r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5685
Expires: Fri, 23 Sep 2022 04:26:25 GMT
Date: Fri, 23 Sep 2022 02:51:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 999cba3a77eef9ee50947f38c9ee6c5d
818310602249f4512f252835c27e62914f39d584
3e2af0de9417181121ad7f17ea3c4921afbe84c9beb5f2bd5287c3cec3d4a9c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E2AF0DE9417181121AD7F17EA3C4921AFBE84C9BEB5F2BD5287C3CEC3D4A9C6"
Last-Modified: Thu, 22 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3507
Expires: Fri, 23 Sep 2022 03:50:07 GMT
Date: Fri, 23 Sep 2022 02:51:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bMYsju1lDkEMs2TQS_UCn81hlW8HOAVPpeQAkW528B5b4z7BdbjdnQ==
age: 80187
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ee2d5b0ebe053631642b3a700c32780c
47287aa96bcbd5398119f99ae8df7902935be6e8
cf82d391fe099a64182025187d8fe6fdd01b35f900f90eddfb1b9e75166df39f
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: 8ztDdJGQF5fo2cDyBVJvU_6UZGf3D4CxSserD6STBKMTVIt9xuok6g==
content-encoding: gzip
via: 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 02:38:53 GMT
age: 768
content-type: application/json
content-length: 41711
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 02:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PwExZqcTJYj_MQu2v5qIfsQ7UgUrO4Fev3xPNNNdymdFKLPss_DB3Q==
Age: 2254
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 02:51:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 02:03:22 GMT
Expires: Fri, 23 Sep 2022 02:14:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eI3JenX2Eo1Iv6_7jIYjrzQAElJh-f-iScor43sO7XRhN_3KTSnTaQ==
Age: 2899
aans1.blogspot.com/2015/05/murid-lelaki-di-denda-guru-pakai.html
142.250.74.161200 OK 16 kB URL HTTP/1.1 aans1.blogspot.com/2015/05/murid-lelaki-di-denda-guru-pakai.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5005)
Hash 74b240f4c47cd05c88b9bae1cc0873ca
af0324d1a51af03efd85b948f7881ff91a9e0c31
af4a681f73c3568c53b58117747e11eacf8b8c16fae92f41eb2948cd1eed0acf
Analyzer Verdict Alert fortinet Phishing
GET /2015/05/murid-lelaki-di-denda-guru-pakai.html HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 23 Sep 2022 02:51:41 GMT
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 16 Aug 2022 07:47:14 GMT
ETag: W/"9a69969997d9527f1d75c8c753d1afaea22af39dfc9dd3b08ca22f068ba32051"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16328
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:41 GMT
Last-Modified: Fri, 23 Sep 2022 01:57:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
w.sharethis.com/button/buttons.js
54.230.111.78301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/buttons.js
IP 54.230.111.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 23 Sep 2022 02:51:41 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/buttons.js
X-Cache: Redirect from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZX2U97JEBVvdU8_WoenrMQKruP-E5Ur5Vd5d6jKud4Qlo6Kqf6WGCA==
fonts.googleapis.com/css?family=Josefin+Slab
216.58.211.10200 OK 295 B URL HTTP/1.1 fonts.googleapis.com/css?family=Josefin+Slab
IP 216.58.211.10:0
Hash 8d74fecd94bb3a255c2603538ea257a1
7021cec753ddbcfbd2ba682610c769dd30e837b4
aa1d0524faaaa495bc15a6c3b66679288e1243f4ca5e34294631fb5ed5502ba0
GET /css?family=Josefin+Slab HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 23 Sep 2022 02:51:41 GMT
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 20362
Date: Fri, 23 Sep 2022 02:51:41 GMT
Expires: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "5f35d22782378ad2"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
w.sharethis.com/button/buttons.js
54.230.111.78200 OK 26 kB URL HTTP/2 w.sharethis.com/button/buttons.js
IP 54.230.111.78:0
File type ASCII text, with very long lines (998)
Hash 1e9f2232bb57b7ff3572ae16e83f257b
a9c8dd03eb658dc27be9ce0c4b4e7554350a66ae
e6b3b7a72fc3d7a572cd1727f3bb2bd2a9bc52838cc60e70d510a657ef1b7119
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://aans1.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 26307
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Tue, 20 Sep 2022 03:29:44 GMT
cache-control: max-age=259200
expires: Fri, 23 Sep 2022 03:29:44 GMT
etag: W/"62bdf23a-19615"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IfnCIa9ZZm4ptXcQhuBRR-KO7KVb1EdT7LLVw4whWRgHKylQUN9apQ==
age: 256917
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aans1.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 aans1.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/2015/05/murid-lelaki-di-denda-guru-pakai.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 23 Sep 2022 02:51:41 GMT
Expires: Fri, 30 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 22 Sep 2022 22:52:15 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 95d227d5e58731a635b75e4eb5545395
7e39083ef4ee03d2d880fdc9a3d0bb4f46c0ebdc
ee65f3f753657302d673ce83d11e9749b92dfedf48b81dad3fdc5fa3c305227b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 95d227d5e58731a635b75e4eb5545395
7e39083ef4ee03d2d880fdc9a3d0bb4f46c0ebdc
ee65f3f753657302d673ce83d11e9749b92dfedf48b81dad3fdc5fa3c305227b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.padstm.com/?id=292517
139.45.197.238302 Moved Temporarily 138 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /?id=292517 HTTP/1.1
Host: go.padstm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 23 Sep 2022 02:51:41 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.padsdel.com/?id=292517
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
go.padstm.com/?id=292519
139.45.197.238302 Moved Temporarily 138 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /?id=292519 HTTP/1.1
Host: go.padstm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 23 Sep 2022 02:51:41 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.padsdel.com/?id=292519
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 17:23:11 GMT
expires: Thu, 21 Sep 2023 17:23:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 20 Sep 2022 21:55:54 GMT
content-type: text/css
age: 120510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
142.250.74.105200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 08:22:29 GMT
expires: Fri, 22 Sep 2023 08:22:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 20:54:01 GMT
content-type: text/javascript
age: 66552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 95d227d5e58731a635b75e4eb5545395
7e39083ef4ee03d2d880fdc9a3d0bb4f46c0ebdc
ee65f3f753657302d673ce83d11e9749b92dfedf48b81dad3fdc5fa3c305227b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/1.1 www.blogger.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 162
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 18:43:36 GMT
Expires: Wed, 28 Sep 2022 18:43:36 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 21 Sep 2022 13:53:25 GMT
Content-Type: image/gif
Age: 115685
www.blogger.com/static/v1/widgets/1416043673-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 174608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 95d227d5e58731a635b75e4eb5545395
7e39083ef4ee03d2d880fdc9a3d0bb4f46c0ebdc
ee65f3f753657302d673ce83d11e9749b92dfedf48b81dad3fdc5fa3c305227b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg
142.250.74.161200 OK 122 kB URL HTTP/1.1 1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 851x315, components 3\012- data
Size 122 kB (121948 bytes)
Hash fdb16fd9d11da34115a3d36756ec2cd8
88f5eff84192079db87a49713aadc38e498e080c
b24bc09a6345b5ff13f8ed35497ae71ecb464dbde6470fdb6ff9a409d7cdd59a
GET /-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v28d3"
Expires: Sat, 24 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="12.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 02:51:41 GMT
Server: fife
Content-Length: 121948
X-XSS-Protection: 0
1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg
142.250.74.161200 OK 194 kB URL HTTP/1.1 1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1500x500, components 3\012- data
Size 194 kB (194499 bytes)
Hash 0fa92c86b3eda00830d8bdf4241ca997
df18a5b62d190a3d5e20577ff40eae4046d9e9c2
5610b5ea3ee9980442e7ecb7f199e6fb7c9dc28dea4c83502d7badbe76cc53a1
GET /-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v29a9"
Expires: Sat, 24 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="FotorCreated.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 02:51:41 GMT
Server: fife
Content-Length: 194499
X-XSS-Protection: 0
go.padsdel.com/?id=292519
139.45.197.239200 OK 8 B URL HTTP/1.1 go.padsdel.com/?id=292519
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
Analyzer Verdict Alert fortinet Malware
GET /?id=292519 HTTP/1.1
Host: go.padsdel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 02:51:41 GMT
Content-Type: application/octet-stream
Content-Length: 8
Connection: keep-alive
go.padsdel.com/?id=292517
139.45.197.239200 OK 8 B URL HTTP/1.1 go.padsdel.com/?id=292517
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
Analyzer Verdict Alert fortinet Malware
GET /?id=292517 HTTP/1.1
Host: go.padsdel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 02:51:41 GMT
Content-Type: application/octet-stream
Content-Length: 8
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 249240b787aedd343b539120f942664c
8cfa8b9df54bf404c4a2e2f73986cb631de766b8
37eea82017a2739c12962a6917a54541f38d9292963949cdf61a52df901b8eaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 082af8f6ad7e453a93dd3d1e0ed74005
a768614da451435f22b8f19a0cd4977c48a639ce
f53c36c80f6af2bb427ea6b9d34dd82f8dbcf05d23b92d78ce6372af3a46d57c
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 07:12:08 GMT
expires: Thu, 21 Sep 2023 07:12:08 GMT
cache-control: public, max-age=31536000
age: 157173
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif
142.250.74.161200 OK 354 B URL HTTP/1.1 4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash 63518cf04cae6c58308feb72ea17aeb4
899fbaf9f628bc09483dbca246f580596beb8378
c33b76e5a92e675fbef817c95a1414f9b9a661d46f6e66b9eb58b05679d69fd5
GET /-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v248c"
Expires: Sat, 24 Sep 2022 02:51:41 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="subcribe thesis.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 02:51:41 GMT
Server: fife
Content-Length: 354
X-XSS-Protection: 0
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lrcTo+oWzLvSn6MzYbiW6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IAyCPjqtIkbcdNbqW5lRrhfuu5I=
www.clicksasia.com/openx/www/delivery/inline.js
185.38.110.121200 OK 47 B URL HTTP/1.1 www.clicksasia.com/openx/www/delivery/inline.js
IP 185.38.110.121:0
Hash 511b5d4a2aef166d9dc32d1c02c07ac9
0f1a044a15467fcd79f0eed930ef3089093724e4
8bc7dba4bd487ef7bf47ad5e54a2eb55618d75518d5f98c8eb83a9901ac05f38
GET /openx/www/delivery/inline.js HTTP/1.1
Host: www.clicksasia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 02:51:42 GMT
Content-Length: 47
aans1.blogspot.com/feeds/posts/default/-/Babi?alt=json-in-script&callback=related_results_labels&max-results=17
142.250.74.161200 OK 21 kB URL HTTP/1.1 aans1.blogspot.com/feeds/posts/default/-/Babi?alt=json-in-script&callback=related_results_labels&max-results=17
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (65492)
Hash 0986d96040b9ecb1115d6cce9565f4ce
ad433d2d9428a953a6ad9cd6dd00f27ebc69d310
1ef5b9d84854559681f623723add988fafc3ee13ab3b710894a1e1d950fae4c3
GET /feeds/posts/default/-/Babi?alt=json-in-script&callback=related_results_labels&max-results=17 HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/2015/05/murid-lelaki-di-denda-guru-pakai.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"f26d06ff3e522341a9f74b478ec6297fbae435ae616ed6b954a8bab6dd559cc0"
Date: Fri, 23 Sep 2022 02:51:41 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Fri, 23 Sep 2022 02:51:42 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 16 Aug 2022 07:47:14 GMT
Content-Encoding: gzip
Content-Length: 20728
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1f9daefe44106bcca2c8d0c932e4ff66
4a5304b1a24965b562a3c20b0f5debb473ca144b
f694532748381e1903bc227972dbc3d70916d50d4dac53e732432d22445e04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
developers.google.com/
142.250.74.14301 Moved Permanently 0 B IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 6ebfaccc57f107a8d8d548fc1be7da5c
Date: Fri, 23 Sep 2022 02:51:42 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww62.clicksasia.com/
76.223.26.96200 OK 4.4 kB IP 76.223.26.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2482)
Hash f3a10bdbd1c66c82924f200333e24a18
7c8f6f87b325d2702b8b9afca8bbe3e62773ddea
f8c4c8af7a7f3dbbdeeb5388c292db43578b93c1e94d86d024ad338da37dc221
GET / HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:51:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_nD0VNxc45Id713Tg5BXSGeg7G+0pDnMw7Dqpe/lKPDVDggHQKqR0QYzysJYqT3Fe559gdwyM55G4aud514cChw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash c40dd7276046c939c15420a061967d2f
393f14cdd1a9a61e12cb9b9ef3890457e76817e4
e999f2dd59f541c3e01e7c6b9c45829b5bdc11348bb923f48437d0b7f4dfde68
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 02:51:42 GMT
Last-Modified: Fri, 23 Sep 2022 01:05:12 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FdopuI2-dj5AnCRaDgA6nWoSD1LyzxF2t1aF3trgIgaUf9mzDfMHuQ==
Age: 6390
d38psrni17bvxu.cloudfront.net/themes/assets/style.css
54.230.245.130200 OK 343 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/style.css
IP 54.230.245.130:0
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 22 Sep 2022 09:14:25 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HGYQxaVtg6WjUCk5FnUC73Re8my-o90Ud14nMZmCqeogiYuj2nbkwA==
Age: 63437
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
54.230.245.130200 OK 580 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
IP 54.230.245.130:0
Hash b9f539b0058b3916aad60a6b50a6b662
1a28bfde5267b2ac4c6de028c3d01ff4d84dbf29
35cc39ab61d8326d0b0105a4420b11f4106685a0d67d609454ef4ef252c48b7b
GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 22 Sep 2022 09:14:25 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Content-Encoding: gzip
ETag: W/"62b4441b-555"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1iWF7rXy5NBLqeXqvkhbPjMSG6s8kUIp28MlBEjAAStyEBV2_JOITw==
Age: 63437
d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
54.230.245.130200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
IP 54.230.245.130:0
File type ASCII text, with very long lines (316)
Hash cce7f943ec8e7b4ba13be4aba6b463d9
220f3e8ca723daa91fd040cf518991a65f2bf110
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
GET /scripts/js3caf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7000
Connection: keep-alive
Server: nginx
Date: Thu, 22 Sep 2022 09:14:25 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Accept-Ranges: bytes
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AlEczgdaoRPvi44w3EnVJdD5PDEL0mRZ_jmL02RRDv4etF-cdgjquA==
Age: 63437
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2aaec9cbe28343d60597d0371f8ed16b
4456dfef025ab6be775cf3fec5afb553dbfe28d7
7e2ae8341c557e5f590cab1a3ba0d1207ad4a039729b7552b48b40dbb6fc53c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76d864cfc049e2aae6e76c6b9938129b
7be00d318e3b4c471a3ff78649c43fb463d74e4d
e1bf1a5d98bed31391e289c0f111aaca5ed5c998a221465f7099f1323bd51c5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1663901501242.91484&hostname=aans1.blogspot.com&location=%2F2015%2F05%2Fmurid-lelaki-di-denda-guru-pakai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F05%2Fmurid-lelaki-di-denda-guru-pakai.html&title=MURID%20LELAKI%20DI%20DENDA%20GURU%20PAKAI%20TELEKUNG%20UNDANG%20KEBONGIHAN%20MASYARAKAT%20SETEMPAT%20TERJAWAP&sop=false&description=%20%20%20%20Demikian%20status%20Facebook%20yang%20dimuat%20naik%20oleh%20seorang%20wanita%20bernama%20Liyana%20Azman%20yang%20berang%20dengan%20tindakan%20seorang%20pendidik%20yang%20mem...&description=%20%20%20%20Demikian%20status%20Facebook%20yang%20dimuat%20naik%20oleh%20seorang%20wanita%20bernama%20Liyana%20Azman%20yang%20berang%20dengan%20tindakan%20seorang%20pendidik%20yang%20mem...&img_pview=true
52.57.102.63204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1663901501242.91484&hostname=aans1.blogspot.com&location=%2F2015%2F05%2Fmurid-lelaki-di-denda-guru-pakai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F05%2Fmurid-lelaki-di-denda-guru-pakai.html&title=MURID%20LELAKI%20DI%20DENDA%20GURU%20PAKAI%20TELEKUNG%20UNDANG%20KEBONGIHAN%20MASYARAKAT%20SETEMPAT%20TERJAWAP&sop=false&description=%20%20%20%20Demikian%20status%20Facebook%20yang%20dimuat%20naik%20oleh%20seorang%20wanita%20bernama%20Liyana%20Azman%20yang%20berang%20dengan%20tindakan%20seorang%20pendidik%20yang%20mem...&description=%20%20%20%20Demikian%20status%20Facebook%20yang%20dimuat%20naik%20oleh%20seorang%20wanita%20bernama%20Liyana%20Azman%20yang%20berang%20dengan%20tindakan%20seorang%20pendidik%20yang%20mem...&img_pview=true
IP 52.57.102.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1663901501242.91484&hostname=aans1.blogspot.com&location=%2F2015%2F05%2Fmurid-lelaki-di-denda-guru-pakai.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F05%2Fmurid-lelaki-di-denda-guru-pakai.html&title=MURID%20LELAKI%20DI%20DENDA%20GURU%20PAKAI%20TELEKUNG%20UNDANG%20KEBONGIHAN%20MASYARAKAT%20SETEMPAT%20TERJAWAP&sop=false&description=%20%20%20%20Demikian%20status%20Facebook%20yang%20dimuat%20naik%20oleh%20seorang%20wanita%20bernama%20Liyana%20Azman%20yang%20berang%20dengan%20tindakan%20seorang%20pendidik%20yang%20mem...&description=%20%20%20%20Demikian%20status%20Facebook%20yang%20dimuat%20naik%20oleh%20seorang%20wanita%20bernama%20Liyana%20Azman%20yang%20berang%20dengan%20tindakan%20seorang%20pendidik%20yang%20mem...&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Fri, 23 Sep 2022 02:51:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
216.58.207.237200 OK 4.7 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2267)
Hash 6d52d4a1e558e6d567866415473870f2
0291c1c49f12d1058db3bbc45aa2fc688e981da5
7518543df1358d0f452dec57061331107c383db67f81e702bfa0ef43bcc5ea3f
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Sep 2022 02:51:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-WlLMP33kiGEHUU188ujoWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1885)
Hash 38b7a74763374b7c665154f765b88d05
beaeb6acd81e6ddd03a4991360a85112051e808a
36f8144232a602fb84cb693d74ad45e9ad4f845402a84ca31095201f3aea208c
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Fri, 23 Sep 2022 02:51:42 GMT
Expires: Fri, 23 Sep 2022 02:51:42 GMT
Cache-Control: private, max-age=3600
ETag: "3662768451283186237"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76d864cfc049e2aae6e76c6b9938129b
7be00d318e3b4c471a3ff78649c43fb463d74e4d
e1bf1a5d98bed31391e289c0f111aaca5ed5c998a221465f7099f1323bd51c5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2861
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 02:51:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2861
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 02:51:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2861
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 02:51:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2861
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 02:51:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 634db5bfe2b27e608c3f3518b0c44ebb
06f5f63e681d711bd68626805c5dd2b902ebf9cf
935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13000
x-amzn-requestid: 7b2f1a90-cedc-403b-bdb0-f763b5bef824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2VOWGHXIAMFzXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c025b-74a08e472ef8b1227c0447e3;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l_CJpV9GPUzzbt8msOu-qQdwK9-vP5S-nHsgRPpwbue0Mf6FiBrEQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
content-type: image/jpeg
age: 26142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22173527a1bc9b264170aaa07491248
944c0453511761e101cb9e50ba8af7545e32e357
c04b0975162a54e0afc5ae4a863f8e8393415d455e8f7ff3fc67a47868e09ec0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4947
x-amzn-requestid: 2d8325c6-7564-4fab-86ad-75bc44451ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzHtOFNXoAMF5iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab987-30ba7b1d6088630236d03486;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:13:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3NJdOO87M_on7FBlPCczqwUtjsq75kEXAxq9CcsiHDvuaUDCYhd9LQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:08:23 GMT
age: 17000
etag: "944c0453511761e101cb9e50ba8af7545e32e357"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e125802119a2737820b343c4e9ecfb6
30ccc2dd2597b5b720d66c960ee8bd63c7115630
90cce372b2b8c89569fffc55de468bfc7cd4b7454ae7c55c48b7a846506b576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11059
x-amzn-requestid: 65fe1c05-a158-4ac2-8368-f26da119ef68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcDTgGV4oAMF0iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217f49-74fc5c511bee36fd11d6d2eb;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:14:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8k-1BHGHnBYSNqKWsRvVt8MpglKJ4eodtFakTTnr7ZzqSpP8iJWqVA==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:57:54 GMT
age: 14029
etag: "30ccc2dd2597b5b720d66c960ee8bd63c7115630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 17218
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff021fa15adb0d3a24158bc00cf0980a
265d3e98bcbf5f14f214102279a7911d6fd64048
211d709fb1851a62f856a78e3b115ef816f78ab9a28f870d48fa3d1912eac16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6505
x-amzn-requestid: bc9cc556-8897-4484-ac07-f18e4f5250ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvrfiFl4oAMF_Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295930-7a627b7d7683919e41ca599b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNlx91pOuttpN-IrQs_g-PRI8C_NmZDKdnOpfayCJ719fa6FwnOIGg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 02:01:19 GMT
age: 3024
etag: "265d3e98bcbf5f14f214102279a7911d6fd64048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2bbb3856eeac20d0ee556c96144bf6c
76ac1f33cd006227162e12e7142e754562bec0c0
1e3f6551d401346b6d809d8feb9b36a9e0006f99f518d1130aa9bd630bfb6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12538
x-amzn-requestid: 2ae96766-6999-44ec-8084-a19d26b3e118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOHYFIAMFXYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-060b96fa5fc99e79711bde3f;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Thglq7Lwby4LEkD9ShUBLutHUBhdvl9ErgTSqorJw5ZOzD6Gr8hqNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 02:03:05 GMT
age: 2918
etag: "76ac1f33cd006227162e12e7142e754562bec0c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.130200 OK 11 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.130:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Thu, 22 Sep 2022 09:14:25 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M85NBb-7svq2Z-szDuq4EWYjjb9is0V3YEp9rOXDIK10PNYy__6MsQ==
Age: 63438
ww62.clicksasia.com/favicon.ico
76.223.26.96200 OK 0 B URL HTTP/1.1 ww62.clicksasia.com/favicon.ico
IP 76.223.26.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:51:43 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ww62.clicksasia.com/track.php?domain=clicksasia.com&toggle=browserjs&uid=MTY2MzkwMTUwMi42MTY2OjZmYTYwMTY4OTdlOGU1YzE0ZTJkZjE4NDBhNDU1OGQ2YjdkMTMyMWQ2OTJkZTIyYjJmZDVmYzZhNDRkYjYyM2M6NjMyZDFmM2U5NjhiNg%3D%3D
76.223.26.96200 OK 20 B URL HTTP/1.1 ww62.clicksasia.com/track.php?domain=clicksasia.com&toggle=browserjs&uid=MTY2MzkwMTUwMi42MTY2OjZmYTYwMTY4OTdlOGU1YzE0ZTJkZjE4NDBhNDU1OGQ2YjdkMTMyMWQ2OTJkZTIyYjJmZDVmYzZhNDRkYjYyM2M6NjMyZDFmM2U5NjhiNg%3D%3D
IP 76.223.26.96:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=clicksasia.com&toggle=browserjs&uid=MTY2MzkwMTUwMi42MTY2OjZmYTYwMTY4OTdlOGU1YzE0ZTJkZjE4NDBhNDU1OGQ2YjdkMTMyMWQ2OTJkZTIyYjJmZDVmYzZhNDRkYjYyM2M6NjMyZDFmM2U5NjhiNg%3D%3D HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:51:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww62.clicksasia.com/ls.php
76.223.26.96201 Created 0 B URL HTTP/1.1 ww62.clicksasia.com/ls.php
IP 76.223.26.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ls.php HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2178
Origin: http://ww62.clicksasia.com
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 201 Created
Date: Fri, 23 Sep 2022 02:51:43 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 632d1f3f02cd40580e7a9514
Charset: utf-8
Access-Control-Allow-Origin: http://ww62.clicksasia.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_X+4+vvswGrAJDWs/k4sIU2sq1AuaVG1t73ojQE86oP1HBV8DwOZuFog+nyTNSA54trwW9Qg4Xl4q33YopkvaaQ==
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2737784835408106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=8661663901502965&num=0&output=afd_ads&domain_name=ww62.clicksasia.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1663901502966&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&uio=--&cont=tc&jsid=caf&jsv=475283328&rurl=http%3A%2F%2Fww62.clicksasia.com%2F&referer=http%3A%2F%2Faans1.blogspot.com%2F&adbw=master-1%3A530
142.250.74.164200 OK 2.0 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2737784835408106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=8661663901502965&num=0&output=afd_ads&domain_name=ww62.clicksasia.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1663901502966&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&uio=--&cont=tc&jsid=caf&jsv=475283328&rurl=http%3A%2F%2Fww62.clicksasia.com%2F&referer=http%3A%2F%2Faans1.blogspot.com%2F&adbw=master-1%3A530
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5456)
Hash 479561bb5b3f84694638a8ec385f938a
6026db7373f812f8a806504d2567fd89119d1750
d1537c44720d634414da5705e2e371e2ecbaa684ea3a452eed6b479b917abc4d
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2737784835408106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=8661663901502965&num=0&output=afd_ads&domain_name=ww62.clicksasia.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1663901502966&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&uio=--&cont=tc&jsid=caf&jsv=475283328&rurl=http%3A%2F%2Fww62.clicksasia.com%2F&referer=http%3A%2F%2Faans1.blogspot.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Fri, 23 Sep 2022 02:51:43 GMT
expires: Fri, 23 Sep 2022 02:51:43 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 2019
x-xss-protection: 0
set-cookie: NID=511=NQQBAef0vBabdBpPUImcJrQSlAqEi5pxMnqLxu1iN7dLA_xfKxUFiB1m_M8VZy5IZRcUuUHDkwWdJkfnfmEFnSY-aufiJBlSzzSyXwWEGU3t9sOlm7cSrXn7Crxpne6uExfZOkB7hvD9wkxv6IC03IMn6vBL_89f3NCrvGdUBNc; expires=Sat, 25-Mar-2023 02:51:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+281; expires=Sun, 22-Sep-2024 02:51:43 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e163c7149996bc42837a90494321d2a
d4da33dcbd188b93a0c24200b61d264fe0768628
b57307ad9901b41f5403f1108939655805c4b3eb8d598ad20da9dadc6f54208f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ww62.clicksasia.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
142.250.74.98200 OK 187 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww62.clicksasia.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 9e920a82725d8793ebe2493ad30cbd2c
2b37e0915e91e5bf34387518d28ecccadb29328e
be60ed3b6a062483649ca8c43555bd90b91900a4b59d8b3b48252e0803d532cb
GET /gampad/cookie.js?domain=ww62.clicksasia.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 02:51:43 GMT
server: cafe
cache-control: private
content-length: 187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e163c7149996bc42837a90494321d2a
d4da33dcbd188b93a0c24200b61d264fe0768628
b57307ad9901b41f5403f1108939655805c4b3eb8d598ad20da9dadc6f54208f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
142.250.74.1200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP 142.250.74.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash bbbac37f0b6e29a6099e4aa7cb19d6ca
0acafe95e2141f0af6109203efeb2d98e6b926c6
a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:38:30 GMT
expires: Fri, 23 Sep 2022 15:38:30 GMT
cache-control: public, max-age=82800
age: 36793
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.1200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:02:45 GMT
expires: Fri, 23 Sep 2022 05:02:45 GMT
cache-control: public, max-age=82800
age: 74938
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 02:51:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww62.clicksasia.com/track.php?domain=clicksasia.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2MzkwMTUwMi42MTY2OjZmYTYwMTY4OTdlOGU1YzE0ZTJkZjE4NDBhNDU1OGQ2YjdkMTMyMWQ2OTJkZTIyYjJmZDVmYzZhNDRkYjYyM2M6NjMyZDFmM2U5NjhiNg%3D%3D
76.223.26.96200 OK 20 B URL HTTP/1.1 ww62.clicksasia.com/track.php?domain=clicksasia.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2MzkwMTUwMi42MTY2OjZmYTYwMTY4OTdlOGU1YzE0ZTJkZjE4NDBhNDU1OGQ2YjdkMTMyMWQ2OTJkZTIyYjJmZDVmYzZhNDRkYjYyM2M6NjMyZDFmM2U5NjhiNg%3D%3D
IP 76.223.26.96:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=clicksasia.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2MzkwMTUwMi42MTY2OjZmYTYwMTY4OTdlOGU1YzE0ZTJkZjE4NDBhNDU1OGQ2YjdkMTMyMWQ2OTJkZTIyYjJmZDVmYzZhNDRkYjYyM2M6NjMyZDFmM2U5NjhiNg%3D%3D HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
Cookie: __gsas=ID=aafa42b7e1a95af2:T=1663901503:S=ALNI_Maem9xwoy7UayPX-7W6zyFlV6Kdjw
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 02:51:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
2.bp.blogspot.com/-Wj5PedX-Zoo/VWlzw1KdrII/AAAAAAAAk_0/tLnR2i-tO90/s1600/1.png
142.250.74.161200 OK 0 B URL HTTP/1.1 2.bp.blogspot.com/-Wj5PedX-Zoo/VWlzw1KdrII/AAAAAAAAk_0/tLnR2i-tO90/s1600/1.png
IP 142.250.74.161:0
GET /-Wj5PedX-Zoo/VWlzw1KdrII/AAAAAAAAk_0/tLnR2i-tO90/s1600/1.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v93fe"
Expires: Sat, 24 Sep 2022 02:51:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 02:51:42 GMT
Server: fife
Content-Length: 299652
X-XSS-Protection: 0
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 23 Sep 2022 02:51:43 GMT
expires: Fri, 23 Sep 2022 02:51:43 GMT
cache-control: private, max-age=3600
etag: "12069782285758379487"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2