r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Thu, 01 Dec 2022 02:04:03 GMT
Date: Thu, 01 Dec 2022 01:23:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3068
Cache-Control: max-age=122362
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:22:27 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 01:19:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 200
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19644
Expires: Thu, 01 Dec 2022 06:50:29 GMT
Date: Thu, 01 Dec 2022 01:23:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dZjgEvNNVVgVkQ6M+eNHctZOkxo0Jm5nijL9ENm2+FBnNLNWNnuIOgqAqyOgjk0oIV6VLNalNPc=
x-amz-request-id: VRG7A270ZSEQXFDF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 00:46:04 GMT
age: 2221
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 01:23:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
172.217.21.161200 OK 42 kB URL HTTP/1.1 rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11231)
Hash 41d7c319de35e74ec138104c294259f9
e4257c4dc7dcbcbbd7b217aeaedb357a4b0daac1
e180db88816b3f11bde5e55fceac50c3ddb862b1148760ed05dec263633a4b90
GET /2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 2022 01:23:05 GMT
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"13a0adab9dd1a903bf9ff0aa9b94a33d91fcb7608bedfc77dca457027d7e9a97"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 41574
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 01:11:15 GMT
cache-control: public,max-age=3600
age: 710
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b1a5da6636cd444028100566c55137cd
0c50a145e941e1aa6e3e2dede461248c67a789a2
bd83c87b7f38d37a7b443b4b7aa7f34b6c127070b332ac4f34d16aa17c6e301a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 663d7a15e6575b4513f2f419c6c7c091
c8a76ecc119f9b4b81a192720713377d2e521b34
ee7ad65e8b239c9f51bab0e58e8495bc6bc7144e40f55503f1084da047462ef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11020, version 1.0\012- data
Hash a59072f933169d3f2db497f44ca4cbbe
5789e81a66958aabc7590c1ddd41058335636027
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:29:51 GMT
expires: Fri, 24 Nov 2023 12:29:51 GMT
cache-control: public, max-age=31536000
age: 564794
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 663d7a15e6575b4513f2f419c6c7c091
c8a76ecc119f9b4b81a192720713377d2e521b34
ee7ad65e8b239c9f51bab0e58e8495bc6bc7144e40f55503f1084da047462ef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
216.58.207.238200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 01 Dec 2022 01:23:05 GMT
expires: Thu, 01 Dec 2022 01:23:05 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 296c86dea87871fb8e89905886fd3dd3
d189e6310de3a91f1a0f170951dde152fd1662fe
6e35257a071102c4b9dc18a86d27477284bbe97ec496066b3d1d6ada4d3c2919
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1133
Cache-Control: max-age=156409
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Etag: "6387bd85-116"
Expires: Fri, 02 Dec 2022 20:49:54 GMT
Last-Modified: Wed, 30 Nov 2022 20:31:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\012- data
Hash 15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:47 GMT
expires: Wed, 29 Nov 2023 15:42:47 GMT
cache-control: public, max-age=31536000
age: 121218
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 157176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
images03.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
23.36.79.8301 Moved Permanently 0 B URL HTTP/1.1 images03.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg HTTP/1.1
Host: images03.olx.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://images03.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
Cache-Control: max-age=0
Expires: Thu, 01 Dec 2022 01:23:05 GMT
Date: Thu, 01 Dec 2022 01:23:05 GMT
Connection: keep-alive
x-client-info: 91.90.42.154:50281
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 663d7a15e6575b4513f2f419c6c7c091
c8a76ecc119f9b4b81a192720713377d2e521b34
ee7ad65e8b239c9f51bab0e58e8495bc6bc7144e40f55503f1084da047462ef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl16755500.effectivegatetocontent.com/90/86/4c/90864c62ef21460f04f5706b43519352.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755500.effectivegatetocontent.com/90/86/4c/90864c62ef21460f04f5706b43519352.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /90/86/4c/90864c62ef21460f04f5706b43519352.js HTTP/1.1
Host: pl16755500.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Thu, 01 Dec 2022 01:23:05 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /0e247b08df0ac66b734889c8d0551184/invoke.js HTTP/1.1
Host: pl16755600.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Thu, 01 Dec 2022 01:23:05 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js HTTP/1.1
Host: pl16755512.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 01 Dec 2022 01:23:05 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 15 Nov 2022 08:01:55 GMT
ETag: "63734773-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_dxi5MWXw+Ehfp9wDk1OdpohyekXaGnAGbHM+g2gKbZOrLgUR4XmvsslY+eRMhEgsoPPvTrGuFnztdD9udBLvng
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=34.160.73.230;Path=/;Max-Age=86400;
country=US;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /0e247b08df0ac66b734889c8d0551184/invoke.js HTTP/1.1
Host: pl16755600.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Thu, 01 Dec 2022 01:23:06 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4buhNoYXPiJbhVr15H2ptQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ObO4mTnapRCC8ZSlHIddSSSwSwE=
images03.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
23.36.79.8301 Moved Permanently 111 B URL HTTP/2 images03.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 5b1271eb2b060e92e05a89fed83cb708
63d365f7f47461745e924f1c21ceed1dacf08824
2e51f463ed7500d96fcdfe4cc5a32087db4afdffb1c3766dd52622a9f72f005c
GET /ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg HTTP/1.1
Host: images03.olx.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/plain; charset=utf-8
content-length: 111
server: nginx/1.17.10
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
strict-transport-security: max-age=5184000; includeSubDomains
content-security-policy: frame-ancestors 'self'
location: https://www.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
cache-control: max-age=0
expires: Thu, 01 Dec 2022 01:23:06 GMT
date: Thu, 01 Dec 2022 01:23:06 GMT
set-cookie: lqonap=184cb47b8a6x2fda04be; Domain=.olx.co.id; Path=/; Expires=Thu, 01 Dec 2022 01:24:06 GMT
laquesis=pan-60601@b#pan-67471@b#road-10534@a; Domain=.olx.co.id; Path=/; Expires=Fri, 01 Dec 2023 01:23:06 GMT
lqstatus=1669858986; Domain=.olx.co.id; Path=/; Expires=Fri, 01 Dec 2023 01:23:06 GMT
ak_bmsc=580A68C83330610FC1B224BDA94B65CB~000000000000000000000000000000~YAAQBE8kF9kmSYaEAQAAarlHyxFHAABeEA8+gxCqFnTSGU0seLFJCw+jPOBFT5q7bciLdEVDlUsED6EFbsrIesCH0K+efvE0WdS5xDEE2JYMH7cuRZeWTTLmb8TSz2l929twwb7ROoLhChkv/KE9NFngcLLVDT+I9MBoeEL17J3UbXA7heQBgabVcdVvFng9qt3FkYDEDzS+7QvuxYLKtZIAksgKJIk1V2+dkzrqbDunGlDp5qN5X8kEJrufmOjddYWOIC73lXGFWC9FsqnxkzcDsSLeoqUNC8XHqWQuXVTap+eYlnZxF6+SkZkXzQ34ZxrrJ6nCblvjT0enD6qA8HpXYBq4gNzpPKecX8JMInciotryYQV0499A1dODBi8X4Ni7fkj6Mx8=; Domain=.olx.co.id; Path=/; Expires=Thu, 01 Dec 2022 03:23:05 GMT; Max-Age=7199; SameSite=None; Secure; HttpOnly
x-client-info: 91.90.42.154:50341
X-Firefox-Spdy: h2
www.creativefabrica.com/wp-content/uploads/2018/01/freebie-banners4-neon-04.png
104.22.77.232200 OK 9.4 kB URL HTTP/2 www.creativefabrica.com/wp-content/uploads/2018/01/freebie-banners4-neon-04.png
IP 104.22.77.232:0
File type PNG image data, 300 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0d92beee5a55bb3d0bdd9e092e5925af
0468f853aa6dbc4741c4943012e06c1c5150e5c2
5c504c2fc52023f7bd038619eeac92316ae56a5d230b861abcc851ab81caf587
GET /wp-content/uploads/2018/01/freebie-banners4-neon-04.png HTTP/1.1
Host: www.creativefabrica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:23:06 GMT
content-type: image/png
content-length: 9364
cf-bgj: imgq:100,h2pri
cf-polished: origSize=22835
etag: "5933-5639b551d4390"
last-modified: Thu, 25 Jan 2018 15:21:22 GMT
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 772803f9ae0f992a-ARN
X-Firefox-Spdy: h2
rellsafan.blogspot.com/feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5
172.217.21.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (15328)
Hash 866f29b37e42dc24efb6171d79e4d3a2
f959b3acb590a7e8d9fe2efc49a31bf6bd086a0c
efb1cb41d5719d6f3f971ccd121ee6a02ae8591508b8da33bd336870ee26500a
GET /feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: Blogger Render Server 1.0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 3981
X-Frame-Options: SAMEORIGIN
Date: Thu, 01 Dec 2022 01:23:06 GMT
Expires: Wed, 23 Nov 2022 22:54:36 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"d8becf70d5dcd73a3ae7c5db1590a5056df8c8b116649ca058c56a184c71684f"
Content-Type: text/javascript; charset=UTF-8
Age: 0
rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5
172.217.21.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5
IP 172.217.21.161:0
File type ASCII text, with very long lines (15984)
Hash 1cdc3903f7eb08d58dc54c78d5c9393a
cf1fe4117c981f0fc9c6eb26aac01d0a6f5a8998
70baeb6e45363a12f5e6bfed33811136be277cfdf7fd94b042dc0a4b9596422c
GET /feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: Blogger Render Server 1.0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 4136
X-Frame-Options: SAMEORIGIN
Date: Thu, 01 Dec 2022 01:23:06 GMT
Expires: Wed, 23 Nov 2022 22:54:36 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"7721df9ab301970a973f831c01b4893d0b963c5b3e48604992b1e4482ffb9efd"
Content-Type: text/javascript; charset=UTF-8
Age: 0
www.blogger.com/dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Dec 2022 01:23:06 GMT
last-modified: Thu, 01 Dec 2022 01:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rellsafan.blogspot.com/feeds/posts/summary/-/Cheat?alt=json-in-script&callback=bacaJuga&max-results=5
172.217.21.161200 OK 3.9 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Cheat?alt=json-in-script&callback=bacaJuga&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (14558)
Hash 2e09ad9b86a88a453812357d737e8319
edb0523089be5644ddf293b097365517bc18a60a
b8f82494d3bab5e1a90dfb8de0667c763264649fffec2c3e475bcbcb31d98209
GET /feeds/posts/summary/-/Cheat?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"65762166d06156f7d2582b1f1f5cc198068b69c707f00f352fbeab76b094c77d"
Date: Thu, 01 Dec 2022 01:23:06 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:07 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3930
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/default/-/Cheat?alt=json-in-script&callback=related_results_labels&max-results=5
172.217.21.161200 OK 3.9 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Cheat?alt=json-in-script&callback=related_results_labels&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (14572)
Hash 40e1b6aec966889575d202c7afbcbf46
54fa4bef3809b19d3555eec952d9ea06e103137b
082e366ab1535ec7e75c581f4b011b6a62a6e06ec16c95647e0ae8359251f759
GET /feeds/posts/default/-/Cheat?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"bb9684884a65153fea63a0e5160792ebea16c11c6975bed5b8c59fc8c6226dce"
Date: Thu, 01 Dec 2022 01:23:06 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:07 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3933
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/default/-/game?alt=json-in-script&callback=related_results_labels&max-results=5
172.217.21.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/game?alt=json-in-script&callback=related_results_labels&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (14665)
Hash 6c4dee970d41742a76491af515c7ea05
78caa25fabcf05f6d70feab63a71d51e1f0d0f5f
b99c736de2a2621aeb6962b6ceb20cb2b7c2a1651c5f688d8e573c6f802fdee0
GET /feeds/posts/default/-/game?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"39de8eac65595277aa5cc0369871b31daee7a58af943f7be9b28ace1837effc6"
Date: Thu, 01 Dec 2022 01:23:06 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:07 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4018
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 rellsafan.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 22:05:11 GMT
Expires: Tue, 06 Dec 2022 22:05:11 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 18:54:36 GMT
Content-Type: text/javascript
Age: 98275
rellsafan.blogspot.com/feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5
172.217.21.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (15342)
Hash b5294dc65fefa808770fb5868e3e9bef
8681c4b3fb66673067c0d458cece5361edde137c
3da0db389737e93a42f0a7bc6c3a13a777d5520f013b98701caeac60a243a06a
GET /feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"aef190eea3911cf70d8b806cdcff1349a263c72ad615c2c4f87d221de0eef754"
Date: Thu, 01 Dec 2022 01:23:06 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:07 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3982
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/summary/-/game?alt=json-in-script&callback=bacaJuga&max-results=5
172.217.21.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/game?alt=json-in-script&callback=bacaJuga&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (14651)
Hash 5295aa8cf44e5b24dd5cdddd7dd0d8a0
cd0eaed0082847aff2cae438a931cb20283e0d78
cae72dfb5ba99739fa92760007e145895fe9ae40e56b860eb0e0bc64a27dbaf8
GET /feeds/posts/summary/-/game?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"85f82d6b5f47c07826f2b518ff43a18055b42a8effa9474b904c00c1df1e0bd9"
Date: Thu, 01 Dec 2022 01:23:06 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:07 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4017
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5
172.217.21.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5
IP 172.217.21.161:0
File type ASCII text, with very long lines (15970)
Hash f374426557ca293487a5af9279adfac1
c889f3945476dc342887a1166512d9e6433d6acf
ba71a3e4541dcc0f99f852ea82a80ca2e73bf35ac212152e6076d1513702eaeb
GET /feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"7eb7d848ff99789d66970cf558ddb8af1ccbb77d495530df47192e4f349e8f38"
Date: Thu, 01 Dec 2022 01:23:06 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:07 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4136
X-Frame-Options: SAMEORIGIN
www.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
23.36.79.8200 OK 1.4 kB URL HTTP/2 www.olx.co.id/ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (492)
Hash 6ae05407d53ccce3ee24191f12388c51
87cc5fe1f83f03104f1ebf1ffd71d185b100d1ae
3c2109b8ea4722e6e16cbaec9227ba8cac7c7837d2639ddde44993880d2869e9
GET /ui/4/83/58/65547558_1-char-auditionayodance-telanai.jpg HTTP/1.1
Host: www.olx.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: ak_bmsc=580A68C83330610FC1B224BDA94B65CB~000000000000000000000000000000~YAAQBE8kF9kmSYaEAQAAarlHyxFHAABeEA8+gxCqFnTSGU0seLFJCw+jPOBFT5q7bciLdEVDlUsED6EFbsrIesCH0K+efvE0WdS5xDEE2JYMH7cuRZeWTTLmb8TSz2l929twwb7ROoLhChkv/KE9NFngcLLVDT+I9MBoeEL17J3UbXA7heQBgabVcdVvFng9qt3FkYDEDzS+7QvuxYLKtZIAksgKJIk1V2+dkzrqbDunGlDp5qN5X8kEJrufmOjddYWOIC73lXGFWC9FsqnxkzcDsSLeoqUNC8XHqWQuXVTap+eYlnZxF6+SkZkXzQ34ZxrrJ6nCblvjT0enD6qA8HpXYBq4gNzpPKecX8JMInciotryYQV0499A1dODBi8X4Ni7fkj6Mx8=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 01 Dec 2022 01:23:07 GMT
content-length: 1375
x-client-info: 91.90.42.154:50341
expires: Thu, 01 Dec 2022 01:23:07 GMT, 0
cache-control: max-age=0, no-cache, no-store, must-revalidate
set-cookie: _abck=4ABD80600BA2F346520A76DDBC17573A~-1~YAAQBE8kF94mSYaEAQAAx7xHywjVb5LIUkPf5hx9cvAJ6Z3uL9/2/iH+SlynKg5vkgzMDSaU2n6VKpV9MzN9mewm65NtIXPH5I1ZLG3MJvSI98g7Qh/yIIgZibHYvtaOQgkVEP10y9i3s/wEL5ibBlwuKR1IIE/XnQxMVDgKrx4xMHbQbQ81gnbB2Xq/pCcwQcsPETu5rMiROkZTMGZOI/1upOwwGROB6Qq7PELwB4ZJEyoo4KOsJaldJTqfZOpt9gTchusEsOTreaHWbBXNTiFjSjmM48BVDXqOVLIh5ufxcJ2+mThX+uXM48yBRTQWJ5B8x1uAS5z2xCIskUm3WggAivAwmBSHppudqqTZkTsq2Yg2Qhm1PU6MmiQ=~-1~-1~-1; Domain=.olx.co.id; Path=/; Expires=Fri, 01 Dec 2023 01:23:07 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=580A68C83330610FC1B224BDA94B65CB~000000000000000000000000000000~YAAQBE8kF98mSYaEAQAAx7xHyxGKi36l8UgGNRQ4YxDbXMjoVjqcX6Sgp8edHtbMsIFpRSP6M79YBhuSD/vhHiavJ9yz0NFLfgNah+zcuvPkt9t6t6/4qfVD4hmsRhLDtmwESsW0zL4OSmuLIeWzozX/7Z+lW54QFLeZ+l2WF5lu5eBnMfVW62ILLTT5kaoRFZXs6YQytvyEil8Bxh1SDr+VOgrwCDquajCD5MKM24nzL7oj+Nv2FK5yvri+wF79o2NvEGw1L4dfL/TcAgsWZk8xHXA0/+6+CAtuQAL3Qbq9CaqmKNijLHk94rCrrPanv7gnsBHCCx11sLpVADWZhgV6cjftAY+Nvd/pl70Vww23EVEJOEVklI6OsIHkmjXdOt7AS64gGsuq0bnnmKhIAbD++FmbVCRASarPV6BHPuFKxL/TZktf/JO5l38nfICCTmXivQY6DZup6mSLp+DvPAYcbI597HRO; Domain=.olx.co.id; Path=/; Expires=Thu, 01 Dec 2022 03:23:05 GMT; Max-Age=7198; SameSite=None; Secure; HttpOnly
bm_sv=A4E34734631060FDF5ECAC7313B846F9~YAAQBE8kF+AmSYaEAQAAx7xHyxEj5RpyS3DPHHpau6gFeQ8MKmBwlLkoPL7sHdA4X+GCchkbLzS706zrC+ci09FD/2vQgZShQKCFB19SjFawAgdoPzqdANwrrRnzkycCGL/vuRa7RVHyDINT1qTGN34wbqVolwvUyP/B0Nn3StVjzl9BgS0gLVdFPjzmomKJuoO9DjcAmPRwLlyWxlck+LnwXEZ3rw+nKI+z/K7Mx+Bzy/Q5T0dg7ylV+xJSrF0=~1; Domain=.olx.co.id; Path=/; Expires=Thu, 01 Dec 2022 03:23:07 GMT; Max-Age=7200; SameSite=None; Secure
bm_sz=7E9287568AB41FC7651604EFE00896CB~YAAQBE8kF+EmSYaEAQAAx7xHyxHmeQ536OKK6g5fatkgJyTEL3MPo26ENSgw6OeJSAcrEM8d/QEFWq3K/YNVH7v7oyR92x5sFRD1xNKYoz9aD5nbxX+lMuOr1xHscAdkvOH+3AsZcKBzKtMWkC1+pIuOrqWlrNMutiHA+6Z0di/YjR4Vr52VmSydQzR7aJCWqEWVAYjjPYz+PCoaLiQH3BTdb5s60cP9CX1Wxkt1RrobnXAAjfZq0NeQDwgva/0PZspWJ3fTlpoWoBf9kOZGkf5Ngl+0jMNANxWAucarPVD1Ww==~3749171~3422513; Domain=.olx.co.id; Path=/; Expires=Thu, 01 Dec 2022 05:23:07 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2
www.effectiveperformanceformat.com/f2740f8300aa3091803ddfa6c4ea7c46/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.effectiveperformanceformat.com/f2740f8300aa3091803ddfa6c4ea7c46/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
GET /f2740f8300aa3091803ddfa6c4ea7c46/invoke.js HTTP/1.1
Host: www.effectiveperformanceformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ceac06347fea8c975f57aaa7b1e05ba1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
172.217.21.161200 OK 2.2 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
IP 172.217.21.161:0
File type ASCII text, with very long lines (6167)
Hash 62cfc91b76f5cbc9e093ba7f1cfc9bc3
3724ab88aff47aa628d1efb854e19046badd33f9
cfc807f5f10f61f7158ff3de645d67de9671cff3701a2e6cbb53bfb387ef1978
GET /feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"73ac6bd1b619d5b37889cce0990cb0cd698a310b07b8b467d7ce7b81d64460ed"
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:08 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 2160
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 819f953b0edd066d30cf5847c5564d3c
12f3ea06c2a617db03caa556e37c1cb106d44f93
9794d926ccf993a8cd760c76077cf94f5b270633aff450e45934a5c8fd52d62d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133017
Date: Thu, 01 Dec 2022 01:23:07 GMT
Etag: "63875b15-1d7"
Expires: Fri, 02 Dec 2022 14:20:04 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:01 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 42dMHKcJxsZFz_i9CVVRWtfPO86spgASRkmWYowPlUTU8eST1fNpzA==
Age: 2943
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 89e35376d982a3e64847b798a014b6fb
60f7bc9b4455c0e63079eb3e483da5175e76b125
bd91c86a09ced7d02edff7291708cdc3aeb7842777c25c12c8b6d50ff72266ec
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:23:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://rellsafan.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Sun, 28 Nov 2032 01:23:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4182
Expires: Thu, 01 Dec 2022 02:32:49 GMT
Date: Thu, 01 Dec 2022 01:23:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4182
Expires: Thu, 01 Dec 2022 02:32:49 GMT
Date: Thu, 01 Dec 2022 01:23:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4182
Expires: Thu, 01 Dec 2022 02:32:49 GMT
Date: Thu, 01 Dec 2022 01:23:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37004182402c955f288eb1fa8df7aef4
01a07f9a5725f608fafeced7b3d1ebdbcb776c29
c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7957
x-amzn-requestid: 54f43d6b-cf41-4067-b459-6b8d98869354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PGgNIAMF2Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-069ac54c22797a511c69a220;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5et72pBhP9fdm4fNy6V5AJjs7B5N3HUGgaToNJV3LbA59D-0QDAMvw==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:31:51 GMT
age: 78676
etag: "01a07f9a5725f608fafeced7b3d1ebdbcb776c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 1a464872-7c15-42d3-a12a-f344adf99662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PHVUoAMFf4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-3f77f387752222b212d6e2a5;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XUcf5sxPRTQEOS_HWPDW5ioStuq1TPMKvKQSRi2kZI5TbTWEVKFfog==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:42:48 GMT
age: 78019
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5469e846da1e0f21cfc480f56a656a6
b3eaec75f854d22cd1dcd6aa42e37f6d0df50036
d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2382
x-amzn-requestid: 7279ff68-1e32-4c57-9b9d-f5803a19e8e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJYQuEmEIAMFkeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806d9e-2cf28dc150b53b9f3c60bb4c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:24:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UaUyc03Gw0P7G_7gjAyp-c3XxjIDbllO7lmG_8UWVCuBP4WgEgSydQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 14:26:41 GMT
age: 39386
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80e7af4c2331ee27460e67d6d84f5740
ce0321a9b4ea6b56f8d768796a16f26520654b50
a05bb542d7c711b71a7a9a857130acf888a6400f4eb32ff5df1a506a3f8591ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4542
x-amzn-requestid: 254467ba-82aa-4964-9e3b-04b2d79a43d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJWiqEQhIAMFnJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806add-2ad86b6031c6984c43f2741d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:12:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2J8Dkm4nUOgJfxXf1aXt3_z-mOmxeksWf0TbTp9mQXOjI1skSW7XJg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 02:00:33 GMT
age: 84154
etag: "ce0321a9b4ea6b56f8d768796a16f26520654b50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 23101
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42c762f71487f8e0285dd2129700f069
ec0fd74a981603e197df26c6fb79ef039f737557
8a40883d87b1e2c6e116e3cf881a8b39c987200a8556b651f78a376b3ddbaa26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8124
x-amzn-requestid: e000c0d5-82d0-41a8-8def-b36970226969
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0UqEd1oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdb7-27efd8c92b8f6e4f257cec3b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1GIxjB2nXfoxuqJHLtkXl4OJT_Po5DJA_w26E2K8WOmm_PZw1qU3IQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:19:35 GMT
etag: "ec0fd74a981603e197df26c6fb79ef039f737557"
content-type: image/jpeg
age: 11012
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26971), with no line terminators
Hash 07c6c6ccacd4ff698d9d1f5c034110a6
366455a8ce5e91ececbb86663ec71aa6f8ba5399
8b6a1232ac7296ca5b33ea835b75c026b41e3607f1ad0e22809ede29eea3e3fd
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6bc011064a47d671d3e6c3e069545576
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 38eb5b959bcc6fc18e56194ed80d7a2c
566212f2531beb724997b4b5bd23d28ab10c1274
afde3ed14fc8d6cc79082d48b74196411d35cbe4300a46679cc6633e59b1ec3d
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b7f917b15a3d9ebbc3a38cc1a9b3d503
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cb2a22599d585be93ea1d1e449800061
b57e93b303cd37260717332e610ac014cdb453bc
ab32fa8b35515e3a0e75ed4d43faedc88b450ef2d07581b2aa7f26dd5985c828
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB32FA8B35515E3A0E75ED4D43FAEDC88B450EF2D07581B2AA7F26DD5985C828"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17411
Expires: Thu, 01 Dec 2022 06:13:18 GMT
Date: Thu, 01 Dec 2022 01:23:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 130019dcc63335aaf43e4a8e2ad23343
c1667bde5fe5b739392176faf986c0bee92fac2d
42b28a671f597caf6a4c500a406db5a7e4c350ddcb9181c9da35e78e10e31d3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B28A671F597CAF6A4C500A406DB5A7E4C350DDCB9181C9DA35E78E10E31D3E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4973
Expires: Thu, 01 Dec 2022 02:46:00 GMT
Date: Thu, 01 Dec 2022 01:23:07 GMT
Connection: keep-alive
rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=845&max-results=5&callback=msRelatedPosts
172.217.21.161200 OK 3.2 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=845&max-results=5&callback=msRelatedPosts
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (13480)
Hash f2b92c7616bfbd1fe870efd53e021c8f
a1a0186d84fdf3416f685eaafedaa4dd24204d1a
57bce25071248395a9366fe8c7cf1645922dcf71bca4f2f7e8efb00d570daae7
GET /feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=845&max-results=5&callback=msRelatedPosts HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"b7ca93ba433e53fed06c9ef45655dfb8e252c2f38cc999234c767920b3c02f6c"
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 01 Dec 2022 01:23:08 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3231
X-Frame-Options: SAMEORIGIN
www.variousformatscontent.com/43cbf010638e77d3b031a0285ad431d5/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/43cbf010638e77d3b031a0285ad431d5/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
GET /43cbf010638e77d3b031a0285ad431d5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d5404ef8819cd3a5cb6cfc91a909395
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.397943100303.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 specialistinsensitive.com/watch.397943100303.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.397943100303.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://specialistinsensitive.com/watch.397943100303.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=acf76d99df1a2d6f2ac1afb4d7c0d21c34a0d374e4f5e2a5652947aa69cb3701d6838e20d6c8ec4d2b7b12deeb25bbfd31df7345883fdfabe7f328ab0ac14d3b81191eb817ca10f3d1a8065d9f0115491e5b1be6&pst=1669857847&rmtc=t
Set-Cookie: u_pl=15771582; expires=Fri, 02 Dec 2022 01:23:07 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzA2L2NoZWF0LWF5by1kYW5jZS1zcGVjaWFsLW1hbGFtLW1pbmdndS0yLmh0bWw_bT0xIn19.sH6Bn2SOB9Do8AKc3ewWfSy5E51Ky58WjYyCL3YmPi4; expires=Thu, 01 Dec 2022 01:24:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ab253d0ab28a8713344e3e94ce154a9
Strict-Transport-Security: max-age=0; includeSubdomains
integrityprinciplesthorough.com/watch.1215858469840.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 integrityprinciplesthorough.com/watch.1215858469840.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1215858469840.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://integrityprinciplesthorough.com/watch.1215858469840.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=337f73f10b31824fccb09680e9d89334e48025b32abea9d07944ba90d8bb7c1be7b8b3dabe38e155e418f0d0495cda059a484846b9ce056b19eb9500b095e6ebc5beea6aa5e95b564141e5199a33c0eef401651c7311887fba91fd93d63d469790eb4ee1db&pst=1669857847&rmtc=t
Set-Cookie: u_pl=16655075; expires=Fri, 02 Dec 2022 01:23:07 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDYvY2hlYXQtYXlvLWRhbmNlLXNwZWNpYWwtbWFsYW0tbWluZ2d1LTIuaHRtbD9tPTEifX0.eIphv4LoJqX1rSN1dRIzioZCqOCK_kInRpdxQeD2jk4; expires=Thu, 01 Dec 2022 01:24:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00001769143a7c3bab3c164f3bd09d9b
Strict-Transport-Security: max-age=0; includeSubdomains
pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /0e247b08df0ac66b734889c8d0551184/invoke.js HTTP/1.1
Host: pl16755600.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Thu, 01 Dec 2022 01:23:07 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 784c6a211d8b695266d8ddf287519e27
6c053f9a5361ab3ee99ae226ef101f88aa50836b
b1a464325e15c66572c98c165e8547392dba7fb87fbb5c33a9a3bf8dba93976f
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a672cbbb33d809e58405f238abccfd8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.34200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.34:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 13:24:36 GMT
Expires: Wed, 14 Dec 2022 13:24:36 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 43112
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e522c74f3ef0d1b719e47988f1db4c72
d1cae72d7ec41694df696ff175041d043cb9dbf6
2ac181bff12c5547ab34600033ef12150ce0031b5e3885ec0f6e94640b1010ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AC181BFF12C5547AB34600033EF12150CE0031B5E3885EC0F6E94640B1010EC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1752
Expires: Thu, 01 Dec 2022 01:52:20 GMT
Date: Thu, 01 Dec 2022 01:23:08 GMT
Connection: keep-alive
integrityprinciplesthorough.com/watch.1215858469840.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=337f73f10b31824fccb09680e9d89334e48025b32abea9d07944ba90d8bb7c1be7b8b3dabe38e155e418f0d0495cda059a484846b9ce056b19eb9500b095e6ebc5beea6aa5e95b564141e5199a33c0eef401651c7311887fba91fd93d63d469790eb4ee1db&pst=1669857847&rmtc=t
192.243.59.13200 OK 641 B URL HTTP/1.1 integrityprinciplesthorough.com/watch.1215858469840.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=337f73f10b31824fccb09680e9d89334e48025b32abea9d07944ba90d8bb7c1be7b8b3dabe38e155e418f0d0495cda059a484846b9ce056b19eb9500b095e6ebc5beea6aa5e95b564141e5199a33c0eef401651c7311887fba91fd93d63d469790eb4ee1db&pst=1669857847&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash c097749416b3ef09060cd576c789475a
59c7fab400a5f2bcf88af65ee1bdcfbb1c102b58
57771ed1a8fc0344cf8eb53773b4321031b95a704609fd2f732080a029a14f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1215858469840.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=337f73f10b31824fccb09680e9d89334e48025b32abea9d07944ba90d8bb7c1be7b8b3dabe38e155e418f0d0495cda059a484846b9ce056b19eb9500b095e6ebc5beea6aa5e95b564141e5199a33c0eef401651c7311887fba91fd93d63d469790eb4ee1db&pst=1669857847&rmtc=t HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDYvY2hlYXQtYXlvLWRhbmNlLXNwZWNpYWwtbWFsYW0tbWluZ2d1LTIuaHRtbD9tPTEifX0.eIphv4LoJqX1rSN1dRIzioZCqOCK_kInRpdxQeD2jk4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
iprc83915207dccb805e36b0fbb8e2fde47a=2717340; expires=Fri, 02 Dec 2022 03:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4664102a398031b274071aa1b91e4e8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js HTTP/1.1
Host: pl16755512.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Sun, 27 Nov 2022 01:56:48 GMT
ETag: "6382c3e0-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_dxi5MWXw+Ehfp9wDk1OdpohyekXaGnAGbHM+g2gKbZOrLgUR4XmvsslY+eRMhEgsoPPvTrGuFnztdD9udBLvng
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=34.160.73.230;Path=/;Max-Age=86400;
country=US;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
specialistinsensitive.com/watch.397943100303.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=acf76d99df1a2d6f2ac1afb4d7c0d21c34a0d374e4f5e2a5652947aa69cb3701d6838e20d6c8ec4d2b7b12deeb25bbfd31df7345883fdfabe7f328ab0ac14d3b81191eb817ca10f3d1a8065d9f0115491e5b1be6&pst=1669857847&rmtc=t
192.243.59.12200 OK 2.1 kB URL HTTP/1.1 specialistinsensitive.com/watch.397943100303.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=acf76d99df1a2d6f2ac1afb4d7c0d21c34a0d374e4f5e2a5652947aa69cb3701d6838e20d6c8ec4d2b7b12deeb25bbfd31df7345883fdfabe7f328ab0ac14d3b81191eb817ca10f3d1a8065d9f0115491e5b1be6&pst=1669857847&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2657)
Hash e45f1425525794fa7a76bc711820af50
4e6dab33ff021cf02b714451ccaf15df9730266c
d009f2446b8fed3663d0dedddcef3952e450998f2bfa937ccb838bbea0b54a87
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.397943100303.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&shu=acf76d99df1a2d6f2ac1afb4d7c0d21c34a0d374e4f5e2a5652947aa69cb3701d6838e20d6c8ec4d2b7b12deeb25bbfd31df7345883fdfabe7f328ab0ac14d3b81191eb817ca10f3d1a8065d9f0115491e5b1be6&pst=1669857847&rmtc=t HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15771582; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzA2L2NoZWF0LWF5by1kYW5jZS1zcGVjaWFsLW1hbGFtLW1pbmdndS0yLmh0bWw_bT0xIn19.sH6Bn2SOB9Do8AKc3ewWfSy5E51Ky58WjYyCL3YmPi4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
iprc772f2af03e3fa1e95b90b552608d39bb=3569806; expires=Thu, 01 Dec 2022 05:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e530072cf64b946b6c34b5e8d59ed54
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.397943100303?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 specialistinsensitive.com/watch.397943100303?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (627)
Hash efe0c2a49eada1e7a8e96ae40c712061
50eb60f4d25f6bbd2ca3535036c470cb27041cbb
00f360f54ffcc98b74d55b0a088839ccb8ed04dca0989ab0840621dd4fa2c0f1
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.397943100303?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Cookie: u_pl=15771582; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzA2L2NoZWF0LWF5by1kYW5jZS1zcGVjaWFsLW1hbGFtLW1pbmdndS0yLmh0bWw_bT0xIn19.sH6Bn2SOB9Do8AKc3ewWfSy5E51Ky58WjYyCL3YmPi4; uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; iprc772f2af03e3fa1e95b90b552608d39bb=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vMjAxMy8wNi9jaGVhdC1heW8tZGFuY2Utc3BlY2lhbC1tYWxhbS1taW5nZ3UtMi5odG1sP209MSJ9fQ.dKqdpT6h5kzYDtcyhPPkHMdVJyQ9qVHNaQBTAebWfAE; expires=Thu, 01 Dec 2022 01:24:08 GMT; secure; SameSite=None
uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8bfd475b5c6da2cf79bb4fbacae49e1c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f107b8c907438b7d609e4e21dc3b3169
011d1cf09cb10b1cdd92ecf60ac7c0613fe4f69c
4c63fd3893ca0dd9fa00d37fc3404d5b5cc3f6d7da97d9947317b3d35ec43cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C63FD3893CA0DD9FA00D37FC3404D5B5CC3F6D7DA97D9947317B3D35EC43CD9"
Last-Modified: Tue, 29 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12514
Expires: Thu, 01 Dec 2022 04:51:42 GMT
Date: Thu, 01 Dec 2022 01:23:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5040b9ba1c67b63c631ed1e4077c2909
c15a79c188cde357e464a554cb5403844c575858
15b6574f52878132519ab29965009c36acc8a7f0a50bd9423c199e326e5541ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15B6574F52878132519AB29965009C36ACC8A7F0A50BD9423C199E326E5541CE"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3474
Expires: Thu, 01 Dec 2022 02:21:02 GMT
Date: Thu, 01 Dec 2022 01:23:08 GMT
Connection: keep-alive
tallysaturatesnare.com/watch.1657986362826?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 tallysaturatesnare.com/watch.1657986362826?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (627)
Hash fec948aee64d74cc3ac705583aa79f7a
858126757b37a9d1e67c85e36fa15e5a57045e41
1e2cd921af2da9d34a05bbd0c6e472125e04020de0373c1be0e3f8af6708abc7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1657986362826?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16655075; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDYvY2hlYXQtYXlvLWRhbmNlLXNwZWNpYWwtbWFsYW0tbWluZ2d1LTIuaHRtbD9tPTEifX0.eIphv4LoJqX1rSN1dRIzioZCqOCK_kInRpdxQeD2jk4; expires=Thu, 01 Dec 2022 01:24:08 GMT; secure; SameSite=None
uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d3e388d3375a78e1405bc97e7d057a1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.397943100303?shu=2d7392d52511503c12d88f2e2cb9562b6158fe5dca8b226a2130fd85df7df7dd6102776de885c26f270210c4e0cd882161b1b7948a92d8fba6bd931d71bfecdcd6f5c3364bdab83de090712ae0e50aca8993ed&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=f2740f8300aa3091803ddfa6c4ea7c46&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
192.243.59.12200 OK 1.9 kB URL HTTP/1.1 specialistinsensitive.com/watch.397943100303?shu=2d7392d52511503c12d88f2e2cb9562b6158fe5dca8b226a2130fd85df7df7dd6102776de885c26f270210c4e0cd882161b1b7948a92d8fba6bd931d71bfecdcd6f5c3364bdab83de090712ae0e50aca8993ed&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=f2740f8300aa3091803ddfa6c4ea7c46&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2578)
Hash edfa92b9c73623d074e46049b28c9827
6230470f50dff9e52a52e1013ab10a391580065d
63438033eee2091ba9bd014569cc77bece6a0471e5419a32aa6a52100ce81ff5
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.397943100303?shu=2d7392d52511503c12d88f2e2cb9562b6158fe5dca8b226a2130fd85df7df7dd6102776de885c26f270210c4e0cd882161b1b7948a92d8fba6bd931d71bfecdcd6f5c3364bdab83de090712ae0e50aca8993ed&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=f2740f8300aa3091803ddfa6c4ea7c46&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://specialistinsensitive.com/watch.397943100303?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
Cookie: u_pl=15771582; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vMjAxMy8wNi9jaGVhdC1heW8tZGFuY2Utc3BlY2lhbC1tYWxhbS1taW5nZ3UtMi5odG1sP209MSJ9fQ.dKqdpT6h5kzYDtcyhPPkHMdVJyQ9qVHNaQBTAebWfAE; uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; iprc772f2af03e3fa1e95b90b552608d39bb=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs=2; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs5=2; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68f664e7996865c776821d2c6911c013
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
handbagcordial.com/watch.192465727655?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
173.233.137.60200 OK 1.3 kB URL HTTP/1.1 handbagcordial.com/watch.192465727655?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (627)
Hash a54d791bf46df5940487a4478e3034cf
ce6b51299672a98fe8ec5e2312f480a948de41d9
6e27e58b918982bdd57044437153edf1ff29e98eefac0b1e9dc3498345251308
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.192465727655?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1 HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16655075; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDYvY2hlYXQtYXlvLWRhbmNlLXNwZWNpYWwtbWFsYW0tbWluZ2d1LTIuaHRtbD9tPTEifX0.eIphv4LoJqX1rSN1dRIzioZCqOCK_kInRpdxQeD2jk4; expires=Thu, 01 Dec 2022 01:24:08 GMT; secure; SameSite=None
uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 773b7ae7a369d033f1ed0e9db2ecd5bc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tallysaturatesnare.com/watch.1657986362826?shu=eb086ba3814335f950ca85522e9bacbe94ba69ef2ba14ad8e220100e93bb0534e86e34fa713dbc699b906890abd4e181581c27ec4ff45a9ef6f13cb566c2c8c355191a8e87e27f30ec36e6c254956cfd306b1625fecafbfd0faca281815003c0&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
173.233.139.164200 OK 1.8 kB URL HTTP/1.1 tallysaturatesnare.com/watch.1657986362826?shu=eb086ba3814335f950ca85522e9bacbe94ba69ef2ba14ad8e220100e93bb0534e86e34fa713dbc699b906890abd4e181581c27ec4ff45a9ef6f13cb566c2c8c355191a8e87e27f30ec36e6c254956cfd306b1625fecafbfd0faca281815003c0&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2523)
Hash 31e200659262dac134ca0ea865c752c2
6a9ca860a022f93b1a30f4ed26c3cae43da50529
3097403b9d2f8a929d7444594df62e10890087b827b13e5d1d12ddf90637fa7b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1657986362826?shu=eb086ba3814335f950ca85522e9bacbe94ba69ef2ba14ad8e220100e93bb0534e86e34fa713dbc699b906890abd4e181581c27ec4ff45a9ef6f13cb566c2c8c355191a8e87e27f30ec36e6c254956cfd306b1625fecafbfd0faca281815003c0&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tallysaturatesnare.com/watch.1657986362826?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDYvY2hlYXQtYXlvLWRhbmNlLXNwZWNpYWwtbWFsYW0tbWluZ2d1LTIuaHRtbD9tPTEifX0.eIphv4LoJqX1rSN1dRIzioZCqOCK_kInRpdxQeD2jk4; uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d520e787892bff6419311e4743ca4c8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash da4afbbaa1bb005f321b7a6d81af98b7
bfb82d7d40a82c1e20adbb690dd2f312214e3c25
e876befabffde8bd8dfbb45b626f5710c96fb51b3a18cb63767bffc6197e7017
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E876BEFABFFDE8BD8DFBB45B626F5710C96FB51B3A18CB63767BFFC6197E7017"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20645
Expires: Thu, 01 Dec 2022 07:07:13 GMT
Date: Thu, 01 Dec 2022 01:23:08 GMT
Connection: keep-alive
lightssyrupdecree.com/watch.111403707511?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
192.243.59.13200 OK 1.3 kB URL HTTP/1.1 lightssyrupdecree.com/watch.111403707511?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (627)
Hash b3b40f36735b552e32067751e39ea5c3
9a907bf81116825ef178f49b1c193f59cc910f3f
8a7c9783a3bf80bf191a6120ee6d120b4197ffde37985eca8623773273390219
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.111403707511?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16655086; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA4NiwiayI6IjQzY2JmMDEwNjM4ZTc3ZDNiMDMxYTAyODVhZDQzMWQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJzNmNjeTdjdHhzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDYvY2hlYXQtYXlvLWRhbmNlLXNwZWNpYWwtbWFsYW0tbWluZ2d1LTIuaHRtbD9tPTEifX0.VeFG-tyZlju23vEiwJ0tsrGJ4PpgWDFcLMVfzL6PSIc; expires=Thu, 01 Dec 2022 01:24:08 GMT; secure; SameSite=None
uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3afdaac7ad8ef3d9ce025fdbfab32908
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
handbagcordial.com/watch.192465727655?shu=4e9359827f9520f8e0a1edbcb024f07363370db4c3876a0ed2f8796a8e90dc1d2cadc49a1b4ac76e8b62031514ce4e831b37da5883bba008eae07e922afca8fc684bb0c4fa7efb086526a66ac865f5e4975626abd5de6a5df252d0c3f7e828ce&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&dev=e&res=12.1053&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0
173.233.137.60200 OK 1.8 kB URL HTTP/1.1 handbagcordial.com/watch.192465727655?shu=4e9359827f9520f8e0a1edbcb024f07363370db4c3876a0ed2f8796a8e90dc1d2cadc49a1b4ac76e8b62031514ce4e831b37da5883bba008eae07e922afca8fc684bb0c4fa7efb086526a66ac865f5e4975626abd5de6a5df252d0c3f7e828ce&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&dev=e&res=12.1053&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2438)
Hash ac96af8ee86be08ea2ae204d23d16a70
837fd7807c757a2c0ce98a4e760f90d563019cc0
7fc792a4756941efc469aa94f9b0147ce484ea63ed8a0817479eb78e18fa44a6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.192465727655?shu=4e9359827f9520f8e0a1edbcb024f07363370db4c3876a0ed2f8796a8e90dc1d2cadc49a1b4ac76e8b62031514ce4e831b37da5883bba008eae07e922afca8fc684bb0c4fa7efb086526a66ac865f5e4975626abd5de6a5df252d0c3f7e828ce&pst=1669857848&rmtc=t&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&dev=e&res=12.1053&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0 HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://handbagcordial.com/watch.192465727655?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22cheat%22%2C%22ayo%22%2C%22dance%22%2C%22special%22%2C%22malam%22%2C%22minggu%22%2C%222%22%2C%22in%22%2C%221%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F06%2Fcheat-ayo-dance-special-malam-minggu-2.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=fa8b730e-f9af-4ba5-928e-32ac9179473a%3A3%3A1
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDYvY2hlYXQtYXlvLWRhbmNlLXNwZWNpYWwtbWFsYW0tbWluZ2d1LTIuaHRtbD9tPTEifX0.eIphv4LoJqX1rSN1dRIzioZCqOCK_kInRpdxQeD2jk4; uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2013/06/cheat-ayo-dance-special-malam-minggu-2.html?m=1
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fa8b730e-f9af-4ba5-928e-32ac9179473a:3:1; expires=Thu, 08 Dec 2022 01:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Dec 2022 01:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d17fcf6687f625437b8fd9ee4b3bd51
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16655075
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16655075
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96519679b31f3c9292dd2a1d9f4a90c8
37686d34fa2784441d92975ff0a664a16cdae167
061defc17aa595779a9cab3aecb85538764a1a0a5ae8b254289fb21b74752471
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16655075 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 01:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 02 Dec 2022 01:23:08 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY2NTUwNzUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vIn19.EBLtBr8wInZV5iwngRm9tmpb0oyU6NDNzpiZZnfCFXA; expires=Thu, 01 Dec 2022 01:24:08 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e6074bc8c8eb28397d1b57995e17cd17
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16936
Expires: Thu, 01 Dec 2022 06:05:24 GMT
Date: Thu, 01 Dec 2022 01:23:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16940
Expires: Thu, 01 Dec 2022 06:05:28 GMT
Date: Thu, 01 Dec 2022 01:23:08 GMT
Connection: keep-alive
www.spikereekvelocity.com/dyfc1k09?shu=03696e0443861cdd6c5c9395684e24f1bd29b27fd57a11cf81b6656365fbd8f28ee9107879217516b7ea3a55eaaf806db8ddd897e8acc19f8d6c56e9cc532b3b8fb0703fe113cbc39d58c582afc8a16b99a6ce4e2aa73488f60b3ef0c846&pst=1669857848&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=16655075
173.233.137.36302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=03696e0443861cdd6c5c9395684e24f1bd29b27fd57a11cf81b6656365fbd8f28ee9107879217516b7ea3a55eaaf806db8ddd897e8acc19f8d6c56e9cc532b3b8fb0703fe113cbc39d58c582afc8a16b99a6ce4e2aa73488f60b3ef0c846&pst=1669857848&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=16655075
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=03696e0443861cdd6c5c9395684e24f1bd29b27fd57a11cf81b6656365fbd8f28ee9107879217516b7ea3a55eaaf806db8ddd897e8acc19f8d6c56e9cc532b3b8fb0703fe113cbc39d58c582afc8a16b99a6ce4e2aa73488f60b3ef0c846&pst=1669857848&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=16655075 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY2NTUwNzUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vIn19.EBLtBr8wInZV5iwngRm9tmpb0oyU6NDNzpiZZnfCFXA; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 01 Dec 2022 01:23:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=191bc6260466864ff3bc7a4b08ab4a8f&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
Set-Cookie: iprc3d4d3d1c98ab9a36998f549136ae91c0=3806410; expires=Fri, 02 Dec 2022 01:23:09 GMT
pdhtkv=true; expires=Fri, 02 Dec 2022 01:23:09 GMT
uncs=1; expires=Fri, 02 Dec 2022 01:23:09 GMT
pdhtkv28=true; expires=Fri, 02 Dec 2022 01:23:09 GMT
uncs28=1; expires=Fri, 02 Dec 2022 01:23:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae84c5ffbfe6fbeae7889dd6911f6ecf
Strict-Transport-Security: max-age=0; includeSubdomains
spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=191bc6260466864ff3bc7a4b08ab4a8f&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
78.46.92.254302 Found 0 B URL HTTP/1.1 spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=191bc6260466864ff3bc7a4b08ab4a8f&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=191bc6260466864ff3bc7a4b08ab4a8f&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other HTTP/1.1
Host: spo76rt28r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 01:23:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h99l5m9zbl; expires=Fri, 02-Dec-2022 01:23:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h99l5m9zbl-h99l5m9zbl-17dz-166o-ir8n-bza7-oje8-c9644e; expires=Fri, 02-Dec-2022 01:23:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://bo2217ok3tro9.com/1/?lpkey=161d69ab856b808c89&uclick=h99l5m9zbl&uclickhash=h99l5m9zbl-h99l5m9zbl-17dz-166o-ir8n-bza7-oje8-c9644e
Strict-Transport-Security: max-age=31536000
bo2217ok3tro9.com/1/?lpkey=161d69ab856b808c89&uclick=h99l5m9zbl&uclickhash=h99l5m9zbl-h99l5m9zbl-17dz-166o-ir8n-bza7-oje8-c9644e
78.46.92.254200 OK 1.4 kB URL HTTP/1.1 bo2217ok3tro9.com/1/?lpkey=161d69ab856b808c89&uclick=h99l5m9zbl&uclickhash=h99l5m9zbl-h99l5m9zbl-17dz-166o-ir8n-bza7-oje8-c9644e
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0bbb113ff85b78b6485a9783946e6948
8663005f0ad88c2a768937edb56177387103594d
70c7e9fa94eb5b8fb5b61e0ee25167ace062bea13773331f7d02814822fbf004
GET /1/?lpkey=161d69ab856b808c89&uclick=h99l5m9zbl&uclickhash=h99l5m9zbl-h99l5m9zbl-17dz-166o-ir8n-bza7-oje8-c9644e HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 01:23:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a7768a8a4d5f2b246e1c7184e4526eef
424a0bbdad4a58e0eeced80d976613d4925a8f55
6233da50858bbd760a4da93d72eaf8b0a3379184601e8eb76db9a306af568c71
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3081
Cache-Control: max-age=138190
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:10 GMT
Etag: "63876ec3-117"
Expires: Fri, 02 Dec 2022 15:46:20 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:59 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 01 Dec 2022 01:23:10 GMT
date: Thu, 01 Dec 2022 01:23:10 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9fad3082cd184e2cf1dabd51e2242e8f
655c7d26c8f3661fe7d627d0d3456efab77a2ae0
b659bbcff6e0a381013d25ee141e9b44f9f4f76af84f529a75df6325cb27ccb6
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 01:23:10 GMT
expires: Thu, 01 Dec 2022 01:23:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38541
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.126.175302 Found 73 kB URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.126.175:0
Hash eee57672ecfa0f7f9aca9a3bf46aa7b2
65a15439a014d30f164ff46393bd678ccbe5cc9d
42fa7e63908c3176a578ddbf1aff15b9b1e94b76214dce625a27a0f42e2246c1
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 01 Dec 2022 01:23:10 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK5KYFADKES69274PTT8NRT1-ams
cf-cache-status: HIT
age: 560
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772804144b5cfab4-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bo2217ok3tro9.com/favicon.png
78.46.92.254404 Not Found 114 B URL HTTP/1.1 bo2217ok3tro9.com/favicon.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /favicon.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=161d69ab856b808c89&uclick=h99l5m9zbl&uclickhash=h99l5m9zbl-h99l5m9zbl-17dz-166o-ir8n-bza7-oje8-c9644e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 01:23:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:23:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bo2217ok3tro9.com
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 195193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 531307
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/c4/68/df/c468df712463d2e0fbcd8695329cb2df/1644707299.jpg
45.133.44.10200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/bi/c4/68/df/c468df712463d2e0fbcd8695329cb2df/1644707299.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
GET /bi/c4/68/df/c468df712463d2e0fbcd8695329cb2df/1644707299.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tallysaturatesnare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 01:23:08 GMT
content-type: image/jpeg
content-length: 96212
server: nginx/1.17.6
last-modified: Sat, 12 Feb 2022 23:08:25 GMT
etag: "62083de9-177d4"
expires: Sat, 03 Dec 2022 01:23:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2