhQEiC3ZjYXJkX3Bob3RvKigwYTJkYmQxYzQwNTc3NGFlYzZmNmI5MjNkNmU2YTc5MGU3MGUyZWVkMAESIoAtnGX3OPzAkmpX-dWyHsf7aw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9F-_Yb3oxwg6mbQIYdn9LisDNnzjH8LQkDx5m9=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-Tv7UoElnfHUT2UWVbheg5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=mViRtPjX3Wu68h1TNXgLbpjZKgDXlJvPl2B1CkVeHEzy1NbMCkKBnwjpVcjuZ0PUveQONSton71C_x6HFtjgTUDrLYIAsQ0H3epKgHYMGr3RGfw7SpkJSIiyrQ5uTEa3DACWN458LA5UW-oAgSmR_DvKM_B45X-E_rHUiOVQ71E; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-N6Mg7hfIJfc/U5qsWcp8rhI/AAAAAAAAZRI/bGc6UT6E048/s640/nothernraver4.jpg
142.250.74.161200 OK 86 kB URL HTTP/1.1 1.bp.blogspot.com/-N6Mg7hfIJfc/U5qsWcp8rhI/AAAAAAAAZRI/bGc6UT6E048/s640/nothernraver4.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x427, components 3\012- data
Hash 885d92b846c289cf74fc97d47bebf3c7
4ca3493697c012bd92eaad071a7eb857507039b5
4cf37b29b1c41b824e495fdc1e3d5d723ff12ec61d5b8984bb99de48f4a0f5e7
GET /-N6Mg7hfIJfc/U5qsWcp8rhI/AAAAAAAAZRI/bGc6UT6E048/s640/nothernraver4.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6512"
Expires: Tue, 29 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="nothernraver4.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 03:16:42 GMT
Server: fife
Content-Length: 85564
X-XSS-Protection: 0
tcr.tynt.com/ti.js
104.18.36.173200 OK 16 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Hash a384492ef8f3bb035fc8ecba870e86d3
a6da9b212e2d640261cc1c1a5c98096aef5d8778
9232a4a99aa4630732414441f411afe936b0e95047f3d018e46c40f211fc1ede
GET /ti.js HTTP/1.1
Host: tcr.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 03:16:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-b4ff"
content-encoding: gzip
CF-Cache-Status: HIT
Age: 29170
Expires: Thu, 01 Dec 2022 03:16:42 GMT
Cache-Control: public, max-age=259200
Server: cloudflare
CF-RAY: 770ff247efa1b505-OSL
4.bp.blogspot.com/_7VgnsUgKcUY/S0gxUKp1wBI/AAAAAAAAACM/p9xj_T6Q5Ng/S45-s45-c/t192.jpg
142.250.74.161200 OK 1.5 kB URL HTTP/2 4.bp.blogspot.com/_7VgnsUgKcUY/S0gxUKp1wBI/AAAAAAAAACM/p9xj_T6Q5Ng/S45-s45-c/t192.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash bc889ff29990e318e8a7b196c6e3cfc3
c7f7eb1587eb0f08d0f0c545f2b2788098074d1a
51b2787dd0cbfaffd3660571c9eb924e04ecd7a58be0a5f7d28314e4c614ef61
GET /_7VgnsUgKcUY/S0gxUKp1wBI/AAAAAAAAACM/p9xj_T6Q5Ng/S45-s45-c/t192.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="t192.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1527
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v23"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCN67-tz5x-agECILdmNhcmRfcGhvdG8qKGNlN2QzOGFkYmFiNjUyYjQzYWEwZjI3NzFkODZiZDQwODZlNDE4ZDUwAa_UqZHe39AVovp3B4z4TrYWkCsU
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCN67-tz5x-agECILdmNhcmRfcGhvdG8qKGNlN2QzOGFkYmFiNjUyYjQzYWEwZjI3NzFkODZiZDQwODZlNDE4ZDUwAa_UqZHe39AVovp3B4z4TrYWkCsU
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCN67-tz5x-agECILdmNhcmRfcGhvdG8qKGNlN2QzOGFkYmFiNjUyYjQzYWEwZjI3NzFkODZiZDQwODZlNDE4ZDUwAa_UqZHe39AVovp3B4z4TrYWkCsU HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-c0T_ECQLYjOHvhXhiPSrcRPa9Nc7rjEgQs3IR=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-DbPxDp-T92atAE0AqSR7tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=Xw6IqnjjZa-YLwytU2RW0CCzqI60Sw8TE-GmBSKNt6mcVsjMlUajPKsvMieXFh6_t_c0wa9QexdkCFzAjrCAhkOwm5-oqfnn86CC9BUVZKdnCL1W-PKEN9q7gwvsGSuan3gDvo0Sa2ldzz1XGIQ6hphP1ZLxbhDHBfho6P30J9s; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCIbwu6jMt5fkIyILdmNhcmRfcGhvdG8qKDQ5OTY1N2ZjNzc1ZTU3ZmY4ZjgxMzI3ZjkxNTFjYTgwMWMxZjk3ZjUwAQzlscY6zaOrnnbKvpxlegmxFZH0
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCIbwu6jMt5fkIyILdmNhcmRfcGhvdG8qKDQ5OTY1N2ZjNzc1ZTU3ZmY4ZjgxMzI3ZjkxNTFjYTgwMWMxZjk3ZjUwAQzlscY6zaOrnnbKvpxlegmxFZH0
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCIbwu6jMt5fkIyILdmNhcmRfcGhvdG8qKDQ5OTY1N2ZjNzc1ZTU3ZmY4ZjgxMzI3ZjkxNTFjYTgwMWMxZjk3ZjUwAQzlscY6zaOrnnbKvpxlegmxFZH0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu85Czo5FGmYESV00yf31nogn1X9VaUzpmK-dcPIig=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-R_1NCpJu5fwNSbou80ZVyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=FMm0RF0OiN8mPdLOPDhSjFZ7HyKdjkVtH-DsmZfx2wPYFtK5p6mKhVWfESph-TPdbLes4QH7stTxiwpWBRIIpav6wUt5f_DM6pI-8SItFopR17MhZGAllXV3PhbabzWaFoR0rj0QemKZ-W3oWurFpsrEFkobzP4ekJtO5Jj0BmU; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECL_w9cWVlYKzqQEiC3ZjYXJkX3Bob3RvKigwNWFiNTA2ODQwMGIzY2RhOGZkNDRkYzQ5NWEwYzBmMWIyYjYyYWFiMAHy44GzBU6qHWo1kFvaMAEqmDPDVw
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECL_w9cWVlYKzqQEiC3ZjYXJkX3Bob3RvKigwNWFiNTA2ODQwMGIzY2RhOGZkNDRkYzQ5NWEwYzBmMWIyYjYyYWFiMAHy44GzBU6qHWo1kFvaMAEqmDPDVw
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECL_w9cWVlYKzqQEiC3ZjYXJkX3Bob3RvKigwNWFiNTA2ODQwMGIzY2RhOGZkNDRkYzQ5NWEwYzBmMWIyYjYyYWFiMAHy44GzBU6qHWo1kFvaMAEqmDPDVw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-xsKB9blI5ZAy4SFuIP4GT-3ZtJyJCpMW44hgNVg=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-kZKUiHM4ndGUxMtL6N8i-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=nVgjje8UUIytpPNtSPcSCqdNLPi1J3x_UTXdkeCTq8rf95DA8UJMlLdBhUFiKIUQB9nFW7gW-o14FSSBtUBUAwTt-d9HekX0c4cubIHXbVORhPAVsysvWydXrYyaLXFtA6LTMSG3legotWe5tKdZvQAVye_IZgiDCNrJ2FLVR2Y; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/button/css/buttons-secure.css
54.230.111.82200 OK 3.9 kB URL HTTP/2 ws.sharethis.com/button/css/buttons-secure.css
IP 54.230.111.82:0
File type ASCII text, with very long lines (23158), with no line terminators
Hash 61da924a747e08c5f54a6cb31c724a48
8e49d971d6a667c3888a481b742e05cafcf72a43
54302324d4b6aa780466c869b9932504d0b1eaa7ef1df6c5481b35fb0625343a
GET /button/css/buttons-secure.css HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3851
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sun, 27 Nov 2022 23:28:21 GMT
etag: W/"634f1895-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JtZzMO8iUMe9BIZn88mcPYOil1bkIwJd_MbrYKpfqMzpT1k7WrP56w==
age: 13706
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECL-czJrTipXcqwEiC3ZjYXJkX3Bob3RvKig1ZDg5MjQzM2I4ZWZjYzJkZTE1MGEzY2Q4NmFiZDRkZmNmYjNmNzliMAH-65LcE_e627dWUDQmY5iuCePydA
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECL-czJrTipXcqwEiC3ZjYXJkX3Bob3RvKig1ZDg5MjQzM2I4ZWZjYzJkZTE1MGEzY2Q4NmFiZDRkZmNmYjNmNzliMAH-65LcE_e627dWUDQmY5iuCePydA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECL-czJrTipXcqwEiC3ZjYXJkX3Bob3RvKig1ZDg5MjQzM2I4ZWZjYzJkZTE1MGEzY2Q4NmFiZDRkZmNmYjNmNzliMAH-65LcE_e627dWUDQmY5iuCePydA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu82fxQokHAJkWAH8YtVHwKc6m45ffi7JkASjsI-Zg=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-4dcnbj0dtDdrPACPdc5NFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=hAEs5awmudd76hk9VgxxDLUgoLB3ZlwBFMYoEJNH5nfLvrbNPB_-OuVbg4MxWisILPt4XI4A5o4p1QMC1w34OZsIV8pCB0fgL3uaM5Dq_w0apaiIRG52HM5PSi0_FjT74dQIYU9bupELiHbYiBcyYh9XuUtSeTAKxu_mA21fzPA; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCOiTjfet8Km2HyILdmNhcmRfcGhvdG8qKDNmMDYzMjYyYzdiYTQ4ZTYyZjVkNGI1YmM0ZTc3Y2IzZDA0NTk5NTIwAVCvr_wwFFE7RsKazMUjeT-GuiGn
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCOiTjfet8Km2HyILdmNhcmRfcGhvdG8qKDNmMDYzMjYyYzdiYTQ4ZTYyZjVkNGI1YmM0ZTc3Y2IzZDA0NTk5NTIwAVCvr_wwFFE7RsKazMUjeT-GuiGn
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCOiTjfet8Km2HyILdmNhcmRfcGhvdG8qKDNmMDYzMjYyYzdiYTQ4ZTYyZjVkNGI1YmM0ZTc3Y2IzZDA0NTk5NTIwAVCvr_wwFFE7RsKazMUjeT-GuiGn HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu_S-tGMiamXKCwGjq6TnO_58YrFf3PlxHjrmWuWdAc=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-56_gcsL9o4XtEp-Pj64rGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=gqpXwplzAvAdNimKv54zk7VsYLvpNWe-DW2Bv9AYljp81MM1Pai4R_Xr6K60kM_ahqfu33Gm9OORHInUTXfgzeXHDtD9_UIhMMi9ACFCW2C9kATJDPl35_JeEaqWRftX9XnTpKng9CQbNkGUWnEARmhPUalIbX7InjFj1x8T8pA; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/photos/public/AIbEiAIAAABECLSej83Q8qbBzwEiC3ZjYXJkX3Bob3RvKihhYjIyMzhkNDhkYjhhYjNjNjYxM2VlNGEzZjdmZGQ0NDUwOWM5Y2EwMAGKRNgAslfgNpObeMuTfD-vramf2g
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECLSej83Q8qbBzwEiC3ZjYXJkX3Bob3RvKihhYjIyMzhkNDhkYjhhYjNjNjYxM2VlNGEzZjdmZGQ0NDUwOWM5Y2EwMAGKRNgAslfgNpObeMuTfD-vramf2g
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECLSej83Q8qbBzwEiC3ZjYXJkX3Bob3RvKihhYjIyMzhkNDhkYjhhYjNjNjYxM2VlNGEzZjdmZGQ0NDUwOWM5Y2EwMAGKRNgAslfgNpObeMuTfD-vramf2g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-SNgDim5iLWV2fuSR5q8b-hJpBto74Zyh5z4u4=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-zzrLDkMKY9JmQaup5QNN3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=INx6WB57JGvx2A-GBTFwU7PjBVLQMQlIGyz3ZShV_pb0iXjq4BQ98xxhY8oeaRGStTvoiAq38tq3lBtkaZZnaYEZWbMXC-U7xzzfb7mpWL1hkZzHK0-WhL1qz5k3h66OraL2rQZlLTd0ixDtRA2Gq6ZKItm7lB7QTQGhsuCqzkE; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 1988d561d4fac4f5610060090d8bd6dd
e20b9c6799c51a192ba2d0ef0b32f73669f85e5e
ae287f627e8106236001929907ed35ecd535916db96f75d528f09bb9350f31ed
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 9f4547baeb9240a3dae0d83767585d3c
ETag: "7140d1c2c52936ae05f438ea1af744f0"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Mon, 28 Nov 2022 03:31:35 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: GYjVYdT6xPVhAGAJDYvW3Q==
X-FB-Debug: 9jGE5qZSHOjmCFE8hbgRMUUmGgtj11uFPclS3sZMTdsRMqaebGZrPXRxA+WVkTPgbH8gNG+imcNiChsuA4uluA==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Mon, 28 Nov 2022 03:16:42 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1684
www.google.com/s2/photos/public/AIbEiAIAAABDCJrBz6avtf2WVCILdmNhcmRfcGhvdG8qKDY3N2YzODdhZjY0YzYwMWY4YzRmYTYzOGRlZjA1NjExNGY1NjI3NWQwAdc6pb9iy0dSCYkVCExtl_7fpUyI
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCJrBz6avtf2WVCILdmNhcmRfcGhvdG8qKDY3N2YzODdhZjY0YzYwMWY4YzRmYTYzOGRlZjA1NjExNGY1NjI3NWQwAdc6pb9iy0dSCYkVCExtl_7fpUyI
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCJrBz6avtf2WVCILdmNhcmRfcGhvdG8qKDY3N2YzODdhZjY0YzYwMWY4YzRmYTYzOGRlZjA1NjExNGY1NjI3NWQwAdc6pb9iy0dSCYkVCExtl_7fpUyI HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8bbjNHRpsNjv9JQDHKAuX7_38sjojO_lCPCS8uaQ=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-IbHD4R4pAk7i8L7EgfbLsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=Pnh5Z4i7aNqLDHzSYjlqtm9t9lFQOVmYm1kniRKEOQaq7d_kNTJ7cH2itnZEGrFyvj1EP9fwCDwYxpO2eH1wubZQzFO3yOei0FF_Q8q4T-_zN2-2qp_dxRELgeltBSFhaTDFNMYpo3HVzyRKIzJwBp5SuEV4lU6v-JMNi1pLftc; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu_aOpTrN90Z_VIOPe-ejBDexZjDQrVJhL_dAaUFlA=s96-p
142.250.74.33200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_aOpTrN90Z_VIOPe-ejBDexZjDQrVJhL_dAaUFlA=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 5aa7d61e62b13cf142c4c71db455c3da
20e6aaf86d3b7f90613dfc48fbc9799d09b24a91
7e5244a6a00da83043b5a55ca32e7f7995728fdce52e7aa7e9c8ed045f70e4dc
GET /a-/ACNPEu_aOpTrN90Z_VIOPe-ejBDexZjDQrVJhL_dAaUFlA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3147
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v28f3"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECOCmweGhx7qb7QEiC3ZjYXJkX3Bob3RvKig5N2YxMzBjODMyN2UzNmJmNjkxNTQ2NjdkY2ZlYjQ4Mjk2NWU3MTI3MAHxj8R6JcrROlT0hWb0C2XiQbtFyA
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECOCmweGhx7qb7QEiC3ZjYXJkX3Bob3RvKig5N2YxMzBjODMyN2UzNmJmNjkxNTQ2NjdkY2ZlYjQ4Mjk2NWU3MTI3MAHxj8R6JcrROlT0hWb0C2XiQbtFyA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECOCmweGhx7qb7QEiC3ZjYXJkX3Bob3RvKig5N2YxMzBjODMyN2UzNmJmNjkxNTQ2NjdkY2ZlYjQ4Mjk2NWU3MTI3MAHxj8R6JcrROlT0hWb0C2XiQbtFyA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 03:16:42 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8YC_YyjHR50gJ2UyYbUtO5HC9NErKmBsi2oi_Uyg=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-iCrg-uoadk0syJUjTwXWzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=tqfw55GjFk-J8cHiHOUqyV9bxSf3r9OnAtnxIQ50-GfdQ92NZP8bMYDrM3YLmP5lzlP23dHMPGerakhVJHyuQg0uhkZidPZpBUYDXgsqg5BfIUCYPUOapszsgiw-5g_f-tnTfE_11FS3iETU1051qgRLU3aTNsWTYaT6WuZA2jU; expires=Tue, 30-May-2023 03:16:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu9mk3zhGRUm7GZyl6QQXTbR64e18PZd4GcuteGv=s96-p
142.250.74.33200 OK 5.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9mk3zhGRUm7GZyl6QQXTbR64e18PZd4GcuteGv=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash d4ad2e470645acf5199e80c4021bcf00
31fdcb92a67394c50ccaa970b237066ee4cab56b
7b325188f72788de820ed06e9d78e60c4532027cb1c7c7fa0065641b1c188117
GET /a-/ACNPEu9mk3zhGRUm7GZyl6QQXTbR64e18PZd4GcuteGv=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5764
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu_P87edlKOJtYxppRxLytfjsnd-CcKww1gHFSqgrA=s96-p
142.250.74.33200 OK 9.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_P87edlKOJtYxppRxLytfjsnd-CcKww1gHFSqgrA=s96-p
IP 142.250.74.33:0
File type PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data
Hash 959445c5b2b431b18049b60669e63508
b850a751f30d6ccb918f3105d5780503e232dd75
72115a3f915760b5628fb098ebfbcb128640fda7cf428489b909eafd435ce210
GET /a-/ACNPEu_P87edlKOJtYxppRxLytfjsnd-CcKww1gHFSqgrA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 9467
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v211"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-c0T_ECQLYjOHvhXhiPSrcRPa9Nc7rjEgQs3IR=s96-p
142.250.74.33200 OK 5.7 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-c0T_ECQLYjOHvhXhiPSrcRPa9Nc7rjEgQs3IR=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash bef05fd83d2a8b6e27f609d229670a46
92870c78dc07ed81db81effd67b1c1bdd319e780
a72aadbec43894f22de6738adf0b09b53b450d0bb58dd8441067d9777f7e3033
GET /a-/ACNPEu-c0T_ECQLYjOHvhXhiPSrcRPa9Nc7rjEgQs3IR=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5650
x-xss-protection: 0
date: Mon, 28 Nov 2022 01:50:31 GMT
expires: Thu, 24 Nov 2022 12:11:05 GMT
cache-control: public, max-age=86400, no-transform
age: 5171
etag: "v1a"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-uCnlYDOi2b1lcABzcZ3yGk3Nh-r8PYlFDMvo5TA=s96-p
142.250.74.33200 OK 6.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-uCnlYDOi2b1lcABzcZ3yGk3Nh-r8PYlFDMvo5TA=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 59e5a5ad642ad62be33f8ff654388130
a9035355c7bbeebb3ed192ab9413c4fd247b5439
aefe5132a0185427d287e0990304898d826ba8b330d36512872a09e12694dc80
GET /a-/ACNPEu-uCnlYDOi2b1lcABzcZ3yGk3Nh-r8PYlFDMvo5TA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6065
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Mon, 28 Nov 2022 09:35:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "ve36"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu9F-_Yb3oxwg6mbQIYdn9LisDNnzjH8LQkDx5m9=s96-p
142.250.74.33200 OK 6.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9F-_Yb3oxwg6mbQIYdn9LisDNnzjH8LQkDx5m9=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 7e93595a7ae2304e724932f03ded045b
c850ca37ca4b765f39b0a83a3b5d8e5da64ce5a3
02c220d4149658b166fd4c76d6d91fb6e89c13ee8b111dbc0db7e550e38bc737
GET /a-/ACNPEu9F-_Yb3oxwg6mbQIYdn9LisDNnzjH8LQkDx5m9=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6488
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-yj7Q3kZyK2s/ULI_MGc95UI/AAAAAAAAAvY/U4RkAJemx3A/s45-c/DSC02855%25252B-%25252BCopy.JPG
142.250.74.161200 OK 2.0 kB URL HTTP/2 2.bp.blogspot.com/-yj7Q3kZyK2s/ULI_MGc95UI/AAAAAAAAAvY/U4RkAJemx3A/s45-c/DSC02855%25252B-%25252BCopy.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 5918f5a70496f0f5bd8f1d5dff254149
f404532bddff301da5eb102e3ee4fdcd06682039
f21e15c66c92957f899f9b574bebc494b87fa76da572d2cd48b3ff8f753b8ae7
GET /-yj7Q3kZyK2s/ULI_MGc95UI/AAAAAAAAAvY/U4RkAJemx3A/s45-c/DSC02855%25252B-%25252BCopy.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="DSC02855%2B-%2BCopy.JPG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2023
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Mon, 28 Nov 2022 09:35:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2f6"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-xsKB9blI5ZAy4SFuIP4GT-3ZtJyJCpMW44hgNVg=s96-p
142.250.74.33200 OK 3.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-xsKB9blI5ZAy4SFuIP4GT-3ZtJyJCpMW44hgNVg=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 0560f5c47b4cdef8ac9fe45ae243ba9b
7c8815d4da7ce450dbf8d9a828766783d8e0b85b
1971e9fd372ac654ae704dd683dfca92c753080e9b76898bb770bfa73aa5642e
GET /a-/ACNPEu-xsKB9blI5ZAy4SFuIP4GT-3ZtJyJCpMW44hgNVg=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3188
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2299"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu85Czo5FGmYESV00yf31nogn1X9VaUzpmK-dcPIig=s96-p
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu85Czo5FGmYESV00yf31nogn1X9VaUzpmK-dcPIig=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 64cf22441901b6a63e450c0cb9041cad
60b15514c05c73881473b38804f5780bd5112b74
7a6ddc262e548b5d6dc5ad9cddad87058c3e3fd5947efd512572fdd8a145d17c
GET /a-/ACNPEu85Czo5FGmYESV00yf31nogn1X9VaUzpmK-dcPIig=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4196
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7df"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu82fxQokHAJkWAH8YtVHwKc6m45ffi7JkASjsI-Zg=s96-p
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu82fxQokHAJkWAH8YtVHwKc6m45ffi7JkASjsI-Zg=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 2b3772e9dac92f87082fd97447bbbd60
1cccbd9b9be2628dcedd95e2a39f5a336f86ffb1
f0cd12749d19a48d1725e89007582a4d73fe2f05073cfae51a2ef0340c8c6ad6
GET /a-/ACNPEu82fxQokHAJkWAH8YtVHwKc6m45ffi7JkASjsI-Zg=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4216
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2767"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-SNgDim5iLWV2fuSR5q8b-hJpBto74Zyh5z4u4=s96-p
142.250.74.33200 OK 6.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-SNgDim5iLWV2fuSR5q8b-hJpBto74Zyh5z4u4=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 0e20da9f6ca6c662be4794102065b2ec
e9e005d5b230dd60bac0ddae2de6bbcef3110c85
580e65b9fee6276f06a2ca55a263d31ceccbc31dcabfd5b3bc692c7fdd925a86
GET /a-/ACNPEu-SNgDim5iLWV2fuSR5q8b-hJpBto74Zyh5z4u4=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6554
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1c6"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu_S-tGMiamXKCwGjq6TnO_58YrFf3PlxHjrmWuWdAc=s96-p
142.250.74.33200 OK 15 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_S-tGMiamXKCwGjq6TnO_58YrFf3PlxHjrmWuWdAc=s96-p
IP 142.250.74.33:0
File type PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data
Hash b5d222fc7f994024cdcdc7aef806c274
90400605befdf7ccb6968aa496477c778327bf54
5480072aeb3154c5bb566106f96d3405225f4e85ef816836b72b551713336dc2
GET /a-/ACNPEu_S-tGMiamXKCwGjq6TnO_58YrFf3PlxHjrmWuWdAc=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb295"
expires: Tue, 29 Nov 2022 03:16:42 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 03:16:42 GMT
server: fife
content-length: 14703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/ACNPEu8bbjNHRpsNjv9JQDHKAuX7_38sjojO_lCPCS8uaQ=s96-p
142.250.74.33200 OK 5.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu8bbjNHRpsNjv9JQDHKAuX7_38sjojO_lCPCS8uaQ=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 41ee4800e2a827bc74a0a9162fbdc0eb
a239922ad101eb68a587b9d5facaaf7fbc366362
a57d127f9d4133de920b1d8454a7b2cd06c178d3cc9149505135f24a8a514631
GET /a-/ACNPEu8bbjNHRpsNjv9JQDHKAuX7_38sjojO_lCPCS8uaQ=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5608
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:42 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2ea8"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu8YC_YyjHR50gJ2UyYbUtO5HC9NErKmBsi2oi_Uyg=s96-p
142.250.74.33200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu8YC_YyjHR50gJ2UyYbUtO5HC9NErKmBsi2oi_Uyg=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 0f8cf9d61a93cf314946714b95138aa0
bf225a2be53ae090fab2e919d68cf8dd831c21ce
c67eced7d1976d515911e44e33cf684c158a046b2b04f552d704e510a9adcd61
GET /a-/ACNPEu8YC_YyjHR50gJ2UyYbUtO5HC9NErKmBsi2oi_Uyg=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4122
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:43 GMT
expires: Thu, 24 Nov 2022 03:36:41 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3a1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu8vmQZURF-TV2IJpL6Aw2LmooF83Y-DtbSiC1fcUA=s96-p
142.250.74.33200 OK 5.3 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu8vmQZURF-TV2IJpL6Aw2LmooF83Y-DtbSiC1fcUA=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 80c564df329e549362b28d88721a4a1f
aae26c7a038cb320293bf8d2aefb43be41ce80d7
d55eb8f260e75438c37445d7c775cfe93328e499afb7f01cc0bae2a0516fd7af
GET /a-/ACNPEu8vmQZURF-TV2IJpL6Aw2LmooF83Y-DtbSiC1fcUA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5297
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:43 GMT
expires: Mon, 21 Nov 2022 18:08:52 GMT
cache-control: public, max-age=86400, no-transform
etag: "v20e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu_DrClu_tzZKWZEf3Ij_tz1vEWwSVgx2qR3Dy6wQA=s96-p
142.250.74.33200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_DrClu_tzZKWZEf3Ij_tz1vEWwSVgx2qR3Dy6wQA=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash a027b35f849a0b073db11ea5c33cd12b
7f487126454ab093e5f01abaab9759c84fe69f94
bc4ff644928107cfb6aa2d98a406e299ad08ef82235f84cb1f73e3962f1b8409
GET /a-/ACNPEu_DrClu_tzZKWZEf3Ij_tz1vEWwSVgx2qR3Dy6wQA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4413
x-xss-protection: 0
date: Mon, 28 Nov 2022 03:16:43 GMT
expires: Fri, 25 Nov 2022 04:32:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v20f1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipO7j9LAT-6RZWyRjSo239vefwK7N-NBRMyZd00r=s45-c?key=CK-wle7fgrnsiQE
142.250.74.33404 Not Found 904 B URL HTTP/2 lh3.googleusercontent.com/p/AF1QipO7j9LAT-6RZWyRjSo239vefwK7N-NBRMyZd00r=s45-c?key=CK-wle7fgrnsiQE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 288ba721beee9352ca47b2a130423c86
5dd28e65cfc52620335ca1a10be532ed9e44ff14
6ee738d016e2e0d81bb5da04d1c97a4b33d9ec9f3bfc3cee450b33d1dd997cc4
GET /p/AF1QipO7j9LAT-6RZWyRjSo239vefwK7N-NBRMyZd00r=s45-c?key=CK-wle7fgrnsiQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 03:16:43 GMT
server: fife
content-length: 904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNWmIRVc2fiySVY1U0Ba-UJH6KQttvNbFuQyEhX=s45-c?key=CKq9qZ-hsIvuVg
142.250.74.33200 OK 5.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNWmIRVc2fiySVY1U0Ba-UJH6KQttvNbFuQyEhX=s45-c?key=CKq9qZ-hsIvuVg
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 7b15d53e8b6421cc0832f0a15fbcf455
d2c744bfbb18f4430e7441db2ec78f313a1cbca1
ca1321b6ef7083fff3dab5ec94d5fc9b9ee69632dd0f46ec2a3a92a67be92df9
GET /p/AF1QipNWmIRVc2fiySVY1U0Ba-UJH6KQttvNbFuQyEhX=s45-c?key=CKq9qZ-hsIvuVg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v408"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 03:16:43 GMT
server: fife
content-length: 5431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gempaqgiler.blogspot.com/favicon.ico
142.250.74.161200 OK 290 B URL HTTP/1.1 gempaqgiler.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 4171c424740dfaeda72fccb8224b1983
26a2f9b2876dd7440b6fa47d0af3b691444a0c75
4b6cc0c3304cc4458171983765a5ee50cae1508a918b9e80795867d7a0cee51b
GET /favicon.ico HTTP/1.1
Host: gempaqgiler.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Cookie: HstCfa2361969=1669605401547; HstCla2361969=1669605401547; HstCmu2361969=1669605401547; HstPn2361969=1; HstPt2361969=1; HstCnv2361969=1; HstCns2361969=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Mon, 28 Nov 2022 03:16:43 GMT
Date: Mon, 28 Nov 2022 03:16:43 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 19 Nov 2022 23:12:58 GMT
ETag: W/"af6e034295aee465921bf5b48ef65f261ecb601325f867c5429d1bf31f4dc88e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 290
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6572
Cache-Control: max-age=163671
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:43 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:44:34 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6748
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 03:16:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaCfMUy6EtOLWvJy1jFbKp9KQzG5v7nq27sIo7d8gFeGesFd4uWdEw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:24:14 GMT
age: 17549
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6748
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 03:16:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 18897
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:08 GMT
age: 18035
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js?hash=ae608fec1b4bcf700eed3985f0614f4c
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=ae608fec1b4bcf700eed3985f0614f4c
IP 31.13.72.12:0
File type ASCII text, with very long lines (18605)
Hash c25af14a6596972b9aa09b1b5893b4a6
b0654ff1ec099f33787690f043ff7ffcc15b1eca
0e7099736ee1b90d0972d955ead9e4a216da79f642d68d3fb325e23c79f0cf52
GET /en_US/all.js?hash=ae608fec1b4bcf700eed3985f0614f4c HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gempaqgiler.blogspot.com
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 35ef936835f41f8cdd7ce77e5c4b36f9
etag: "9ea28a75ced97be4f66935deac4ee66c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 28 Nov 2023 01:52:20 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: wlrxSmWWlyuaoJsbWJO0pg==
x-fb-debug: AM8dzJdA8+oNen4aKBKORE0KkKf1UASi+0bjcrTd23jvW1+v7zF8Z0luv7qoArcxDhuWOu1/qvcldZXeGqHGSw==
priority: u=3,i
content-length: 88226
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 03:16:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 005e5ba3c9588cf389a58195001b64e3
238a7439d887fb3aa7f1302eeb43fce62f08441a
d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3ggibSv4guzAQjW77yMg7HTp5JCBi1B9dxXi-Zy_-Vw0b6lP1PAGyQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 19534
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6748
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 03:16:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 300ba2bd11eefb4b5b9ba5b9d56c6cca
55c9d2899b16945f329d0dacc021161038629988
a866abff0b6b5c6ed6758f1208f106d8f00c7f16fa07f2a676301cce8301e964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4254
x-amzn-requestid: 9c63d2a1-e805-4114-8875-fc1dc022c047
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHopoAMFq0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-395ca7b76b364c11172fbdd6;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kEPPpR5WF9pdwcaIAgJlKrueznhQ4g5RFucMPj5eI0EbNk5Dt2dLIQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:00:48 GMT
age: 18955
etag: "55c9d2899b16945f329d0dacc021161038629988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6572
Cache-Control: max-age=163671
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:43 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:44:34 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f7db86be1f26a9355252071e0373eb10
ccc5716bd0d1fbb51e796b1b2a970f062ce8dd27
ad5c6b36eead8b2d2c026d14db4b7942c53e4adaf478037ebdbea24b71373b88
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 03:16:43 GMT
Last-Modified: Mon, 28 Nov 2022 01:29:10 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7_CZzkuVQBJ1r6BjODBadw_celvicwrEoSYLXiIJk1mO_SfdZ6hC5Q==
Age: 6453
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 18897
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9b7502862b847fab779159f4a93f36b3
5c965ad315b05988499fbc01ff0c02dfc488ea8b
5fdc96148b88f35128f54ad482e3fa998c2ea3ec1ffe79057fd4157fa7c1ab2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 03:16:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:33:40 GMT
Expires: Sun, 04 Dec 2022 11:33:39 GMT
Etag: "5c965ad315b05988499fbc01ff0c02dfc488ea8b"
Cache-Control: max-age=547615,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770ff248ef38b511-OSL
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1669605401255.73673&hostname=gempaqgiler.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&title=Memang%20Gempaq&sop=false
3.126.95.118204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1669605401255.73673&hostname=gempaqgiler.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&title=Memang%20Gempaq&sop=false
IP 3.126.95.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1669605401255.73673&hostname=gempaqgiler.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&title=Memang%20Gempaq&sop=false HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gempaqgiler.blogspot.com
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: http://gempaqgiler.blogspot.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 28 Nov 2022 03:16:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9b7502862b847fab779159f4a93f36b3
5c965ad315b05988499fbc01ff0c02dfc488ea8b
5fdc96148b88f35128f54ad482e3fa998c2ea3ec1ffe79057fd4157fa7c1ab2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 03:16:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:33:40 GMT
Expires: Sun, 04 Dec 2022 11:33:39 GMT
Etag: "5c965ad315b05988499fbc01ff0c02dfc488ea8b"
Cache-Control: max-age=547615,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770ff24a0bfa0b69-OSL
lh3.googleusercontent.com/p/AF1QipMqm6Jz2u6K-ChjDSLnR4FdPMJiN9Ix6r2ZLnhB=s45-c?key=COrdpbXQy6v3EQ
142.250.74.33200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMqm6Jz2u6K-ChjDSLnR4FdPMJiN9Ix6r2ZLnhB=s45-c?key=COrdpbXQy6v3EQ
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 0c303d5b431ddc18b366dd87c5f01189
eceba0b2aee7339f788ecabeadb3ba5750be1318
aaafc2a58fe40b8f36471449dd6d2136bfe797dcaa4963069343fc80ce61e2de
GET /p/AF1QipMqm6Jz2u6K-ChjDSLnR4FdPMJiN9Ix6r2ZLnhB=s45-c?key=COrdpbXQy6v3EQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3183"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 03:16:43 GMT
server: fife
content-length: 4308
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1669605401255.73673&hostname=gempaqgiler.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&title=Memang%20Gempaq&sop=false&img_pview=true
3.126.95.118204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1669605401255.73673&hostname=gempaqgiler.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&title=Memang%20Gempaq&sop=false&img_pview=true
IP 3.126.95.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1669605401255.73673&hostname=gempaqgiler.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fgempaqgiler.blogspot.com%2F&title=Memang%20Gempaq&sop=false&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 28 Nov 2022 03:16:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
s4.histats.com/stats/2361969.php?2361969&@f16&@g1&@h1&@i1&@j1669605401547&@k0&@l1&@mMemang%20Gempaq&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-9625378&@b3:1669605402&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgempaqgiler.blogspot.com%2F&@w
192.99.13.63200 OK 109 B URL HTTP/1.1 s4.histats.com/stats/2361969.php?2361969&@f16&@g1&@h1&@i1&@j1669605401547&@k0&@l1&@mMemang%20Gempaq&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-9625378&@b3:1669605402&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgempaqgiler.blogspot.com%2F&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 6c596e85af14ae01dc8d424f41608d92
863485608b930da6e39b1624f7ab28c9ea6ef933
3161c8f1dd85d4639bf4b1d3fb4cb884e84280743b7e5b4c2a44e1285ccb001a
GET /stats/2361969.php?2361969&@f16&@g1&@h1&@i1&@j1669605401547&@k0&@l1&@mMemang%20Gempaq&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-9625378&@b3:1669605402&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgempaqgiler.blogspot.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 03:16:43 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 109
Connection: close
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 03:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
s10.histats.com/counters/cc_10.js
46.105.201.240200 OK 7.6 kB URL HTTP/2 s10.histats.com/counters/cc_10.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (17833), with no line terminators
Hash 1d9460c984f25ea64e208b9ea21c492a
ec720873c6e352f435a40e0a6d11c878e451faa5
05a939636a8285b28ee6dce67902e97a148fa19288bc882cee6eb98ae74f1414
GET /counters/cc_10.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 03:07:46 GMT
etag: "-21747805"
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
x-request-id: 638387052
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7570
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq&cu=http%3A%2F%2Fgempaqgiler.blogspot.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 03:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=a6AIeU7GCr4P2Oacwqm_6r&dn=TI&cc=1&r=
67.202.105.32200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=a6AIeU7GCr4P2Oacwqm_6r&dn=TI&cc=1&r=
IP 67.202.105.32:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=a6AIeU7GCr4P2Oacwqm_6r&dn=TI&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Tue, 29 Nov 2022 03:16:43 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Mon, 28 Nov 2022 03:16:42 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0&t=Memang%20Gempaq HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 03:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
scontent-a-kul.xx.fbcdn.net/hphotos-xfp1/t1.0-9/10464207_856549094373374_4733516123044627336_n.jpg
157.240.236.8403 Forbidden 12 B URL HTTP/2 scontent-a-kul.xx.fbcdn.net/hphotos-xfp1/t1.0-9/10464207_856549094373374_4733516123044627336_n.jpg
IP 157.240.236.8:0
File type ASCII text, with no line terminators
Hash 6da8b20dcba14383da78ef717bca965d
47e2253187a5c7c570e7c0092434ac21e980b4d2
3540a6f3c2b8f6c49b9f3dffc6e16629bf74203531524fdac1d80dc38e62f2b5
GET /hphotos-xfp1/t1.0-9/10464207_856549094373374_4733516123044627336_n.jpg HTTP/1.1
Host: scontent-a-kul.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
access-control-allow-origin: *
proxy-status: http_request_error; e_clientaddr="AcKb-paNT6rsHfUBmfrMzperNhhYwu1XJdlZYg4OLvJwAoCPcBti_X6DmhTxdXuvGcl1uCxBu9w4g-rp"; e_fb_vipaddr="AcLo4lQKYl9qfAkBT1vz3QfA1WtgdNSwq5oG0WXtpgpNepzirWXRBjVIIYzlv248sJOAtO8uyg"; e_fb_builduser="AcLosj_Rn-SvD1laqoEdxaJyBajBFPp1bt6X8ZV9RmojF4ZKsICzrH-42A7iI_9YL9o"; e_fb_binaryversion="AcJ5fgCK7i9bTV0ot_ycp2o-JTf8Z-cz1tqy9LYAKB7qWsuPF28wlTBF23s_s-HmMqErTQjmLSK9bQt8pqt7Csu4lQNpwxv0OPk"; e_proxy="AcL2odO3BmPd93xC7JjLjWqpk4xrQB8j0QkoxKK4pSPnyiah3mZ9Qeu6MendOvS97WTtAWhprC50nf8"
content-type: text/plain
content-length: 12
server: proxygen-bolt
x-fb-trip-id: 1679558926
date: Mon, 28 Nov 2022 03:16:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 03:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 03:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 03:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=a6AIeU7GCr4P2Oacwqm_6r&lm=0&ts=1669605402446&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 03:16:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0c7f923b97046608033f90253a891bf0
bf5025e94ed9ea85ee3e7677561ee686480b526c
1062154cd5de28de1d012a4f4d10fb5e548fabf6d67918eaeb745975949a3294
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 03:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws.sharethis.com/secure5x/index.html
54.230.111.82200 OK 4.1 kB URL HTTP/2 ws.sharethis.com/secure5x/index.html
IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (452)
Hash d359b835f361ce395cf1e1d23d6100f4
88013b75781073cf0d0103de6aaf32dd1b91a135
a8a78f8e2ee2c683adb5576b1f884d86d1e3e565a70dc4cc09d3b2b5567dcab2
GET /secure5x/index.html HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 4080
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sun, 27 Nov 2022 19:25:06 GMT
etag: W/"634f1895-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: edTVUQxAE-WMi3Nx_hB862WPUYnc-TwRJ6AWBGIp9sptQt_Gth-YYg==
age: 28300
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
54.230.111.82200 OK 5.6 kB URL HTTP/2 ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
IP 54.230.111.82:0
File type C source, ASCII text, with very long lines (16630), with no line terminators
Hash 94b39eb0a8fb0b06a11ad4d75b2e74b9
5d9f3beab6794398f43e43625b651cb16f6514ed
db64545fc1dedef33184fb39df6e927e83fb783555622cafe426dc83c87e17c1
GET /secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 5630
cache-control: max-age=31536000
content-encoding: gzip
date: Thu, 25 Aug 2022 02:51:08 GMT
etag: W/"62bdf287-40f6"
expires: Fri, 25 Aug 2023 02:51:08 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g3GDMCiw69iYDs4ZAecnPXRaSnf-MDRZt4GPOAOnw8zmGhfeRfeWyw==
age: 8209537
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.65200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.65:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 28 Nov 2022 03:16:45 GMT
expires: Mon, 28 Nov 2022 03:16:45 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.65200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 11:46:54 GMT
expires: Mon, 27 Nov 2023 11:46:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 55791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js
54.230.111.82200 OK 0 B URL HTTP/2 ws.sharethis.com/secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js
IP 54.230.111.82:0
GET /secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
cache-control: max-age=31536000
content-encoding: gzip
date: Tue, 18 Oct 2022 23:15:55 GMT
etag: W/"634f1895-211a0"
expires: Wed, 18 Oct 2023 23:15:55 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uWD7mjeUlZRjplLgckG_ht-2Ux0Q7iD3kTX7VMSWJmeFSWJGYsC7xA==
age: 3470450
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.diveglobal.com/travel/malaysia/
172.67.189.30200 OK 0 B URL HTTP/2 www.diveglobal.com/travel/malaysia/
IP 172.67.189.30:0
GET /travel/malaysia/ HTTP/1.1
Host: www.diveglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gempaqgiler.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 03:16:42 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.37
vary: Accept-Encoding,User-Agent
cache-control: max-age=86400
cf-cache-status: HIT
age: 3523
last-modified: Mon, 28 Nov 2022 02:17:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwRgMTRnzAbhDoo0lRR87qHHP%2BLeLXVTbWeFJpRexfGX5c3hbgjcqC8AqUK5VAoX9UzkDKoeHTfzvO%2BDK7mXMqwPKm8%2FFHky4OvcmcAxOW%2BG2cG6f1v8dBdAibbp5w089Ze%2Fqd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770ff24528050afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
w1.hmetro.com.my/myMetro/articles/Lipasdianggapanak/pix_gal1?harianmetro
34.87.14.30503 Service Unavailable 0 B URL HTTP/1.0 w1.hmetro.com.my/myMetro/articles/Lipasdianggapanak/pix_gal1?harianmetro
IP 34.87.14.30:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /myMetro/articles/Lipasdianggapanak/pix_gal1?harianmetro HTTP/1.1
Host: w1.hmetro.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.0 503 Service Unavailable
Cache-Control: no-cache
Connection: close
Content-Type: text/html
w1.hmetro.com.my/myMetro/articles/Pelacurjalanancilik/pix_gal2?harianmetro
34.87.14.30503 Service Unavailable 0 B URL HTTP/1.0 w1.hmetro.com.my/myMetro/articles/Pelacurjalanancilik/pix_gal2?harianmetro
IP 34.87.14.30:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /myMetro/articles/Pelacurjalanancilik/pix_gal2?harianmetro HTTP/1.1
Host: w1.hmetro.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.0 503 Service Unavailable
Cache-Control: no-cache
Connection: close
Content-Type: text/html
w1.hmetro.com.my/myMetro/articles/Pelacurjalanancilik/pix_gal3?harianmetro
34.87.14.30503 Service Unavailable 0 B URL HTTP/1.0 w1.hmetro.com.my/myMetro/articles/Pelacurjalanancilik/pix_gal3?harianmetro
IP 34.87.14.30:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /myMetro/articles/Pelacurjalanancilik/pix_gal3?harianmetro HTTP/1.1
Host: w1.hmetro.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
HTTP/1.0 503 Service Unavailable
Cache-Control: no-cache
Connection: close
Content-Type: text/html
sc.tynt.com/script/sc/a6AIeU7GCr4P2Oacwqm_6r.js
104.18.36.173200 OK 0 B URL HTTP/2 sc.tynt.com/script/sc/a6AIeU7GCr4P2Oacwqm_6r.js
IP 104.18.36.173:0
GET /script/sc/a6AIeU7GCr4P2Oacwqm_6r.js HTTP/1.1
Host: sc.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gempaqgiler.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 03:16:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
status: 200 OK
x-rack-cache: fresh
cache-control: max-age=86400, public, s-maxage=172800
last-modified: Fri, 25 Nov 2022 15:08:23 GMT
x-xss-protection: 1; mode=block
x-request-id: 63ea0f64-6ede-479f-ac45-37bea0682fd3
x-content-digest: 310650b3c8fb6e52713116c6812ae354fbd0eb01
x-runtime: 0.002748
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Sun, 27 Nov 2022 02:48:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63644
server: cloudflare
cf-ray: 770ff24a2eef0b02-OSL
X-Firefox-Spdy: h2