firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 17:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hCNXShgjZSQHq8uc82uO1Fb2FlGRJtAnOP4xT_krN68gBcPQjh6eLw==
Age: 2948
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 490c003436e215e91596f285fcba92f5
0c4c9a5802e7cdb699f4918c252dbdf8431c25ec
9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7970
Expires: Wed, 28 Sep 2022 20:17:38 GMT
Date: Wed, 28 Sep 2022 18:04:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12346
Expires: Wed, 28 Sep 2022 21:30:34 GMT
Date: Wed, 28 Sep 2022 18:04:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gu0momgP7zWUw90wiViWormAAD2j+Mut9pZHbSJMFOKjOtmIZUP0/Z+sIZ9PNSZbNjj4MtBHYuM=
x-amz-request-id: WZDBAKYBFX123XDJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Sep 2022 17:50:09 GMT
age: 879
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:04:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
worldnewsdailypost.blogspot.com/2022/09/ikone-videolacazette-videoikone.html
142.250.74.161301 Moved Permanently 214 B URL HTTP/1.1 worldnewsdailypost.blogspot.com/2022/09/ikone-videolacazette-videoikone.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 20e4bcdd885fb6d428749d55c69f4182
28233283226a4b2c5ff38b3fe8e1bd279424246e
7c00e78bda25fcf96893a1fa2a35d8247e2a5f12ad1a6d02fdc2549b6f92247b
GET /2022/09/ikone-videolacazette-videoikone.html HTTP/1.1
Host: worldnewsdailypost.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://worldnewsdailypost.blogspot.com/2022/09/ikone-videolacazette-videoikone.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 18:04:48 GMT
Expires: Wed, 28 Sep 2022 18:04:48 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 214
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 17:29:33 GMT
Expires: Wed, 28 Sep 2022 18:25:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g3DUjqpf0uJDyUtl_DMkk-oQolDt5MPl7WjaH_rRLkl0NvSXmVeUZQ==
Age: 2115
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca568b0094952ff8079bbea27bee5350
d395a918b1cb67dcd61ef96c1e0fb9cc298e633a
4789eeb2cfa143d120879f70f03c72aabb91ddfc829a2fba8e84f617e1960607
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5896
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:48 GMT
Last-Modified: Wed, 28 Sep 2022 16:26:32 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1V1k/I6pP+Bhjdk/unSmXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jlaoWRWFz7t4J/S5POCxmQUvWac=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca568b0094952ff8079bbea27bee5350
d395a918b1cb67dcd61ef96c1e0fb9cc298e633a
4789eeb2cfa143d120879f70f03c72aabb91ddfc829a2fba8e84f617e1960607
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
worldnewsdailypost.blogspot.com/2022/09/ikone-videolacazette-videoikone.html
142.250.74.161200 OK 59 kB URL HTTP/2 worldnewsdailypost.blogspot.com/2022/09/ikone-videolacazette-videoikone.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5019)
Hash 3061d3668278e52fd09579ac3a45502c
234e65421348f865ce6a9afef0d5035132cc5fb4
b622d1be6e7b54235b228c7772a56b02a13f349d5642a015ad667441f0e80664
GET /2022/09/ikone-videolacazette-videoikone.html HTTP/1.1
Host: worldnewsdailypost.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 28 Sep 2022 18:04:49 GMT
date: Wed, 28 Sep 2022 18:04:49 GMT
cache-control: private, max-age=0
last-modified: Wed, 28 Sep 2022 17:51:31 GMT
etag: W/"96ceb800ec5b609009a98bc042ccd4e11a3bec9992c13015ad85356a535bc181"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 59172
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 60862e3cfa179f3df2b96a58912f6787
ff537827cbde6445205715d36d3ae25fa1d6430f
8d359daecf4a7e4b1816e03d675e0f87ad87f729d9f1c9d0d7ef3598a2cbdf08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
142.250.74.163200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP 142.250.74.163:0
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 18:04:50 GMT
expires: Wed, 28 Sep 2022 18:04:50 GMT
cache-control: public, max-age=0
age: 0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
142.250.74.105200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 09:56:02 GMT
expires: Mon, 25 Sep 2023 09:56:02 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 24 Sep 2022 17:50:40 GMT
content-type: text/javascript
age: 288528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.194200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (2910)
Hash 997f20faa2c61e806ca0a62552168671
621644c7e6ef9459be4025aaf07da631106492bf
c33a810f622b7e2b18b626f340c711ddb3b3ba28463cb0f413e9490cedc24ed2
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 28 Sep 2022 18:04:50 GMT
expires: Wed, 28 Sep 2022 18:04:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17854578904135818590
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/4150139458-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 266900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 599442
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 599442
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=5056495241778046918&zx=d70dd696-91a5-4787-9a95-77a7b00eb735
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5056495241778046918&zx=d70dd696-91a5-4787-9a95-77a7b00eb735
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5056495241778046918&zx=d70dd696-91a5-4787-9a95-77a7b00eb735 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 18:04:50 GMT
last-modified: Wed, 28 Sep 2022 18:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.106200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 15:35:04 GMT
expires: Tue, 26 Sep 2023 15:35:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 181786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577867556436510&plah=worldnewsdailypost.blogspot.com
216.58.207.194200 OK 126 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577867556436510&plah=worldnewsdailypost.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with very long lines (5899)
Size 126 kB (125492 bytes)
Hash 87f6721417a29d862e541bd0dec1790f
589bd6ed515b598f6760e67e0d873417bd54b854
d95bf0ca206cbe430ac4916d7cee1b837fbdadd45ffc47d8af339116737e78dd
GET /pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577867556436510&plah=worldnewsdailypost.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Sep 2022 18:04:50 GMT
expires: Wed, 28 Sep 2022 18:04:50 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 7345520027439076942
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 125492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38602c8e73bf7fea64c5fb5e96c11768
374303288cfe0aec7f9c655744021f8f072ee8d8
cbb4d8013bf2a47695f0931dec4f8e5221dd1d23059ecca7f5901544d0940197
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
142.250.74.33200 OK 228 kB URL HTTP/2 themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, description=Sunset afterglow and twlight dunes in White Sands National Monument, software=Picasa], baseline, precision 8, 1600x1067, components 3\012- data
Size 228 kB (228521 bytes)
Hash e66ef1f4c654be20558150214aa2b85a
ad1dfbefad9a21e48aeeac1bae9f8a5b8ea1ef3c
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
GET /image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 228521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6UpXv0QRjjQkUqrz8-TVcoSh9Niw5j238HgFd9e5OZENVopojCt3L6RijfUI4sWsNCgHIWfvL8GbpY6C7gW1O3BQcKPgiWk8d0CZ___ZVoOEHEOevq9t5TcL5INf79AcSq5YBn1FCCySq-wJ5HsWgLTF7LGHsrPBKvJkDAA3kMDdhuLyN0d-MpkMk/w72-h72-p-k-no-nu/PSX_20220701_121049.jpg
142.250.74.33200 OK 2.9 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6UpXv0QRjjQkUqrz8-TVcoSh9Niw5j238HgFd9e5OZENVopojCt3L6RijfUI4sWsNCgHIWfvL8GbpY6C7gW1O3BQcKPgiWk8d0CZ___ZVoOEHEOevq9t5TcL5INf79AcSq5YBn1FCCySq-wJ5HsWgLTF7LGHsrPBKvJkDAA3kMDdhuLyN0d-MpkMk/w72-h72-p-k-no-nu/PSX_20220701_121049.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f12e1e479af1368356da671f49d02960
b2ab69d55c03e151d386ce126a4888c9d815aaa0
33b5c73630ec6b02e75916c2db331de1d66ba0cdb23b5601ea9b52bb24b52699
GET /img/b/R29vZ2xl/AVvXsEh6UpXv0QRjjQkUqrz8-TVcoSh9Niw5j238HgFd9e5OZENVopojCt3L6RijfUI4sWsNCgHIWfvL8GbpY6C7gW1O3BQcKPgiWk8d0CZ___ZVoOEHEOevq9t5TcL5INf79AcSq5YBn1FCCySq-wJ5HsWgLTF7LGHsrPBKvJkDAA3kMDdhuLyN0d-MpkMk/w72-h72-p-k-no-nu/PSX_20220701_121049.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "va2b"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PSX_20220701_121049.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 2887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqkpYfrgbBuSGp6hBQ1W3S2XYxijcoiuUp4yXxfPzfdUCsaDy67k9NVD9-R3IlgMCA6Mm4Z5gQcKggGgEiuHgMA0EqK_SfT9snCUI0OUYh5qF2UDTXM4ayjhsnkrviqRy-lYHp3dxSL2J9CGRLMJ9o64wEjWomo6yR3kexYj1ryiui1Ij32lUspJsm/w72-h72-p-k-no-nu/bfg%20straap%20dead,%C2%A0bfg%20straap%20shot,%C2%A0bfg%20straap%20kille.jpg
142.250.74.33200 OK 2.8 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqkpYfrgbBuSGp6hBQ1W3S2XYxijcoiuUp4yXxfPzfdUCsaDy67k9NVD9-R3IlgMCA6Mm4Z5gQcKggGgEiuHgMA0EqK_SfT9snCUI0OUYh5qF2UDTXM4ayjhsnkrviqRy-lYHp3dxSL2J9CGRLMJ9o64wEjWomo6yR3kexYj1ryiui1Ij32lUspJsm/w72-h72-p-k-no-nu/bfg%20straap%20dead,%C2%A0bfg%20straap%20shot,%C2%A0bfg%20straap%20kille.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f8b089df84cfe1c2f7f64443c8ec3542
6b225fe4e8f37cc2bf78d37dcc6a2bb9dccd3a42
4da139f34990e9797a1a05e796476fa2b6207335653c073f13f5bf88b5336fbd
GET /img/b/R29vZ2xl/AVvXsEjqkpYfrgbBuSGp6hBQ1W3S2XYxijcoiuUp4yXxfPzfdUCsaDy67k9NVD9-R3IlgMCA6Mm4Z5gQcKggGgEiuHgMA0EqK_SfT9snCUI0OUYh5qF2UDTXM4ayjhsnkrviqRy-lYHp3dxSL2J9CGRLMJ9o64wEjWomo6yR3kexYj1ryiui1Ij32lUspJsm/w72-h72-p-k-no-nu/bfg%20straap%20dead,%C2%A0bfg%20straap%20shot,%C2%A0bfg%20straap%20kille.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1e5f"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bfg straap dead,_bfg straap shot,_bfg straap kille.jpg";filename*=UTF-8''bfg%20straap%20dead%2C%C2%A0bfg%20straap%20shot%2C%C2%A0bfg%20straap%20kille.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 2801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLruHnreLfGAK5nCBaQd_2sf7Sucj18JQk8jxUyrvy139O57bL_VgP1H-WW5_uHBlKy4C5r4ZgGgxJSmmCxwDMVK7gClqaMOZ5zI3YKzDwzRI1DSHkHawmDMtUE9kuj-AqTa3CzMEhOGSYvoYCYAdJ3Njz1fBrjnRi2Bzc5CdYipsG4o7X9Rirt0eX/w72-h72-p-k-no-nu/roblox%20halloween%20video,%C2%A0roblox%20halloween%20twitter,%C2%A0.jpg
142.250.74.33200 OK 3.5 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLruHnreLfGAK5nCBaQd_2sf7Sucj18JQk8jxUyrvy139O57bL_VgP1H-WW5_uHBlKy4C5r4ZgGgxJSmmCxwDMVK7gClqaMOZ5zI3YKzDwzRI1DSHkHawmDMtUE9kuj-AqTa3CzMEhOGSYvoYCYAdJ3Njz1fBrjnRi2Bzc5CdYipsG4o7X9Rirt0eX/w72-h72-p-k-no-nu/roblox%20halloween%20video,%C2%A0roblox%20halloween%20twitter,%C2%A0.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a8fbd4b87114804cd5f5c608b84c1c09
672fa392157fd0d5eecb130575f4a8a5d34f7ecd
a118f89513aa12c4978d9a7263f7647af1a93edf1a0455209b51681be324d27f
GET /img/b/R29vZ2xl/AVvXsEgLruHnreLfGAK5nCBaQd_2sf7Sucj18JQk8jxUyrvy139O57bL_VgP1H-WW5_uHBlKy4C5r4ZgGgxJSmmCxwDMVK7gClqaMOZ5zI3YKzDwzRI1DSHkHawmDMtUE9kuj-AqTa3CzMEhOGSYvoYCYAdJ3Njz1fBrjnRi2Bzc5CdYipsG4o7X9Rirt0eX/w72-h72-p-k-no-nu/roblox%20halloween%20video,%C2%A0roblox%20halloween%20twitter,%C2%A0.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v14ef"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="roblox halloween video,_roblox halloween twitter,_.jpg";filename*=UTF-8''roblox%20halloween%20video%2C%C2%A0roblox%20halloween%20twitter%2C%C2%A0.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 3476
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6295
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:04:50 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaTTU7IwUm05B4TB4gRVt258QO_AzUcVPggx7-ENP8U0dWwPuZ8XfqSU-wbgl3y8EzIo2agte2yVoTIVMjRKGM1mNj4bx0gyMrHZ95QdKWsWBwNGvHtNYhJ3mOUjVvnQEQ7N6CstQKu9YwpKoEoC9heAZqkDXJVuAEjF-hZijdcpGVP-QR1MeKMZVT/w72-h72-p-k-no-nu/face%20split%20diving%20accident%20video,%C2%A0face%20split%20divin.jpg
142.250.74.33200 OK 3.1 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaTTU7IwUm05B4TB4gRVt258QO_AzUcVPggx7-ENP8U0dWwPuZ8XfqSU-wbgl3y8EzIo2agte2yVoTIVMjRKGM1mNj4bx0gyMrHZ95QdKWsWBwNGvHtNYhJ3mOUjVvnQEQ7N6CstQKu9YwpKoEoC9heAZqkDXJVuAEjF-hZijdcpGVP-QR1MeKMZVT/w72-h72-p-k-no-nu/face%20split%20diving%20accident%20video,%C2%A0face%20split%20divin.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8f376da50e29fc91d4fbede11b807d5d
776545d791672bdd85fa32a6bdf5c543c92ff9c3
8281ce59fdd56747d54599c27507229cc6f1d6018552f974ffb8a0185f8a1a05
GET /img/b/R29vZ2xl/AVvXsEgaTTU7IwUm05B4TB4gRVt258QO_AzUcVPggx7-ENP8U0dWwPuZ8XfqSU-wbgl3y8EzIo2agte2yVoTIVMjRKGM1mNj4bx0gyMrHZ95QdKWsWBwNGvHtNYhJ3mOUjVvnQEQ7N6CstQKu9YwpKoEoC9heAZqkDXJVuAEjF-hZijdcpGVP-QR1MeKMZVT/w72-h72-p-k-no-nu/face%20split%20diving%20accident%20video,%C2%A0face%20split%20divin.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1908"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="face split diving accident video,_face split divin.jpg";filename*=UTF-8''face%20split%20diving%20accident%20video%2C%C2%A0face%20split%20divin.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 3080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37fcf410bb9951782acae9ceb2f84acb
de416225b5e0bc116a94751ffa67f0dcec613b41
cff8aaed55f656f990d5f28783cc57283aa82ed7b0944e18a60b1055c40cd53a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFF8AAED55F656F990D5F28783CC57283AA82ED7B0944E18A60B1055C40CD53A"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9689
Expires: Wed, 28 Sep 2022 20:46:19 GMT
Date: Wed, 28 Sep 2022 18:04:50 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6295
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:04:50 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjt4MnL0LjlUZJ9-jTtdxrOt_T0ob3pZ9E_HueEk6x2CkiJnGMyxNuxrH-EzzZP36bcn72IGY7HO-B6AmiKFR2dHrabx2chVdA8jJON-6qPvTeNAYcp28Za96qi7UmjUd3w9La0Po4RHk6tZhvwp51P-VUYCPs7G0HW7gOqfHQKqHBDBZqnQUXAFA_f/w72-h72-p-k-no-nu/erick%20adame%20video,%C2%A0video%20de%20erick%20adame,%C2%A0erick%20ada.jpg
142.250.74.33200 OK 2.6 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjt4MnL0LjlUZJ9-jTtdxrOt_T0ob3pZ9E_HueEk6x2CkiJnGMyxNuxrH-EzzZP36bcn72IGY7HO-B6AmiKFR2dHrabx2chVdA8jJON-6qPvTeNAYcp28Za96qi7UmjUd3w9La0Po4RHk6tZhvwp51P-VUYCPs7G0HW7gOqfHQKqHBDBZqnQUXAFA_f/w72-h72-p-k-no-nu/erick%20adame%20video,%C2%A0video%20de%20erick%20adame,%C2%A0erick%20ada.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d5c94dfdd0444e72f6f7a4c18c20f8f9
5582ba4e657117efd221abaf3511ff7b5fbe3f28
18a9c6e06de553763bafbd2dd8f360d19330fbe47bc31e1796dd801535fc42b7
GET /img/b/R29vZ2xl/AVvXsEjt4MnL0LjlUZJ9-jTtdxrOt_T0ob3pZ9E_HueEk6x2CkiJnGMyxNuxrH-EzzZP36bcn72IGY7HO-B6AmiKFR2dHrabx2chVdA8jJON-6qPvTeNAYcp28Za96qi7UmjUd3w9La0Po4RHk6tZhvwp51P-VUYCPs7G0HW7gOqfHQKqHBDBZqnQUXAFA_f/w72-h72-p-k-no-nu/erick%20adame%20video,%C2%A0video%20de%20erick%20adame,%C2%A0erick%20ada.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1e29"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="erick adame video,_video de erick adame,_erick ada.jpg";filename*=UTF-8''erick%20adame%20video%2C%C2%A0video%20de%20erick%20adame%2C%C2%A0erick%20ada.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 2647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxHEKXu0m6rVu_2B4FVluiiCdUsmokCwVYz9xVDCCqrSYQfnW_ZGAEVqhUPMby37VyN5_NW0zKp4MzaRhW1v7CozqHeB-5DJfpCdfX3mLSHZ3kRY1QeVapEXU7E0UwITVCn4myZUD8-YcJbD0gm2Ifccen-XuUBLLHpx5LojAaNZlUBUfycPB5OZ-q/w72-h72-p-k-no-nu/1%20boy%202%20kittens%20full%20video,%C2%A0luka%20magnotta%201%20boy%202%20.jpg
142.250.74.33200 OK 3.5 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxHEKXu0m6rVu_2B4FVluiiCdUsmokCwVYz9xVDCCqrSYQfnW_ZGAEVqhUPMby37VyN5_NW0zKp4MzaRhW1v7CozqHeB-5DJfpCdfX3mLSHZ3kRY1QeVapEXU7E0UwITVCn4myZUD8-YcJbD0gm2Ifccen-XuUBLLHpx5LojAaNZlUBUfycPB5OZ-q/w72-h72-p-k-no-nu/1%20boy%202%20kittens%20full%20video,%C2%A0luka%20magnotta%201%20boy%202%20.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 39754d5f22d1a891ad6b3290f0caccb3
563fc34a124926a1531151f6f09ff43a4e6ba11c
37c59845b31c75fd969026f6fc316a4e9683f2e9b50e57a3ef1ff13f3d9e2df0
GET /img/b/R29vZ2xl/AVvXsEgxHEKXu0m6rVu_2B4FVluiiCdUsmokCwVYz9xVDCCqrSYQfnW_ZGAEVqhUPMby37VyN5_NW0zKp4MzaRhW1v7CozqHeB-5DJfpCdfX3mLSHZ3kRY1QeVapEXU7E0UwITVCn4myZUD8-YcJbD0gm2Ifccen-XuUBLLHpx5LojAaNZlUBUfycPB5OZ-q/w72-h72-p-k-no-nu/1%20boy%202%20kittens%20full%20video,%C2%A0luka%20magnotta%201%20boy%202%20.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1af4"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1 boy 2 kittens full video,_luka magnotta 1 boy 2 .jpg";filename*=UTF-8''1%20boy%202%20kittens%20full%20video%2C%C2%A0luka%20magnotta%201%20boy%202%20.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 3535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWIbd2Jw3N1m35TUr_bseeg_YMdvndsikpM-6qXTBQzRvEE5Fcb4Pjs9GTZbqoZAxavHZ6IxPnRg4xpmPATDUd-tRCo45GzIpZDll24OUYOF-mWVreEasz2f46q-XXweD2ku8MRlZlkDpl23fJpkxzPFSY9stMCzrTuTpy5EYla5qyJ0f3A2OZey8G/w72-h72-p-k-no-nu/PSX_20220622_093816(2).jpg
142.250.74.33200 OK 2.8 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWIbd2Jw3N1m35TUr_bseeg_YMdvndsikpM-6qXTBQzRvEE5Fcb4Pjs9GTZbqoZAxavHZ6IxPnRg4xpmPATDUd-tRCo45GzIpZDll24OUYOF-mWVreEasz2f46q-XXweD2ku8MRlZlkDpl23fJpkxzPFSY9stMCzrTuTpy5EYla5qyJ0f3A2OZey8G/w72-h72-p-k-no-nu/PSX_20220622_093816(2).jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f1fdfadcfa1b1b9e2a7e5b222f3fbdce
f46d6d2dcae16b8248ab8c5d43a0e4f2598b31ec
e27fdcd1aff54e2844e322d00a4b7a1aa696db5307be7eb7ef2b5de326421158
GET /img/b/R29vZ2xl/AVvXsEjWIbd2Jw3N1m35TUr_bseeg_YMdvndsikpM-6qXTBQzRvEE5Fcb4Pjs9GTZbqoZAxavHZ6IxPnRg4xpmPATDUd-tRCo45GzIpZDll24OUYOF-mWVreEasz2f46q-XXweD2ku8MRlZlkDpl23fJpkxzPFSY9stMCzrTuTpy5EYla5qyJ0f3A2OZey8G/w72-h72-p-k-no-nu/PSX_20220622_093816(2).jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v835"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PSX_20220622_093816(2).jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 2792
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOyIoaeE0GBqJ7Bx2O7Q45_LCqspkh7z8bCIi9RKFs1kgaKcRNL0agR0ogDku9YafO8wD3EgNQGtTROHmclJDPjFGerEVQVqrm4-UXGhQhvGqwh7lToxwxbQHXvZLnK79kXfmaaA50IPcbqnEuvYW5-9QfFx3sqAmgEcfBwC8ZBniQFI17hfTFgk3u/w400-h225/ikone%20video,%C2%A0lacazette%20video,%C2%A0ikone%20fiorentina,%C2%A0fi.jpg
142.250.74.33200 OK 17 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOyIoaeE0GBqJ7Bx2O7Q45_LCqspkh7z8bCIi9RKFs1kgaKcRNL0agR0ogDku9YafO8wD3EgNQGtTROHmclJDPjFGerEVQVqrm4-UXGhQhvGqwh7lToxwxbQHXvZLnK79kXfmaaA50IPcbqnEuvYW5-9QfFx3sqAmgEcfBwC8ZBniQFI17hfTFgk3u/w400-h225/ikone%20video,%C2%A0lacazette%20video,%C2%A0ikone%20fiorentina,%C2%A0fi.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x224, components 3\012- data
Hash 1bf52671553ee15e25d8786a82d7937d
e68646fe4f6ceadb8af76fc52c1a6620a59ee814
d5a9957417241f8ea39eb9aee36e4f51076c147d18abbd032f38f13a619b070f
GET /img/b/R29vZ2xl/AVvXsEhOyIoaeE0GBqJ7Bx2O7Q45_LCqspkh7z8bCIi9RKFs1kgaKcRNL0agR0ogDku9YafO8wD3EgNQGtTROHmclJDPjFGerEVQVqrm4-UXGhQhvGqwh7lToxwxbQHXvZLnK79kXfmaaA50IPcbqnEuvYW5-9QfFx3sqAmgEcfBwC8ZBniQFI17hfTFgk3u/w400-h225/ikone%20video,%C2%A0lacazette%20video,%C2%A0ikone%20fiorentina,%C2%A0fi.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1ee2"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ikone video,_lacazette video,_ikone fiorentina,_fi.jpg";filename*=UTF-8''ikone%20video%2C%C2%A0lacazette%20video%2C%C2%A0ikone%20fiorentina%2C%C2%A0fi.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 17386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 72972
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsD0CWr8K3UCqjQMgN-wzms_DVIcQh6KSR1sZRBLWygJk6mNLqNDybZdP4GfLEFhWpw3lkUznn3Tk6xyWQ0jmzZs4n4oXQvJnOt85JF3KHPfiDmbUzV7RWY0GTJhsUDu89LYQvFuOH4Rk1wuxSBIuKowyzqDZT3suoZQTdsb7hUof3jvi709SzSeIi/w72-h72-p-k-no-nu/liverpool%20concert%20square,%C2%A0liverpool%20girl%20ruby%20rose.jpg
142.250.74.33200 OK 3.2 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsD0CWr8K3UCqjQMgN-wzms_DVIcQh6KSR1sZRBLWygJk6mNLqNDybZdP4GfLEFhWpw3lkUznn3Tk6xyWQ0jmzZs4n4oXQvJnOt85JF3KHPfiDmbUzV7RWY0GTJhsUDu89LYQvFuOH4Rk1wuxSBIuKowyzqDZT3suoZQTdsb7hUof3jvi709SzSeIi/w72-h72-p-k-no-nu/liverpool%20concert%20square,%C2%A0liverpool%20girl%20ruby%20rose.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash cad33d01d3a1ea9042841bc0550c5e92
e7aec9c9e702c5064e6afc8fffc4249c959db360
c6dd9ba33d5a73515703c1f3736a05f509a209e00752781728726ae52ab8b2d8
GET /img/b/R29vZ2xl/AVvXsEgsD0CWr8K3UCqjQMgN-wzms_DVIcQh6KSR1sZRBLWygJk6mNLqNDybZdP4GfLEFhWpw3lkUznn3Tk6xyWQ0jmzZs4n4oXQvJnOt85JF3KHPfiDmbUzV7RWY0GTJhsUDu89LYQvFuOH4Rk1wuxSBIuKowyzqDZT3suoZQTdsb7hUof3jvi709SzSeIi/w72-h72-p-k-no-nu/liverpool%20concert%20square,%C2%A0liverpool%20girl%20ruby%20rose.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v13ba"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="liverpool concert square,_liverpool girl ruby rose.jpg";filename*=UTF-8''liverpool%20concert%20square%2C%C2%A0liverpool%20girl%20ruby%20rose.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 3192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZAodr-Xj8m4Vr_DFREkDLHKphwZBUB5pp8-GzkmPYiUJvhk4oGGCrKhAyxqGGX9PJQdEqU1kfVA92gEEbfPboU4_3bod41NzW5ZiQ6kLqddhxBJ9dlFelrABCCMQo1lW4_P44tfFCjDtvx86nwLcBwIE-Rs3OgvXeADSPRRU5OY1kz57NiDvBgjzr/w72-h72-p-k-no-nu/PSX_20220628_123409.jpg
142.250.74.33200 OK 3.5 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZAodr-Xj8m4Vr_DFREkDLHKphwZBUB5pp8-GzkmPYiUJvhk4oGGCrKhAyxqGGX9PJQdEqU1kfVA92gEEbfPboU4_3bod41NzW5ZiQ6kLqddhxBJ9dlFelrABCCMQo1lW4_P44tfFCjDtvx86nwLcBwIE-Rs3OgvXeADSPRRU5OY1kz57NiDvBgjzr/w72-h72-p-k-no-nu/PSX_20220628_123409.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b5ba9c44d62ed8d98da8a5b6935fb781
87063edabe15a4840b787e466e0ab462f272cd79
9ea77d3483cfd8759d50a13a2c756fce54ee61ee0fa3e2fc56c9be5fbc4062c4
GET /img/b/R29vZ2xl/AVvXsEhZAodr-Xj8m4Vr_DFREkDLHKphwZBUB5pp8-GzkmPYiUJvhk4oGGCrKhAyxqGGX9PJQdEqU1kfVA92gEEbfPboU4_3bod41NzW5ZiQ6kLqddhxBJ9dlFelrABCCMQo1lW4_P44tfFCjDtvx86nwLcBwIE-Rs3OgvXeADSPRRU5OY1kz57NiDvBgjzr/w72-h72-p-k-no-nu/PSX_20220628_123409.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v985"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PSX_20220628_123409.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 3514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEileBGHbPjhnGZdNv88lc7BqkGiT8M4bffBoqa-21RgIuh91t_Ut5D_eu5a9Hv1JdGfjBMUKvPa00MhZN3Cbg0Avva5Ssz0-dNV4bCHrgJRj-J5abR476U3abMLRPX4Jkgte37ZkO2Bd3LiK9eRcZqzpwxP_N1tANlJgIsuAIrZ_OI-29V9Nu7LyQUL/w72-h72-p-k-no-nu/dixie%20and%20noah%20tape,%C2%A0istanforyou%20twitter,%C2%A0dixie%20an.jpg
142.250.74.33200 OK 3.0 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEileBGHbPjhnGZdNv88lc7BqkGiT8M4bffBoqa-21RgIuh91t_Ut5D_eu5a9Hv1JdGfjBMUKvPa00MhZN3Cbg0Avva5Ssz0-dNV4bCHrgJRj-J5abR476U3abMLRPX4Jkgte37ZkO2Bd3LiK9eRcZqzpwxP_N1tANlJgIsuAIrZ_OI-29V9Nu7LyQUL/w72-h72-p-k-no-nu/dixie%20and%20noah%20tape,%C2%A0istanforyou%20twitter,%C2%A0dixie%20an.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 009f6ef4093fe639979368d8c850435a
a4a1f72e535ee34037f29e0555c0b2946fd446ff
bc6c41a6d49a190b7e73e8077e3269f39f6a32c9b3b9086f3c829c676470a16a
GET /img/b/R29vZ2xl/AVvXsEileBGHbPjhnGZdNv88lc7BqkGiT8M4bffBoqa-21RgIuh91t_Ut5D_eu5a9Hv1JdGfjBMUKvPa00MhZN3Cbg0Avva5Ssz0-dNV4bCHrgJRj-J5abR476U3abMLRPX4Jkgte37ZkO2Bd3LiK9eRcZqzpwxP_N1tANlJgIsuAIrZ_OI-29V9Nu7LyQUL/w72-h72-p-k-no-nu/dixie%20and%20noah%20tape,%C2%A0istanforyou%20twitter,%C2%A0dixie%20an.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1427"
expires: Thu, 29 Sep 2022 18:04:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dixie and noah tape,_istanforyou twitter,_dixie an.jpg";filename*=UTF-8''dixie%20and%20noah%20tape%2C%C2%A0istanforyou%20twitter%2C%C2%A0dixie%20an.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:04:50 GMT
server: fife
content-length: 3026
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 73127
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220922/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Tue, 27 Sep 2022 21:21:01 GMT
expires: Tue, 11 Oct 2022 21:21:01 GMT
cache-control: public, max-age=1209600
age: 74629
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 72886
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 72952
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:22:11 GMT
age: 45759
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37fcf410bb9951782acae9ceb2f84acb
de416225b5e0bc116a94751ffa67f0dcec613b41
cff8aaed55f656f990d5f28783cc57283aa82ed7b0944e18a60b1055c40cd53a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFF8AAED55F656F990D5F28783CC57283AA82ED7B0944E18A60B1055C40CD53A"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9580
Expires: Wed, 28 Sep 2022 20:44:30 GMT
Date: Wed, 28 Sep 2022 18:04:50 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:39:01 GMT
age: 73549
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cobweblockerdiana.com/cac0a481ba7d925fb072bb0c449de3f8/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 cobweblockerdiana.com/cac0a481ba7d925fb072bb0c449de3f8/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Hash 8d17f67b02fddbf0706e491f14ad0973
96034117e289fe71e68183e722acbdacb34be3d9
9b2541fb7c48c828b4c6b41e3625955b0f5d6309cfeff12aab55ddcc918d0cbd
Analyzer Verdict Alert quad9 Sinkholed
GET /cac0a481ba7d925fb072bb0c449de3f8/invoke.js HTTP/1.1
Host: cobweblockerdiana.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5045e60643293f4697a1d9807ff8b24c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-RH7G991JDR>m=2oe9q0&_p=699871973&cid=2129231574.1664388288&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664388287&sct=1&seg=0&dl=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&dt=IKONE%20VIDEO%C2%A0%E2%80%A2%C2%A0LACAZETTE%20VIDEO%C2%A0%E2%80%A2%C2%A0IKONE%20FIORENTINA%20%E3%80%8A%20Video%20of%20Ikone%20trumpeting%20one%20at%20the%20table%20%E3%80%8B&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-RH7G991JDR>m=2oe9q0&_p=699871973&cid=2129231574.1664388288&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664388287&sct=1&seg=0&dl=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&dt=IKONE%20VIDEO%C2%A0%E2%80%A2%C2%A0LACAZETTE%20VIDEO%C2%A0%E2%80%A2%C2%A0IKONE%20FIORENTINA%20%E3%80%8A%20Video%20of%20Ikone%20trumpeting%20one%20at%20the%20table%20%E3%80%8B&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RH7G991JDR>m=2oe9q0&_p=699871973&cid=2129231574.1664388288&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664388287&sct=1&seg=0&dl=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&dt=IKONE%20VIDEO%C2%A0%E2%80%A2%C2%A0LACAZETTE%20VIDEO%C2%A0%E2%80%A2%C2%A0IKONE%20FIORENTINA%20%E3%80%8A%20Video%20of%20Ikone%20trumpeting%20one%20at%20the%20table%20%E3%80%8B&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://worldnewsdailypost.blogspot.com
date: Wed, 28 Sep 2022 18:04:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f9b485cf94d88ef8c835c0f1a9dd397
07ef0ce794ab8cd9f0b1564c5f2ac4acb18f8f83
b396d74e533e944041f2737e98f2c872f772bd19a328cfac562f28c82438a1fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=worldnewsdailypost.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=worldnewsdailypost.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=worldnewsdailypost.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 28 Sep 2022 18:04:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=worldnewsdailypost.blogspot.com&callback=_gfp_s_&client=ca-pub-4577867556436510
172.217.21.162200 OK 201 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=worldnewsdailypost.blogspot.com&callback=_gfp_s_&client=ca-pub-4577867556436510
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 8cd48001a123812735fe8ec13750a4c8
826e9c7ceea41b40e8c8b40d82cf871a03769e1d
21b7b614ad70fa8f2f2637388d4a996f557199a08bb8a78c59a108d4065e49d2
GET /gampad/cookie.js?domain=worldnewsdailypost.blogspot.com&callback=_gfp_s_&client=ca-pub-4577867556436510 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 28 Sep 2022 18:04:50 GMT
server: cafe
cache-control: private
content-length: 201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=worldnewsdailypost.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=worldnewsdailypost.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=worldnewsdailypost.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 28 Sep 2022 18:04:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cobweblockerdiana.com/a2/5a/90/a25a90ff278df2963dda4eb698c56729.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 cobweblockerdiana.com/a2/5a/90/a25a90ff278df2963dda4eb698c56729.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37112), with no line terminators
Hash 38a8dd52ac13371f6b3e530e117c95d6
b31eb7889cf7fafa3edd8378ada083b02555a2a5
e57c9b3928887d514e3a7948329ec67b5a91142d2c328e3a960e963e37594b07
Analyzer Verdict Alert quad9 Sinkholed
GET /a2/5a/90/a25a90ff278df2963dda4eb698c56729.js HTTP/1.1
Host: cobweblockerdiana.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcea65f04881205a99eb64060f32fd91
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 206ea7aa64e57846d979b536a18647c1
a28a4f2f78207656be5b7dc36f7d02b020e71004
63537d84ee2aafee3691134661910479f563bd159a266ef5260b0a09d2facd6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cobweblockerdiana.com/2e/49/73/2e497349d9569f870bb05429d26ec46e.js
192.243.59.20200 OK 20 kB URL HTTP/1.1 cobweblockerdiana.com/2e/49/73/2e497349d9569f870bb05429d26ec46e.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59377), with no line terminators
Hash ba3fba1ac443360720a33bceea19d8be
76070eedb8a6de9205791cc44e3bb249aa43a5c8
b876a65e7dc5fbf87cee5ce5b84d5f187f82b94c9e3e3dd377f54a075ef9125e
Analyzer Verdict Alert quad9 Sinkholed
GET /2e/49/73/2e497349d9569f870bb05429d26ec46e.js HTTP/1.1
Host: cobweblockerdiana.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9ac9417665496512b6eb9f08520fd5b2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=G-RH7G991JDR
142.250.74.72200 OK 346 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RH7G991JDR
IP 142.250.74.72:0
Hash 2917b8abe74403bc4f20b2eed1ac39a2
8421735ad0b1729a0f3467a5fb0fe06db7a6a5fc
6389a79fa621d32138dab9c0fab190c515288ef534b023cc909a156979fcef39
GET /gtag/js?id=G-RH7G991JDR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 18:04:50 GMT
expires: Wed, 28 Sep 2022 18:04:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75453
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data
Hash 7fbdfaab6bd8b191496ffe1ef1b9e748
e9e592f8498d489d8000f3a4cfb1bb447f251edd
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:44:30 GMT
expires: Thu, 21 Sep 2023 19:44:30 GMT
cache-control: public, max-age=31536000
age: 598820
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3abd787e77629e21daa6606aeae67118
18be3a2080869ae7cde7053504d2ed5188406fda
bb630a804424bd198b8b534ab48c40a42c7b9e3996676523aaab0d8e0e3b1233
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:50 GMT
Last-Modified: Wed, 28 Sep 2022 17:43:17 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
cobweblockerdiana.com/c6522261d621d8ab2326db1435591bdf/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 cobweblockerdiana.com/c6522261d621d8ab2326db1435591bdf/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 4bfa128a950be555c8b17fb2dccc6d68
c5241891b7e25ba7bb4d83d063b34794c686001e
9ece507c63e1afe667de8c287703becdf2f02ffcf3761013aef85ce9a6426134
Analyzer Verdict Alert quad9 Sinkholed
GET /c6522261d621d8ab2326db1435591bdf/invoke.js HTTP/1.1
Host: cobweblockerdiana.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ec1e5129410fd3356b1f21a24d825c5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash a3ab32bfe3fc350799dc384a60ef5233
1a1bdc4728ea52b7f08d3254bc2fb7efa02b8e27
6ea75c012bad84915e73a51795e2ce16be3647cd1472f5751e3d841ffc4fa8e3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:04:50 GMT
Last-Modified: Wed, 28 Sep 2022 16:31:44 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mTK0J6IKOLFSpQFKdjhC06tNTNVmki-5sXgWQj7qKQhzKyOFUepWDw==
Age: 5586
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash a3ab32bfe3fc350799dc384a60ef5233
1a1bdc4728ea52b7f08d3254bc2fb7efa02b8e27
6ea75c012bad84915e73a51795e2ce16be3647cd1472f5751e3d841ffc4fa8e3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:04:50 GMT
Last-Modified: Wed, 28 Sep 2022 17:05:58 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bP3IbQzPXZMtxdfTqWL7WgFMyBjbSouFvrXwDSwHz5VjrDaTd9iJuA==
Age: 3532
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 990efec5ff657a9eb363af9bdd272ef6
0f3f80e3eb504d5ae9181e29dff92acab7fc3aad
9d0d23670542fa93181c038824048eabddfc19a40b2f3c5afcfd8ce86f961289
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://worldnewsdailypost.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=64304021-3f7e-4208-8357-37de966efe56:2:1; expires=Sat, 25 Sep 2032 18:04:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 706cbc9e17ef08c45f07f1631d23748c
198bb9b59d909453f492062caadb7e6604c6d0de
5caa396bb0d3428b68f972987ddc13f4739c78130ef44d77345f8d94e169c16f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://worldnewsdailypost.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=cdc3067e-5cc8-4e29-8a0a-bab3f6c6043f:3:1; expires=Sat, 25 Sep 2032 18:04:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 89e79a3791d3420a5bccf984e1cd2f70
6aeb1d796e87b7313735cb1d9338fda8e37ccd95
65adec0186bb46a2437b73a0605cf15c75ab9ed1fcf2ce2d4afef932ee881cb9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://worldnewsdailypost.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=ac52f329-02ec-47cd-8837-969dbbcc60c2:3:1; expires=Sat, 25 Sep 2032 18:04:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash a3ab32bfe3fc350799dc384a60ef5233
1a1bdc4728ea52b7f08d3254bc2fb7efa02b8e27
6ea75c012bad84915e73a51795e2ce16be3647cd1472f5751e3d841ffc4fa8e3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:04:51 GMT
Last-Modified: Wed, 28 Sep 2022 16:44:46 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h-OsgnAtBfZRV-W6CwGhZnjlCmYplr_MmY0-8equKxmHYbyhh5glnw==
Age: 4806
creepingbrings.com/sfp.js
172.64.199.30200 OK 28 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.199.30:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash f3cb6f9050a0fe3278d645243f2bf7e5
b0867d6506d4e68a4e7fd058e88b1f58b793defa
46789c32089cc43df08ac91dd4f9eab9ee389fc5ecb9bfa2c9933c2ee27b32de
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:51 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 27f95c5d1859cea4fd0a38e6ccd6a1f0
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 18:04:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnB7vPXpXqA6lEIKD0sSM%2F4JnOVuCoQQBgmQwczYJcVgsDAqchpJsEyMlPELVCXC0ld%2Fkk9KEqiMOFryGH05zCS8Ri5tHubuSwpmgHlizavR4pVepHfAaXJVinkWNhfaeku6dyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676278b0405d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3abd787e77629e21daa6606aeae67118
18be3a2080869ae7cde7053504d2ed5188406fda
bb630a804424bd198b8b534ab48c40a42c7b9e3996676523aaab0d8e0e3b1233
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1294
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:51 GMT
Last-Modified: Wed, 28 Sep 2022 17:43:17 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash fb2198fb4e93e4e7a1154ddba47bfd53
495082d4be8ddc16deee6ed4dcd97e581a33cb14
e2706d0ef031c48bf8cbec65d8ca186fa0b165825b53be920f1d62bf2732ae9b
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://worldnewsdailypost.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=d55a5f4c-f3a2-4342-8d69-c456fbdeedec:3:1; expires=Sat, 25 Sep 2032 18:04:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a4cc9dff3fc23e0499a7480bc46bf002
ff8b7cbace4897590d4abcfd541493140ea69a84
1139b669dfc02ff54abb4e41d17931f171a7e08e2ef88ae0b8a82f0803bcb352
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1139B669DFC02FF54ABB4E41D17931F171A7E08E2EF88AE0B8A82F0803BCB352"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5106
Expires: Wed, 28 Sep 2022 19:29:57 GMT
Date: Wed, 28 Sep 2022 18:04:51 GMT
Connection: keep-alive
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 18:04:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+971; expires=Fri, 27-Sep-2024 18:04:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 18:04:51 GMT
cache-control: private
X-Firefox-Spdy: h2
peeredgerman.com/pixel/purst?dl=0&th=0&sc=0&rs=3076&rd=3076&fd=736&bv=22.8.v.1&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/purst?dl=0&th=0&sc=0&rs=3076&rd=3076&fd=736&bv=22.8.v.1&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3076&rd=3076&fd=736&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i9.ytimg.com/vi_blogger/q-2J1ZTtCRo/1.jpg?sqp=CMKZ0pkGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3n0shTzMEfbSk0d76Cwc70XoOhL9g
142.250.74.110200 OK 2.5 kB URL HTTP/2 i9.ytimg.com/vi_blogger/q-2J1ZTtCRo/1.jpg?sqp=CMKZ0pkGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3n0shTzMEfbSk0d76Cwc70XoOhL9g
IP 142.250.74.110:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 38d9584d6144adbc22200830b877c31a
eabc097ae575c10dd7fb67f78dd4f1b3d827612d
ca009b25a182a9088b64c8ca786fbf5e29f12bd2dd3bc5bb2f88f4743e65cdb0
GET /vi_blogger/q-2J1ZTtCRo/1.jpg?sqp=CMKZ0pkGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3n0shTzMEfbSk0d76Cwc70XoOhL9g HTTP/1.1
Host: i9.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2494
date: Wed, 28 Sep 2022 18:04:51 GMT
expires: Wed, 28 Sep 2022 18:04:51 GMT
cache-control: private, max-age=300
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1560
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 28 Sep 2022 18:04:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+172; expires=Fri, 27-Sep-2024 18:04:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 18:04:51 GMT
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 80585e7d4f1510898eeba1ae4175a6fc
a5a6a723aecc70bc2f23ff11d05b10838c3f557b
c0d82c824a37384777d1493508b45b05f5286b3a8366377b43db8f0f84fc0eb8
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 18:04:51 GMT
date: Wed, 28 Sep 2022 18:04:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a639a098e3f2b467170241fe45eb7e11
b0b6130a1604bdab5c52c29b3bc51fbb88e3fb46
8ac9518337c9cb7bffc3e305500964a889bd9379461eb7e0d8d8febbc0a69491
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AC9518337C9CB7BFFC3E305500964A889BD9379461EB7E0D8D8FEBBC0A69491"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16400
Expires: Wed, 28 Sep 2022 22:38:11 GMT
Date: Wed, 28 Sep 2022 18:04:51 GMT
Connection: keep-alive
peeredgerman.com/sbar.json?key=a25a90ff278df2963dda4eb698c56729
173.233.139.164200 OK 4.1 kB URL HTTP/1.1 peeredgerman.com/sbar.json?key=a25a90ff278df2963dda4eb698c56729
IP 173.233.139.164:0
File type JSON data\012- , ASCII text, with very long lines (5698), with no line terminators
Hash 23fdc26f3aa1f13962a61161afd230a2
59b6c8c7f8df2182d022550d7010a5b9ea1e6b6f
73cf6d96bc2198fe6465227fa73aebc201777733d8d050c2038533942c6d5f02
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a25a90ff278df2963dda4eb698c56729 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:51 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Origin: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17194685; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
uncs=1; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
sleca25a90ff278df2963dda4eb698c56729=[3692935]; expires=Wed, 28 Sep 2022 18:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2351c723e3df6232cba36d7aa5dd6dde
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0bba621f49f6dbf2dc9e9102fa1d2805
30a04451a5c5782da94e5f0fce737bfd22b43bd8
912e644f506d721b61cf3c6b5f7c30297a93144b6216afbc1a82ef3b86afbc80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "912E644F506D721B61CF3C6B5F7C30297A93144B6216AFBC1A82EF3B86AFBC80"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6488
Expires: Wed, 28 Sep 2022 19:52:59 GMT
Date: Wed, 28 Sep 2022 18:04:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 52e922e1b9d837f5311cf4ce769a9ae3
5ad1086ea98d07e3e52be082e850dbb594843369
99184f0b944373af3a56e61fc633d1b9bb72795a1a8074292e9d4b961f9a46bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99184F0B944373AF3A56E61FC633D1B9BB72795A1A8074292E9D4B961F9A46BC"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8577
Expires: Wed, 28 Sep 2022 20:27:48 GMT
Date: Wed, 28 Sep 2022 18:04:51 GMT
Connection: keep-alive
peeredgerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebfL7IQEXUC6IFvmCBBJydtfO2qaHihBSRYSmtCDgApqdGTtDZndWMztex1wiiqAHDuYbbB4njYCqgg%2FQUtmVQIqEVHMKEpE48QGQeuCE7EYYXmn0vs88z%2BF5%2F3y%2B706JD0dP1t7SfakUXV6p%2BpWX3g%2BCi5VNmbpepdeMPorqFyum%2B2orqvovVy4LtqOXQz%2Fw%2FcAPKuvSiLbuLU9JyOx2K6i2%2FGo9rAYrdfTMf7F1Hiz1wLun5FlIPll84C1BshHS5Ls1YXdynb3yRuIUzbVBlx%2B9m%2B6kukiRzMu28dBOj87U0Pbh%2Bj3o9HBmF7r7jzCWE%2BL9eA9xenRmEnH3YOYzVhApYv4Uiu4IQo0g6QhM34DkDwnAOK5sIU1uXdGmoLuPWTplJ2Tx0Z%2BQxYQs%2FraENLmzqmSvcl0rl0udWvTaJWRvBNkZIXNj5P1zkMUYLP8Ukv9Mlh9tIk0OtqzSkLyc9S7lCLI9ghIDUOvBTZ%2F04NoeXOYh4ScVFgRBw%2BeM%2Bs0WYzXeEHHE%2FYA22gEN%2FKgJx6b2BsizAZgagJk9ZGYPO3IA4%2B7Dbpew3IPNJ8R7ew9dXqIQBIUlKChBIQmKnKDolodc2dCWt7iyLg7OcniWa%2BVQ5519eqjzjkjJfnZKnpnOxfv%2Fh3exI04qNFyhLb%2FdDhtN3g5bUY1zWhdx1GqylagRtmBlCWnPzVrtywk5%2F%2FwfyOSEPPG%2FnxDTMawag8nzoO4CaDFshD7o9rDe9NFPfyi0UTwVheVUqt1M27waK92xmc6rTCfgukSWLyLf9fbVKXlutrLmB19AsONLn%2FV%2Fv3xn6RMwUyIzJT6WDwg66ubwmi7IwTVdWPL9VpbLRPbpdJ3Xc5qLhW%2FeFLuFNnxjzQ6%2Bfo1NiWl5%2Bx1h802acpl2LPl2VXIuzLo2TJC7G%2FY9EV91dnvVmdRlm1dfX99IMiOslTodgU4v8%2BkXweSEPLn41%2BxSL%2Fx6H9KMYFyJxB2Ts4DUY7BsDzab%2B7d6AUbNNXHmoXDl0ITx%2FFNJAiXmmMYl7L9wPK%2F37U10zAug%2BQ2kSYmuKdFVJagawLqFYZ6Z40u%2F1GaBWHnDWBnvIFZGffV4uFaeVBq1mk%2Bj1krQaFDRiOthsx0FnNKwHoVRRGvI7YTVvxz%2FDQAA%2F%2F8BAAD%2F%2Fzrs7jZ0BAAA
173.233.139.164200 OK 7 B URL HTTP/1.1 peeredgerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebfL7IQEXUC6IFvmCBBJydtfO2qaHihBSRYSmtCDgApqdGTtDZndWMztex1wiiqAHDuYbbB4njYCqgg%2FQUtmVQIqEVHMKEpE48QGQeuCE7EYYXmn0vs88z%2BF5%2F3y%2B706JD0dP1t7SfakUXV6p%2BpWX3g%2BCi5VNmbpepdeMPorqFyum%2B2orqvovVy4LtqOXQz%2Fw%2FcAPKuvSiLbuLU9JyOx2K6i2%2FGo9rAYrdfTMf7F1Hiz1wLun5FlIPll84C1BshHS5Ls1YXdynb3yRuIUzbVBlx%2B9m%2B6kukiRzMu28dBOj87U0Pbh%2Bj3o9HBmF7r7jzCWE%2BL9eA9xenRmEnH3YOYzVhApYv4Uiu4IQo0g6QhM34DkDwnAOK5sIU1uXdGmoLuPWTplJ2Tx0Z%2BQxYQs%2FraENLmzqmSvcl0rl0udWvTaJWRvBNkZIXNj5P1zkMUYLP8Ukv9Mlh9tIk0OtqzSkLyc9S7lCLI9ghIDUOvBTZ%2F04NoeXOYh4ScVFgRBw%2BeM%2Bs0WYzXeEHHE%2FYA22gEN%2FKgJx6b2BsizAZgagJk9ZGYPO3IA4%2B7Dbpew3IPNJ8R7ew9dXqIQBIUlKChBIQmKnKDolodc2dCWt7iyLg7OcniWa%2BVQ5519eqjzjkjJfnZKnpnOxfv%2Fh3exI04qNFyhLb%2FdDhtN3g5bUY1zWhdx1GqylagRtmBlCWnPzVrtywk5%2F%2FwfyOSEPPG%2FnxDTMawag8nzoO4CaDFshD7o9rDe9NFPfyi0UTwVheVUqt1M27waK92xmc6rTCfgukSWLyLf9fbVKXlutrLmB19AsONLn%2FV%2Fv3xn6RMwUyIzJT6WDwg66ubwmi7IwTVdWPL9VpbLRPbpdJ3Xc5qLhW%2FeFLuFNnxjzQ6%2Bfo1NiWl5%2Bx1h802acpl2LPl2VXIuzLo2TJC7G%2FY9EV91dnvVmdRlm1dfX99IMiOslTodgU4v8%2BkXweSEPLn41%2BxSL%2Fx6H9KMYFyJxB2Ts4DUY7BsDzab%2B7d6AUbNNXHmoXDl0ITx%2FFNJAiXmmMYl7L9wPK%2F37U10zAug%2BQ2kSYmuKdFVJagawLqFYZ6Z40u%2F1GaBWHnDWBnvIFZGffV4uFaeVBq1mk%2Bj1krQaFDRiOthsx0FnNKwHoVRRGvI7YTVvxz%2FDQAA%2F%2F8BAAD%2F%2Fzrs7jZ0BAAA
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebfL7IQEXUC6IFvmCBBJydtfO2qaHihBSRYSmtCDgApqdGTtDZndWMztex1wiiqAHDuYbbB4njYCqgg%2FQUtmVQIqEVHMKEpE48QGQeuCE7EYYXmn0vs88z%2BF5%2F3y%2B706JD0dP1t7SfakUXV6p%2BpWX3g%2BCi5VNmbpepdeMPorqFyum%2B2orqvovVy4LtqOXQz%2Fw%2FcAPKuvSiLbuLU9JyOx2K6i2%2FGo9rAYrdfTMf7F1Hiz1wLun5FlIPll84C1BshHS5Ls1YXdynb3yRuIUzbVBlx%2B9m%2B6kukiRzMu28dBOj87U0Pbh%2Bj3o9HBmF7r7jzCWE%2BL9eA9xenRmEnH3YOYzVhApYv4Uiu4IQo0g6QhM34DkDwnAOK5sIU1uXdGmoLuPWTplJ2Tx0Z%2BQxYQs%2FraENLmzqmSvcl0rl0udWvTaJWRvBNkZIXNj5P1zkMUYLP8Ukv9Mlh9tIk0OtqzSkLyc9S7lCLI9ghIDUOvBTZ%2F04NoeXOYh4ScVFgRBw%2BeM%2Bs0WYzXeEHHE%2FYA22gEN%2FKgJx6b2BsizAZgagJk9ZGYPO3IA4%2B7Dbpew3IPNJ8R7ew9dXqIQBIUlKChBIQmKnKDolodc2dCWt7iyLg7OcniWa%2BVQ5519eqjzjkjJfnZKnpnOxfv%2Fh3exI04qNFyhLb%2FdDhtN3g5bUY1zWhdx1GqylagRtmBlCWnPzVrtywk5%2F%2FwfyOSEPPG%2FnxDTMawag8nzoO4CaDFshD7o9rDe9NFPfyi0UTwVheVUqt1M27waK92xmc6rTCfgukSWLyLf9fbVKXlutrLmB19AsONLn%2FV%2Fv3xn6RMwUyIzJT6WDwg66ubwmi7IwTVdWPL9VpbLRPbpdJ3Xc5qLhW%2FeFLuFNnxjzQ6%2Bfo1NiWl5%2Bx1h802acpl2LPl2VXIuzLo2TJC7G%2FY9EV91dnvVmdRlm1dfX99IMiOslTodgU4v8%2BkXweSEPLn41%2BxSL%2Fx6H9KMYFyJxB2Ts4DUY7BsDzab%2B7d6AUbNNXHmoXDl0ITx%2FFNJAiXmmMYl7L9wPK%2F37U10zAug%2BQ2kSYmuKdFVJagawLqFYZ6Z40u%2F1GaBWHnDWBnvIFZGffV4uFaeVBq1mk%2Bj1krQaFDRiOthsx0FnNKwHoVRRGvI7YTVvxz%2FDQAA%2F%2F8BAAD%2F%2Fzrs7jZ0BAAA HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17194685; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca25a90ff278df2963dda4eb698c56729=[3692935]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:51 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4b868a28b484468899000c1a49a4f10
Strict-Transport-Security: max-age=0; includeSubdomains
specificationheadless.com/ntv.json?key=cac0a481ba7d925fb072bb0c449de3f8&vstc=4
192.243.59.20200 OK 17 kB URL HTTP/1.1 specificationheadless.com/ntv.json?key=cac0a481ba7d925fb072bb0c449de3f8&vstc=4
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16981), with no line terminators
Hash e095fb6c57b0ce11410dbe236a4533e7
2c6b7d469f3afef10fcc4bf41ca00126869fd839
21beaeb524c2918b8cdf7a3aaaea080791dc2a0d793294cdb33f302185002423
GET /ntv.json?key=cac0a481ba7d925fb072bb0c449de3f8&vstc=4 HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:51 GMT
Content-Type: application/json
Content-Length: 16981
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Origin: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17189534; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
uncs=1; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 29 Sep 2022 18:04:51 GMT; secure; SameSite=None
nleccac0a481ba7d925fb072bb0c449de3f8=[2229213,2229214,2106764]; expires=Wed, 28 Sep 2022 18:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7504483663cc901c28eef78ffd735325
Strict-Transport-Security: max-age=0; includeSubdomains
varietiesplea.com/watch.1608374450694.js?key=c6522261d621d8ab2326db1435591bdf&kw=%5B%22ikone%22%2C%22video%C2%A0%E2%80%A2%C2%A0lacazette%22%2C%22video%C2%A0%E2%80%A2%C2%A0ikone%22%2C%22fiorentina%22%2C%22%E3%80%8A%22%2C%22video%22%2C%22of%22%2C%22ikone%22%2C%22trumpeting%22%2C%22one%22%2C%22at%22%2C%22the%22%2C%22table%22%2C%22%E3%80%8B%22%5D&refer=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&tz=0&dev=r&res=12.31&uuid=ac52f329-02ec-47cd-8837-969dbbcc60c2%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 varietiesplea.com/watch.1608374450694.js?key=c6522261d621d8ab2326db1435591bdf&kw=%5B%22ikone%22%2C%22video%C2%A0%E2%80%A2%C2%A0lacazette%22%2C%22video%C2%A0%E2%80%A2%C2%A0ikone%22%2C%22fiorentina%22%2C%22%E3%80%8A%22%2C%22video%22%2C%22of%22%2C%22ikone%22%2C%22trumpeting%22%2C%22one%22%2C%22at%22%2C%22the%22%2C%22table%22%2C%22%E3%80%8B%22%5D&refer=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&tz=0&dev=r&res=12.31&uuid=ac52f329-02ec-47cd-8837-969dbbcc60c2%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1608374450694.js?key=c6522261d621d8ab2326db1435591bdf&kw=%5B%22ikone%22%2C%22video%C2%A0%E2%80%A2%C2%A0lacazette%22%2C%22video%C2%A0%E2%80%A2%C2%A0ikone%22%2C%22fiorentina%22%2C%22%E3%80%8A%22%2C%22video%22%2C%22of%22%2C%22ikone%22%2C%22trumpeting%22%2C%22one%22%2C%22at%22%2C%22the%22%2C%22table%22%2C%22%E3%80%8B%22%5D&refer=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&tz=0&dev=r&res=12.31&uuid=ac52f329-02ec-47cd-8837-969dbbcc60c2%3A3%3A1 HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Origin: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://varietiesplea.com/watch.1608374450694.js?key=c6522261d621d8ab2326db1435591bdf&kw=%5B%22ikone%22%2C%22video%C2%A0%E2%80%A2%C2%A0lacazette%22%2C%22video%C2%A0%E2%80%A2%C2%A0ikone%22%2C%22fiorentina%22%2C%22%E3%80%8A%22%2C%22video%22%2C%22of%22%2C%22ikone%22%2C%22trumpeting%22%2C%22one%22%2C%22at%22%2C%22the%22%2C%22table%22%2C%22%E3%80%8B%22%5D&refer=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&tz=0&dev=r&res=12.31&uuid=ac52f329-02ec-47cd-8837-969dbbcc60c2%3A3%3A1&shu=b813e03ec37e3bee9251e3a9b84aee527d99c8f0170dbadb1b26cd5d98e219faaee89525b38ffbdecda3a39397fdab4efec26d0b5e27d877b533b24bdc8894fdc735f050f42cbb036c95b0b5ee417919cd6943c7e625010b5efec40e82a29860&pst=1664388352&rmtc=t
Set-Cookie: u_pl=17201160; expires=Thu, 29 Sep 2022 18:04:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIwMTE2MCwiayI6ImM2NTIyMjYxZDYyMWQ4YWIyMzI2ZGIxNDM1NTkxYmRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQyMTUxLCJwaWQiOjQ2MDIzMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoidTQ2NXJ4YXpjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dvcmxkbmV3c2RhaWx5cG9zdC5ibG9nc3BvdC5jb20vMjAyMi8wOS9pa29uZS12aWRlb2xhY2F6ZXR0ZS12aWRlb2lrb25lLmh0bWwifX0.nrdxBF4M5UfQM0QUhIJuvzS2czIvIqvldmmC3EoLj0E; expires=Wed, 28 Sep 2022 18:05:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 688911a55acaf70a9be8fcb315443eab
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8922bb2afef011b57f15e5bf8e5a2bea
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60eb1758175320a24926288a2b33cd16
014fffa4ecc7c98c2753e9667bc972527a6c5c17
d744b389b51cbfd427e404f20921da0863330fa9d9c176c7c7d4b6df6e48eb52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D744B389B51CBFD427E404F20921DA0863330FA9D9C176C7C7D4B6DF6E48EB52"
Last-Modified: Tue, 27 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Wed, 28 Sep 2022 19:53:03 GMT
Date: Wed, 28 Sep 2022 18:04:52 GMT
Connection: keep-alive
varietiesplea.com/watch.1608374450694.js?key=c6522261d621d8ab2326db1435591bdf&kw=%5B%22ikone%22%2C%22video%C2%A0%E2%80%A2%C2%A0lacazette%22%2C%22video%C2%A0%E2%80%A2%C2%A0ikone%22%2C%22fiorentina%22%2C%22%E3%80%8A%22%2C%22video%22%2C%22of%22%2C%22ikone%22%2C%22trumpeting%22%2C%22one%22%2C%22at%22%2C%22the%22%2C%22table%22%2C%22%E3%80%8B%22%5D&refer=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&tz=0&dev=r&res=12.31&uuid=ac52f329-02ec-47cd-8837-969dbbcc60c2%3A3%3A1&shu=b813e03ec37e3bee9251e3a9b84aee527d99c8f0170dbadb1b26cd5d98e219faaee89525b38ffbdecda3a39397fdab4efec26d0b5e27d877b533b24bdc8894fdc735f050f42cbb036c95b0b5ee417919cd6943c7e625010b5efec40e82a29860&pst=1664388352&rmtc=t
173.233.139.164200 OK 2.0 kB URL HTTP/1.1 varietiesplea.com/watch.1608374450694.js?key=c6522261d621d8ab2326db1435591bdf&kw=%5B%22ikone%22%2C%22video%C2%A0%E2%80%A2%C2%A0lacazette%22%2C%22video%C2%A0%E2%80%A2%C2%A0ikone%22%2C%22fiorentina%22%2C%22%E3%80%8A%22%2C%22video%22%2C%22of%22%2C%22ikone%22%2C%22trumpeting%22%2C%22one%22%2C%22at%22%2C%22the%22%2C%22table%22%2C%22%E3%80%8B%22%5D&refer=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&tz=0&dev=r&res=12.31&uuid=ac52f329-02ec-47cd-8837-969dbbcc60c2%3A3%3A1&shu=b813e03ec37e3bee9251e3a9b84aee527d99c8f0170dbadb1b26cd5d98e219faaee89525b38ffbdecda3a39397fdab4efec26d0b5e27d877b533b24bdc8894fdc735f050f42cbb036c95b0b5ee417919cd6943c7e625010b5efec40e82a29860&pst=1664388352&rmtc=t
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (2440)
Hash ed177f6876d3976fd19e4367db04b1a7
4948bd2570ee808790ac07e4b586ff3eb1cb1d87
d2db6b0cd443d6eca234150b9734c9b036c24a7997eefc87e3d4259aa21727b4
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1608374450694.js?key=c6522261d621d8ab2326db1435591bdf&kw=%5B%22ikone%22%2C%22video%C2%A0%E2%80%A2%C2%A0lacazette%22%2C%22video%C2%A0%E2%80%A2%C2%A0ikone%22%2C%22fiorentina%22%2C%22%E3%80%8A%22%2C%22video%22%2C%22of%22%2C%22ikone%22%2C%22trumpeting%22%2C%22one%22%2C%22at%22%2C%22the%22%2C%22table%22%2C%22%E3%80%8B%22%5D&refer=https%3A%2F%2Fworldnewsdailypost.blogspot.com%2F2022%2F09%2Fikone-videolacazette-videoikone.html&tz=0&dev=r&res=12.31&uuid=ac52f329-02ec-47cd-8837-969dbbcc60c2%3A3%3A1&shu=b813e03ec37e3bee9251e3a9b84aee527d99c8f0170dbadb1b26cd5d98e219faaee89525b38ffbdecda3a39397fdab4efec26d0b5e27d877b533b24bdc8894fdc735f050f42cbb036c95b0b5ee417919cd6943c7e625010b5efec40e82a29860&pst=1664388352&rmtc=t HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Referer: https://worldnewsdailypost.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17201160; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIwMTE2MCwiayI6ImM2NTIyMjYxZDYyMWQ4YWIyMzI2ZGIxNDM1NTkxYmRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQyMTUxLCJwaWQiOjQ2MDIzMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoidTQ2NXJ4YXpjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dvcmxkbmV3c2RhaWx5cG9zdC5ibG9nc3BvdC5jb20vMjAyMi8wOS9pa29uZS12aWRlb2xhY2F6ZXR0ZS12aWRlb2lrb25lLmh0bWwifX0.nrdxBF4M5UfQM0QUhIJuvzS2czIvIqvldmmC3EoLj0E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Origin: https://worldnewsdailypost.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=ac52f329-02ec-47cd-8837-969dbbcc60c2:3:1; expires=Wed, 05 Oct 2022 18:04:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 29 Sep 2022 18:04:52 GMT; secure; SameSite=None
uncs=1; expires=Thu, 29 Sep 2022 18:04:52 GMT; secure; SameSite=None
pdhtkv25=true; expires=Thu, 29 Sep 2022 18:04:52 GMT; secure; SameSite=None
uncs25=1; expires=Thu, 29 Sep 2022 18:04:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86bad6820e23089980512c9475f831eb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.barscreative1.com/sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html
45.133.44.3200 OK 1.1 kB URL HTTP/2 cdn.barscreative1.com/sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash e05361b195b199b45c435ac34e5e5f00
c3f8c6ee6fd31ec6879d815ed6b0cdd37300653f
3f52de73517fea2246be7174bcdda545e5d03cef69ef00dba1190feb520c8f27
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 08:56:26 GMT
etag: W/"6321973a-6ef"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 28 Sep 2022 19:04:52 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 042c38716faa379dfe35bfc0e350d539
f604c07161c10f251501fe5bf3ea534beb6ea865
2038294cc39316a8f13c431224609cd186f9e115b792f0b8f0f22f039c9d9ed8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NWk%2F0I3KbMQsGkFRkE5Vdac%2FnMVgjJFonIwziu7kfXXnmVf1ivequjpZRQdlFrPohRtdSOV0MsExiP4Ao3QPqASF9C6LyVbcKgwupdtgOxeKe06dszj33vfpbnZGfGT0dPkts620pguLFb%2F8wvtBcKm8puKsV%2B416x%2FUa5fKtvtyq17xXyy%2FLvmmWQj9wPcDPyivKCvbprcwEaGSw1ZQafmVWlgJFmvo2Qe5yzw46kF0z8hTUGJcuutdhOJDxNG3y9JtpiZ56bUo0zQ1Fl1x8G68GZs8RjSDbeuhHR%2Bcu2HcycoRTLw%2FjQvT%2Fc%2FI1Jh4Px2BxQfnIcG6e9OcTEPGYOJx5N0hpB5C0SG4uQElTgjABa6sI45uXzE2p1v%2FqnSijknp%2Fl9Q%2BZiU7l1EHH2zpFWvfN3oLFUmdui1C6jeEKozRJKNkG5fgMpH4OnHUOI3snB%2FDXG0t%2B60gRLFdHalhlDtIbTsgzoP2eRTHrK2hyzxEInTMg%2BCoOELTv1mi%2FOqaEhWF35AG%2B2ABn69iYxP4vWRJn1w3Qe3O0jsDjZVHzb7EW6jgBMeXDom3ts76IoCuSTIHUFOCXJFkKcEebfYF9qFrrgttMtYcN7D814tBibt7NJ9k3ZkTHaTM%2FLkZC%2Few298iU15WuaU%2B7TWDBhtiFa42GZ%2BI2TM57VaS8hquwmnCih3YTrqthqT%2BWd%2BR6LG5JGHfgajIzg9AlfzoFkAmg8aoQ%2B6Mag1fWzHP%2BTGahHL3Amq9FZiXFph2nRcYtIKNxGEKZCkJaRb3q4%2BI09PT%2Fbs3D1Ifnz5zvzho8Hzf4DbAokt8KG6S9DRNwfXTE72rpncke%2FWk1RFaptOznk9pamcu%2FOm3MqNFavLrv%2FVK3wiTODhO9KlazQWKu448vWSEkLaFWO5JN%2Bvuvcku5q5jaXMxlmydvXVldUosdI5ZeIhqDpZ%2FxtcjUnpo6PpO33i10%2Bg7BA2KxBlx%2BS8oMwIPNmBS2bpnZmD1TMPSzzkWTGwIZv91IpAyxmnrID7H2czvOtuomND0PQG4qhA1xbo6gJU9%2BGyxwZpYo8v%2F%2FL5pL4A06UB07a0x7TVn01XOybNuT8n6GxMys%2FdglOn5Ua16tN6azFoNKhssFrYbNcDQWlYq4f1Oq0idWNeuzX6BwAA%2F%2F8BAAD%2F%2F9PbVsmBBAAA
192.243.59.20200 OK 7 B URL HTTP/1.1 specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NWk%2F0I3KbMQsGkFRkE5Vdac%2FnMVgjJFonIwziu7kfXXnmVf1ivequjpZRQdlFrPohRtdSOV0MsExiP4Ao3QPqASF9C6LyVbcKgwupdtgOxeKe06dszj33vfpbnZGfGT0dPkts620pguLFb%2F8wvtBcKm8puKsV%2B416x%2FUa5fKtvtyq17xXyy%2FLvmmWQj9wPcDPyivKCvbprcwEaGSw1ZQafmVWlgJFmvo2Qe5yzw46kF0z8hTUGJcuutdhOJDxNG3y9JtpiZ56bUo0zQ1Fl1x8G68GZs8RjSDbeuhHR%2Bcu2HcycoRTLw%2FjQvT%2Fc%2FI1Jh4Px2BxQfnIcG6e9OcTEPGYOJx5N0hpB5C0SG4uQElTgjABa6sI45uXzE2p1v%2FqnSijknp%2Fl9Q%2BZiU7l1EHH2zpFWvfN3oLFUmdui1C6jeEKozRJKNkG5fgMpH4OnHUOI3snB%2FDXG0t%2B60gRLFdHalhlDtIbTsgzoP2eRTHrK2hyzxEInTMg%2BCoOELTv1mi%2FOqaEhWF35AG%2B2ABn69iYxP4vWRJn1w3Qe3O0jsDjZVHzb7EW6jgBMeXDom3ts76IoCuSTIHUFOCXJFkKcEebfYF9qFrrgttMtYcN7D814tBibt7NJ9k3ZkTHaTM%2FLkZC%2Few298iU15WuaU%2B7TWDBhtiFa42GZ%2BI2TM57VaS8hquwmnCih3YTrqthqT%2BWd%2BR6LG5JGHfgajIzg9AlfzoFkAmg8aoQ%2B6Mag1fWzHP%2BTGahHL3Amq9FZiXFph2nRcYtIKNxGEKZCkJaRb3q4%2BI09PT%2Fbs3D1Ifnz5zvzho8Hzf4DbAokt8KG6S9DRNwfXTE72rpncke%2FWk1RFaptOznk9pamcu%2FOm3MqNFavLrv%2FVK3wiTODhO9KlazQWKu448vWSEkLaFWO5JN%2Bvuvcku5q5jaXMxlmydvXVldUosdI5ZeIhqDpZ%2FxtcjUnpo6PpO33i10%2Bg7BA2KxBlx%2BS8oMwIPNmBS2bpnZmD1TMPSzzkWTGwIZv91IpAyxmnrID7H2czvOtuomND0PQG4qhA1xbo6gJU9%2BGyxwZpYo8v%2F%2FL5pL4A06UB07a0x7TVn01XOybNuT8n6GxMys%2FdglOn5Ua16tN6azFoNKhssFrYbNcDQWlYq4f1Oq0idWNeuzX6BwAA%2F%2F8BAAD%2F%2F9PbVsmBBAAA
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NWk%2F0I3KbMQsGkFRkE5Vdac%2FnMVgjJFonIwziu7kfXXnmVf1ivequjpZRQdlFrPohRtdSOV0MsExiP4Ao3QPqASF9C6LyVbcKgwupdtgOxeKe06dszj33vfpbnZGfGT0dPkts620pguLFb%2F8wvtBcKm8puKsV%2B416x%2FUa5fKtvtyq17xXyy%2FLvmmWQj9wPcDPyivKCvbprcwEaGSw1ZQafmVWlgJFmvo2Qe5yzw46kF0z8hTUGJcuutdhOJDxNG3y9JtpiZ56bUo0zQ1Fl1x8G68GZs8RjSDbeuhHR%2Bcu2HcycoRTLw%2FjQvT%2Fc%2FI1Jh4Px2BxQfnIcG6e9OcTEPGYOJx5N0hpB5C0SG4uQElTgjABa6sI45uXzE2p1v%2FqnSijknp%2Fl9Q%2BZiU7l1EHH2zpFWvfN3oLFUmdui1C6jeEKozRJKNkG5fgMpH4OnHUOI3snB%2FDXG0t%2B60gRLFdHalhlDtIbTsgzoP2eRTHrK2hyzxEInTMg%2BCoOELTv1mi%2FOqaEhWF35AG%2B2ABn69iYxP4vWRJn1w3Qe3O0jsDjZVHzb7EW6jgBMeXDom3ts76IoCuSTIHUFOCXJFkKcEebfYF9qFrrgttMtYcN7D814tBibt7NJ9k3ZkTHaTM%2FLkZC%2Few298iU15WuaU%2B7TWDBhtiFa42GZ%2BI2TM57VaS8hquwmnCih3YTrqthqT%2BWd%2BR6LG5JGHfgajIzg9AlfzoFkAmg8aoQ%2B6Mag1fWzHP%2BTGahHL3Amq9FZiXFph2nRcYtIKNxGEKZCkJaRb3q4%2BI09PT%2Fbs3D1Ifnz5zvzho8Hzf4DbAokt8KG6S9DRNwfXTE72rpncke%2FWk1RFaptOznk9pamcu%2FOm3MqNFavLrv%2FVK3wiTODhO9KlazQWKu448vWSEkLaFWO5JN%2Bvuvcku5q5jaXMxlmydvXVldUosdI5ZeIhqDpZ%2FxtcjUnpo6PpO33i10%2Bg7BA2KxBlx%2BS8oMwIPNmBS2bpnZmD1TMPSzzkWTGwIZv91IpAyxmnrID7H2czvOtuomND0PQG4qhA1xbo6gJU9%2BGyxwZpYo8v%2F%2FL5pL4A06UB07a0x7TVn01XOybNuT8n6GxMys%2FdglOn5Ua16tN6azFoNKhssFrYbNcDQWlYq4f1Oq0idWNeuzX6BwAA%2F%2F8BAAD%2F%2F9PbVsmBBAAA HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17189534; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleccac0a481ba7d925fb072bb0c449de3f8=[2229213,2229214,2106764]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbf8076f5fa8401c12c2c5133c14d2e5
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Fri, 30 Sep 2022 18:04:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Fri, 30 Sep 2022 18:04:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
45.133.44.9200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Fri, 30 Sep 2022 18:04:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10214
Expires: Wed, 28 Sep 2022 20:55:06 GMT
Date: Wed, 28 Sep 2022 18:04:52 GMT
Connection: keep-alive
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2F79%2Fb6%2F2979b6cd81afad6251e222515b2d8311%2F1663145782.html&l=1775&fd=425
173.233.139.164200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2F79%2Fb6%2F2979b6cd81afad6251e222515b2d8311%2F1663145782.html&l=1775&fd=425
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2F79%2Fb6%2F2979b6cd81afad6251e222515b2d8311%2F1663145782.html&l=1775&fd=425 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17194685; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca25a90ff278df2963dda4eb698c56729=[3692935]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10214
Expires: Wed, 28 Sep 2022 20:55:06 GMT
Date: Wed, 28 Sep 2022 18:04:52 GMT
Connection: keep-alive
specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NWk%2F0I3KbMQsGkFRkE5Vdac%2FnMVgjJFonIwziu7kfXXnmVf1ivequjpZRQeGWcyiF250IZXTyQTHIPoDjNI9oBIU0rssJltxqzC4lG6D7Vwo7j11zuLcc9%2FN3eyM%2BMjo6fI7ZltpTRcWK375pQ%2BD4FJ5TcVZr9xr1j%2Bq1y6VbffVVr3iv1x%2BU%2FJNsxD6ge8HflBeUVa2TW9hQkIlh62g0vIrtbASLNbQsw9jl3lw1IPonpFnoMS4dM%2B7CMWHiKNvl6XbTE3yyhtRpmlqLLri4P14MzZ5jGg2tq2HdnxwroZxJytHMPH%2B1C5M9z8hU2Pi%2FXQEFh%2BcmwTr7k19Mg0Zg4knkXeHkHoIRYfg5gaUOCEAF7iyjji6c8XYnG79y9IJOyalB39B5WNSun8RcfTNkla98nWjs1SZ2KHXLqB6Q6jOEEk2Qrp9ASofgaefQonfyMKDNcTR3rrTBkoU092VGkK1h9CyD%2Bo8ZJNPecjaHrLEQyROyzwIgoYvOPWbLc6roiFZXfgBbbQDGvj1JjI%2BsddHmvTBdR%2Fc7iCxO9hUfdjsR7iNAk54cOmYeO%2FuoCsK5JIgdwQ5JcgVQZ4S5N1iX2gXuuKO0C5jwXkPz3u1GJi0s0v3TdqRMdlNzsjTk1y8R9%2F6EpvytMwp92mtGTDaEK1wsc38RsiYz2u1lpDVdhNOFVDuwnTVbTUm88%2F9jkSNyWOP%2FAxGR3B6BK7mQbMANB80Qh90Y1Br%2BtiOf8iN1SKWuRNU6a3EuLTCtOm4xKQVbiIIUyBJS0i3vF19Rp6dnuz5uTNIfnz57vzh48GLf4DbAokt8LG6R9DRtwbXTE72rpncke%2FWk1RFaptOznk9pamcu%2Fu23MqNFavLrv%2FVa3xCTMbD96RL12gsVNxx5OslJYS0K8ZySb5fdR9IdjVzG0uZjbNk7errK6tRYqVzysRDUHWy%2Fje4GpPSJ0fTd%2FrUrzeh7BA2KxBlx%2BS8oMwIPNmBS2bunZmD1TMNS%2BaQZ8XAhmz2UysCLWeYsgLuf5jN5l13Cx0bgqY3EEcFurZAVxegug%2BXPTFIE3t8%2BZfPJ%2FUFmC4NmLalPaat%2FmwS7f0xac79OQ15TMov3IZTp%2BVGterTemsxaDSobLBa2GzXA0FpWKuH9TqtInVjXrs9%2BgcAAP%2F%2FAQAA%2F%2F%2B3pIG5gQQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NWk%2F0I3KbMQsGkFRkE5Vdac%2FnMVgjJFonIwziu7kfXXnmVf1ivequjpZRQeGWcyiF250IZXTyQTHIPoDjNI9oBIU0rssJltxqzC4lG6D7Vwo7j11zuLcc9%2FN3eyM%2BMjo6fI7ZltpTRcWK375pQ%2BD4FJ5TcVZr9xr1j%2Bq1y6VbffVVr3iv1x%2BU%2FJNsxD6ge8HflBeUVa2TW9hQkIlh62g0vIrtbASLNbQsw9jl3lw1IPonpFnoMS4dM%2B7CMWHiKNvl6XbTE3yyhtRpmlqLLri4P14MzZ5jGg2tq2HdnxwroZxJytHMPH%2B1C5M9z8hU2Pi%2FXQEFh%2BcmwTr7k19Mg0Zg4knkXeHkHoIRYfg5gaUOCEAF7iyjji6c8XYnG79y9IJOyalB39B5WNSun8RcfTNkla98nWjs1SZ2KHXLqB6Q6jOEEk2Qrp9ASofgaefQonfyMKDNcTR3rrTBkoU092VGkK1h9CyD%2Bo8ZJNPecjaHrLEQyROyzwIgoYvOPWbLc6roiFZXfgBbbQDGvj1JjI%2BsddHmvTBdR%2Fc7iCxO9hUfdjsR7iNAk54cOmYeO%2FuoCsK5JIgdwQ5JcgVQZ4S5N1iX2gXuuKO0C5jwXkPz3u1GJi0s0v3TdqRMdlNzsjTk1y8R9%2F6EpvytMwp92mtGTDaEK1wsc38RsiYz2u1lpDVdhNOFVDuwnTVbTUm88%2F9jkSNyWOP%2FAxGR3B6BK7mQbMANB80Qh90Y1Br%2BtiOf8iN1SKWuRNU6a3EuLTCtOm4xKQVbiIIUyBJS0i3vF19Rp6dnuz5uTNIfnz57vzh48GLf4DbAokt8LG6R9DRtwbXTE72rpncke%2FWk1RFaptOznk9pamcu%2Fu23MqNFavLrv%2FVa3xCTMbD96RL12gsVNxx5OslJYS0K8ZySb5fdR9IdjVzG0uZjbNk7errK6tRYqVzysRDUHWy%2Fje4GpPSJ0fTd%2FrUrzeh7BA2KxBlx%2BS8oMwIPNmBS2bunZmD1TMNS%2BaQZ8XAhmz2UysCLWeYsgLuf5jN5l13Cx0bgqY3EEcFurZAVxegug%2BXPTFIE3t8%2BZfPJ%2FUFmC4NmLalPaat%2FmwS7f0xac79OQ15TMov3IZTp%2BVGterTemsxaDSobLBa2GzXA0FpWKuH9TqtInVjXrs9%2BgcAAP%2F%2FAQAA%2F%2F%2B3pIG5gQQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NWk%2F0I3KbMQsGkFRkE5Vdac%2FnMVgjJFonIwziu7kfXXnmVf1ivequjpZRQeGWcyiF250IZXTyQTHIPoDjNI9oBIU0rssJltxqzC4lG6D7Vwo7j11zuLcc9%2FN3eyM%2BMjo6fI7ZltpTRcWK375pQ%2BD4FJ5TcVZr9xr1j%2Bq1y6VbffVVr3iv1x%2BU%2FJNsxD6ge8HflBeUVa2TW9hQkIlh62g0vIrtbASLNbQsw9jl3lw1IPonpFnoMS4dM%2B7CMWHiKNvl6XbTE3yyhtRpmlqLLri4P14MzZ5jGg2tq2HdnxwroZxJytHMPH%2B1C5M9z8hU2Pi%2FXQEFh%2BcmwTr7k19Mg0Zg4knkXeHkHoIRYfg5gaUOCEAF7iyjji6c8XYnG79y9IJOyalB39B5WNSun8RcfTNkla98nWjs1SZ2KHXLqB6Q6jOEEk2Qrp9ASofgaefQonfyMKDNcTR3rrTBkoU092VGkK1h9CyD%2Bo8ZJNPecjaHrLEQyROyzwIgoYvOPWbLc6roiFZXfgBbbQDGvj1JjI%2BsddHmvTBdR%2Fc7iCxO9hUfdjsR7iNAk54cOmYeO%2FuoCsK5JIgdwQ5JcgVQZ4S5N1iX2gXuuKO0C5jwXkPz3u1GJi0s0v3TdqRMdlNzsjTk1y8R9%2F6EpvytMwp92mtGTDaEK1wsc38RsiYz2u1lpDVdhNOFVDuwnTVbTUm88%2F9jkSNyWOP%2FAxGR3B6BK7mQbMANB80Qh90Y1Br%2BtiOf8iN1SKWuRNU6a3EuLTCtOm4xKQVbiIIUyBJS0i3vF19Rp6dnuz5uTNIfnz57vzh48GLf4DbAokt8LG6R9DRtwbXTE72rpncke%2FWk1RFaptOznk9pamcu%2Fu23MqNFavLrv%2FVa3xCTMbD96RL12gsVNxx5OslJYS0K8ZySb5fdR9IdjVzG0uZjbNk7errK6tRYqVzysRDUHWy%2Fje4GpPSJ0fTd%2FrUrzeh7BA2KxBlx%2BS8oMwIPNmBS2bunZmD1TMNS%2BaQZ8XAhmz2UysCLWeYsgLuf5jN5l13Cx0bgqY3EEcFurZAVxegug%2BXPTFIE3t8%2BZfPJ%2FUFmC4NmLalPaat%2FmwS7f0xac79OQ15TMov3IZTp%2BVGterTemsxaDSobLBa2GzXA0FpWKuH9TqtInVjXrs9%2BgcAAP%2F%2FAQAA%2F%2F%2B3pIG5gQQAAA%3D%3D HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17189534; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleccac0a481ba7d925fb072bb0c449de3f8=[2229213,2229214,2106764]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59ee339a7669a92253b83b21cc706e38
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/img/close.png
172.64.201.2200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/img/close.png
IP 172.64.201.2:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/ssp/notifications/text_bubble/2/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 12 Jul 2022 10:56:24 GMT
etag: "62cd5358-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1242489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Htd%2FVXMyXp092lxwHTePfwCzLA%2B8BxIfJlsbH%2F%2Fp0KiCZS63zTvMNqBYIm2pToZe29CKhl1XTj%2F0y8wvQ26tTguV1G4FMtUGGYhOCy2QXbk%2BxyWTil2hsdXXhWLUnWCt8wU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676bdd914052-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/img/number.png
172.64.201.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/img/number.png
IP 172.64.201.2:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/ssp/notifications/text_bubble/2/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/png
content-length: 1138
last-modified: Tue, 12 Jul 2022 10:56:23 GMT
etag: "62cd5357-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1242489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYfKMdIiAG8CidoeqHIUlYCFkN3yYirfstkYUvZ%2FL7eV0B0K451ztDTIjZ9HlWZzFPLJgjt7ktfgFIYAVP5fILkllhkL3%2FLUEzFPmH0l0ccwZI71MlObW663rX3Xm9%2BudiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676bdd974052-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/img/arrow.png
172.64.201.2200 OK 2.3 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/img/arrow.png
IP 172.64.201.2:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 41109abf05740798aa2e66a3e938c8de
706e93332bf4819e9f4059765340cf97981bd1fe
2fbf669490df5b04badb9886ca664dbd9a0d66e0ecdc951b822feb6089fac0ea
GET /sb/ssp/notifications/text_bubble/2/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/png
content-length: 2332
last-modified: Tue, 12 Jul 2022 10:56:23 GMT
etag: "62cd5357-91c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1242487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seTsuWPtzOpxtIjaPnxm6xWuVdwppvdNbBVW%2B98ouSm%2BckVa9%2FUz2FnM%2FEimyT4xz%2FhsRtnbKn0zkPAMHJJaBJljiwmSxo%2BJGnNdKwwXYEIGS5icP9fbvthSP5CPHhZD10A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676bdd954052-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/69/8c/ea/698cea670391d77b5d0059f6d391ea11/1664291855.jpg
45.133.44.9200 OK 14 kB URL HTTP/2 cdn.cloudimagesb.com/si/69/8c/ea/698cea670391d77b5d0059f6d391ea11/1664291855.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 48b1175ed4d530456827b54325ccacdb
d2e8211a581b185a1e52da25b88e13db60882400
ae502bc8b9594b588096801eebac99d76a7a4acfa030c707fa1143ed0c8a1dcb
GET /si/69/8c/ea/698cea670391d77b5d0059f6d391ea11/1664291855.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/jpeg
content-length: 13705
server: nginx/1.17.6
last-modified: Tue, 27 Sep 2022 15:17:44 GMT
etag: "63331418-3589"
expires: Fri, 30 Sep 2022 18:04:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10214
Expires: Wed, 28 Sep 2022 20:55:06 GMT
Date: Wed, 28 Sep 2022 18:04:52 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/css/style.css
172.64.201.2200 OK 2.2 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/css/style.css
IP 172.64.201.2:0
Hash 8844bd53c457733b6b1cb34b1c667e49
ece1f317f95beb447bfae9f5d4c761ca418d6890
e1b9f5941f86ada61924be5896a73fe67e0be2dea09f0c7d740600834e008731
GET /sb/ssp/notifications/text_bubble/2/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 11:09:04 GMT
etag: W/"62cd5650-23e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 279901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgxnRSTixXaPQNUxJLaYrfVz9EXBn2rt6G3ktrLapkZEOKDcHvt1ybzzaLPb3lmAegPezDEQU5S6RKAa1VyPbYtwBfwy7RLDcH0KiuuJV9esLjc55CA4wZV0A7RjMXEuKgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676bdd8b4052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash c960918c798ff51bd86b14d45599314e
c44513c723dbef94495ebbb2a3015c9740adeb9e
678897e7b43f387694b1540a55f9b0cb0c318ae1cca10e6e49bec00d2b9ad312
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 18:04:52 GMT
date: Wed, 28 Sep 2022 18:04:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F2%2Fcss%2Fstyle.css&l=9193&fd=189
173.233.139.164200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F2%2Fcss%2Fstyle.css&l=9193&fd=189
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fnotifications%2Ftext_bubble%2F2%2Fcss%2Fstyle.css&l=9193&fd=189 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17194685; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca25a90ff278df2963dda4eb698c56729=[3692935]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/js/script.js
172.64.201.2200 OK 399 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/js/script.js
IP 172.64.201.2:0
Hash 41509498aea60e8ef0ec3f0eae0d07c3
010357c16e35efe2dc6994e01d9309efb571176b
b41ea118f1266b04b47166effc7cf67bd6cfb71a29e7e4da8c6a621d27fc42c4
GET /sb/ssp/notifications/text_bubble/2/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: application/javascript
last-modified: Tue, 12 Jul 2022 10:56:18 GMT
etag: W/"62cd5352-37c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 281322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guX0lue8d4B8GMYWrayHMbD%2Fapb%2F%2BGajf3UhUpUGLtZtccKZL3%2F4GZCCYZ4PWKTzMUQBzPUwVLyrSreZ8tU%2BqvMdzpOWt5VMHQf%2FCgKqj%2FiRGnKwGlX1P7oNcee05q8aQv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676c9e904052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/77/dc/64/77dc6457fd0a8d88bd556fdd8e2e049b/1627915829.png
45.133.44.9200 OK 503 B URL HTTP/2 cdn.cloudimagesb.com/cti/77/dc/64/77dc6457fd0a8d88bd556fdd8e2e049b/1627915829.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
Hash 2268945bfd07668758dde9d85cdf17da
3a7536375ce4d8152ef3fb3c4e03a323c0bdaa6d
3500fec9f9707d5e0d7382503e4dd540720f8ca9e111832c634bfd275ffb34ac
GET /cti/77/dc/64/77dc6457fd0a8d88bd556fdd8e2e049b/1627915829.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/png
content-length: 75412
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:50:38 GMT
etag: "6108063e-12694"
expires: Fri, 30 Sep 2022 18:04:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2268945bfd07668758dde9d85cdf17da
3a7536375ce4d8152ef3fb3c4e03a323c0bdaa6d
3500fec9f9707d5e0d7382503e4dd540720f8ca9e111832c634bfd275ffb34ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3500FEC9F9707D5E0D7382503E4DD540720F8CA9E111832C634BFD275FFB34AC"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5738
Expires: Wed, 28 Sep 2022 19:40:30 GMT
Date: Wed, 28 Sep 2022 18:04:52 GMT
Connection: keep-alive
peeredgerman.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17194685; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca25a90ff278df2963dda4eb698c56729=[3692935]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
peeredgerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2tc1Rs%2Bt8nvJ6gbJRuxldkICjK5d%2F6PXRRjTAnGpraKulHOvzs55tx7LufcO3cyboIV7cLF%2BA1unkka1FL0A7SWmYJCQOi4imDAlR9A6MKVzHRw9IXD%2Bz7neRbP%2B%2Bfzg%2ByM%2BMjo6fpbpq%2B0pqv1sl966f0guFjaUnHWK%2FVajY8atYsl23213Sj7L5cuS75rVit%2B4PuBH5Q2lJWh6a1OSajkdjsot%2F1yrVIO6jX07H%2Bxyzw46kF0z8izUGKy%2FMBbgeIjxNF369LtpiZ55Y0o0zQ1Fl1x%2FG68G5s8RrQoQ%2BshjI%2Fnahj3cOMeTHw0swvT%2FUfI1IR4P94Di4%2FnJsG6hzOfTEPGYOIp5N0RpB5B0RG4uQElHhKAC1zZRhzdumJsTvces3TKTsjyoz%2Bh8glZ%2Fm0FcXRnTate6brRWapM7NALC6jeCKozQpKNkfbPQeVj8PRTKPEzWX20hTg63HbaQIli1rtSI6hwBC0HoM5DNn3KQxZ6yBIPkTgt8SAImr7g1G%2B1Oa%2BKpmQN4Qe0GQY08BstZHxqb4A0GYDrAbjdR2L3sasGsNl9uJ0CTnhw6YR4b%2B%2BjKwrkkiB3BDklyBVBnhLk3eJIaFdxxS2hXcaCea7Mc7UYmrRzQI9M2pExOUjOyDPTuXj%2F%2F%2FAuduVpiVbqtO2HYaXZEmGl3agKQWuSNdotXm80K204VUC5c7NW%2B2pCzj%2F%2FBxI1IU%2F87ycwOobTY3B1HjS7AJoPmxUfdGdYa%2Fnoxz%2FkxmoRy9wJqvReYlxaZtp0XGLSMjcRhCmQpMtI97wDfUaem62s9cEXkPzk0mf93y%2FfWfkE3BZIbIGP1QOCjr45vGZycnjN5I58v52kKlJ9Ol3n9ZSmcumbN%2BVebqzYXHeDr1%2FjU2Ja3n5HunSLxkLFHUe%2BXVNCSLthLJfk7qZ7T7KrmdtZy2ycJVtXX9%2FYjBIrnVMmHoFOL%2FPpF8HVhDy5%2FNfsUi%2F8eh%2FKjmCzAlF2QuYBZcbgyT5csvDvzBKsXmhY4iHPiqGtsMWnVgRaLjBlBdy%2FMFvUB%2B4mOvYF0PQG4qhA1xbo6gJUD%2BCypWGa2JNLv1RnAaa9IdPWO2Ta6q8eD9ep01LVF00mQ9lkslavhZILVq8zn4ecVUWrxZG6Ca99Of4bAAD%2F%2FwEAAP%2F%2Fujg73nQEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 peeredgerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2tc1Rs%2Bt8nvJ6gbJRuxldkICjK5d%2F6PXRRjTAnGpraKulHOvzs55tx7LufcO3cyboIV7cLF%2BA1unkka1FL0A7SWmYJCQOi4imDAlR9A6MKVzHRw9IXD%2Bz7neRbP%2B%2Bfzg%2ByM%2BMjo6fpbpq%2B0pqv1sl966f0guFjaUnHWK%2FVajY8atYsl23213Sj7L5cuS75rVit%2B4PuBH5Q2lJWh6a1OSajkdjsot%2F1yrVIO6jX07H%2Bxyzw46kF0z8izUGKy%2FMBbgeIjxNF369LtpiZ55Y0o0zQ1Fl1x%2FG68G5s8RrQoQ%2BshjI%2Fnahj3cOMeTHw0swvT%2FUfI1IR4P94Di4%2FnJsG6hzOfTEPGYOIp5N0RpB5B0RG4uQElHhKAC1zZRhzdumJsTvces3TKTsjyoz%2Bh8glZ%2Fm0FcXRnTate6brRWapM7NALC6jeCKozQpKNkfbPQeVj8PRTKPEzWX20hTg63HbaQIli1rtSI6hwBC0HoM5DNn3KQxZ6yBIPkTgt8SAImr7g1G%2B1Oa%2BKpmQN4Qe0GQY08BstZHxqb4A0GYDrAbjdR2L3sasGsNl9uJ0CTnhw6YR4b%2B%2BjKwrkkiB3BDklyBVBnhLk3eJIaFdxxS2hXcaCea7Mc7UYmrRzQI9M2pExOUjOyDPTuXj%2F%2F%2FAuduVpiVbqtO2HYaXZEmGl3agKQWuSNdotXm80K204VUC5c7NW%2B2pCzj%2F%2FBxI1IU%2F87ycwOobTY3B1HjS7AJoPmxUfdGdYa%2Fnoxz%2FkxmoRy9wJqvReYlxaZtp0XGLSMjcRhCmQpMtI97wDfUaem62s9cEXkPzk0mf93y%2FfWfkE3BZIbIGP1QOCjr45vGZycnjN5I58v52kKlJ9Ol3n9ZSmcumbN%2BVebqzYXHeDr1%2FjU2Ja3n5HunSLxkLFHUe%2BXVNCSLthLJfk7qZ7T7KrmdtZy2ycJVtXX9%2FYjBIrnVMmHoFOL%2FPpF8HVhDy5%2FNfsUi%2F8eh%2FKjmCzAlF2QuYBZcbgyT5csvDvzBKsXmhY4iHPiqGtsMWnVgRaLjBlBdy%2FMFvUB%2B4mOvYF0PQG4qhA1xbo6gJUD%2BCypWGa2JNLv1RnAaa9IdPWO2Ta6q8eD9ep01LVF00mQ9lkslavhZILVq8zn4ecVUWrxZG6Ca99Of4bAAD%2F%2FwEAAP%2F%2Fujg73nQEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2tc1Rs%2Bt8nvJ6gbJRuxldkICjK5d%2F6PXRRjTAnGpraKulHOvzs55tx7LufcO3cyboIV7cLF%2BA1unkka1FL0A7SWmYJCQOi4imDAlR9A6MKVzHRw9IXD%2Bz7neRbP%2B%2Bfzg%2ByM%2BMjo6fpbpq%2B0pqv1sl966f0guFjaUnHWK%2FVajY8atYsl23213Sj7L5cuS75rVit%2B4PuBH5Q2lJWh6a1OSajkdjsot%2F1yrVIO6jX07H%2Bxyzw46kF0z8izUGKy%2FMBbgeIjxNF369LtpiZ55Y0o0zQ1Fl1x%2FG68G5s8RrQoQ%2BshjI%2Fnahj3cOMeTHw0swvT%2FUfI1IR4P94Di4%2FnJsG6hzOfTEPGYOIp5N0RpB5B0RG4uQElHhKAC1zZRhzdumJsTvces3TKTsjyoz%2Bh8glZ%2Fm0FcXRnTate6brRWapM7NALC6jeCKozQpKNkfbPQeVj8PRTKPEzWX20hTg63HbaQIli1rtSI6hwBC0HoM5DNn3KQxZ6yBIPkTgt8SAImr7g1G%2B1Oa%2BKpmQN4Qe0GQY08BstZHxqb4A0GYDrAbjdR2L3sasGsNl9uJ0CTnhw6YR4b%2B%2BjKwrkkiB3BDklyBVBnhLk3eJIaFdxxS2hXcaCea7Mc7UYmrRzQI9M2pExOUjOyDPTuXj%2F%2F%2FAuduVpiVbqtO2HYaXZEmGl3agKQWuSNdotXm80K204VUC5c7NW%2B2pCzj%2F%2FBxI1IU%2F87ycwOobTY3B1HjS7AJoPmxUfdGdYa%2Fnoxz%2FkxmoRy9wJqvReYlxaZtp0XGLSMjcRhCmQpMtI97wDfUaem62s9cEXkPzk0mf93y%2FfWfkE3BZIbIGP1QOCjr45vGZycnjN5I58v52kKlJ9Ol3n9ZSmcumbN%2BVebqzYXHeDr1%2FjU2Ja3n5HunSLxkLFHUe%2BXVNCSLthLJfk7qZ7T7KrmdtZy2ycJVtXX9%2FYjBIrnVMmHoFOL%2FPpF8HVhDy5%2FNfsUi%2F8eh%2FKjmCzAlF2QuYBZcbgyT5csvDvzBKsXmhY4iHPiqGtsMWnVgRaLjBlBdy%2FMFvUB%2B4mOvYF0PQG4qhA1xbo6gJUD%2BCypWGa2JNLv1RnAaa9IdPWO2Ta6q8eD9ep01LVF00mQ9lkslavhZILVq8zn4ecVUWrxZG6Ca99Of4bAAD%2F%2FwEAAP%2F%2Fujg73nQEAAA%3D HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17194685; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca25a90ff278df2963dda4eb698c56729=[3692935]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:04:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ce28235032d5e7c2232cbdc88f00e28a
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=d55a5f4c-f3a2-4342-8d69-c456fbdeedec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a25a90ff278df2963dda4eb698c56729&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=d55a5f4c-f3a2-4342-8d69-c456fbdeedec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a25a90ff278df2963dda4eb698c56729&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=d55a5f4c-f3a2-4342-8d69-c456fbdeedec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a25a90ff278df2963dda4eb698c56729&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 18:04:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2fccee5fd8088066c5074d97a91533f
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=d55a5f4c-f3a2-4342-8d69-c456fbdeedec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=2e497349d9569f870bb05429d26ec46e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=d55a5f4c-f3a2-4342-8d69-c456fbdeedec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=2e497349d9569f870bb05429d26ec46e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=d55a5f4c-f3a2-4342-8d69-c456fbdeedec&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=2e497349d9569f870bb05429d26ec46e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 18:04:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2664323827503f4230651461a54b046
Strict-Transport-Security: max-age=0; includeSubdomains
specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3szv57%2BTshc1h0FQFGTS3TOZP%2B5hMcZING7WXUVvUl1VM6lNdVdTVT09yUGCC7KHPczBix608ybZ4BpEL57cXZlZUAkImYMQZHMVb6Kw4E1mNhj8oPne1%2B8d3ve%2B%2Bmg7OyY%2BMnq0%2BKbelErRufmKX37%2BvSA4V16RSdYr95r19%2Bu1c2XTfalVr%2FgvlF8TbF3PhX7g%2B4EflJekEW3dm5uQkOl%2BK6i0%2FEotrATzNfTMf2ebebDUA%2B8ekycg%2Bbh01zsLyYZI4q8XhV13On3x1ThT1GmDLt97J1lPdJ4gPoVt46Gd7J2ooe3h0m3oZHdqF7r7rzCSY%2BL9cBtRsndiElF3Z%2BozUhAJIv4Y8u4QQg0h6RBMX4XkhwRgHBdWkcQ3LmiT040HLJ2wY1K6%2FxdkPiale2eRxF8tKNkrX9Yqc1InFr12AdkbQnaGSLMR3OYZyHwE5j6E5D%2BTufsrSOKdVas0JC%2Bmu0s5hGwPoUQf1HrIJp%2F0kLU9ZKmHmB%2BVWRAEDZ8z6jdbjFV5Q0R17ge00Q5o4NebyNjEXh8u7YOpPpjZQmq2sC77MNn3sGsFLPdg3Zh4b22hywvkgiC3BDklyCVB7gjybrHLlQ1tcYMrm0XBSQ9PerUYaNfZprvadURCttNj8vgkF%2B%2F%2Fr3%2BGdXFUZpT5tNYMItrgrXC%2BHfmNMIp8Vqu1uKi2m7CygLRnpqtuyjGZffo3pHJMHvrfj4joCFaNwOQsaBaA5oNG6IOuDWpNH5vJnVwbxRORW06l2ki1dZVI6Y5NtaswHYPrAqkrwW142%2BqYPDk9WXPmTwh2cH7kvrvywd%2B%2FgpkCqSlwRd4l6Khrg0s6JzuXdG7JN6upk7HcpJNzXnbUidLNN8RGrg1fXrT9L15mE2IC998W1q3QhMukY8mXC5JzYZa0YYLcWrbviuhiZtcWMpNk6crFV5aW49QIa6VOhqDycOYpMDkmj3z%2B7fSdzv5yC9IMYbICcXZATgpSD8HSLdj04PzN2f2Hg%2Bd%2Bh9UzMOpUE6VnkGfFwITR6U8lCZQ4nWlUwIrTCCJxcOePB9y2vYaOCUHdVSRxga4p0FUFqOrDZo8OXGoOzv%2F0yaQ%2BRaRKg0iZ0k6kjPp4TJ6ZuTfNd4KOx6T87HVYeVRuVKs%2Brbfmg0aDikZUC5vtesApDWv1sF6nVTg7ZrXro38AAAD%2F%2FwEAAP%2F%2FD1Bx5YEEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3szv57%2BTshc1h0FQFGTS3TOZP%2B5hMcZING7WXUVvUl1VM6lNdVdTVT09yUGCC7KHPczBix608ybZ4BpEL57cXZlZUAkImYMQZHMVb6Kw4E1mNhj8oPne1%2B8d3ve%2B%2Bmg7OyY%2BMnq0%2BKbelErRufmKX37%2BvSA4V16RSdYr95r19%2Bu1c2XTfalVr%2FgvlF8TbF3PhX7g%2B4EflJekEW3dm5uQkOl%2BK6i0%2FEotrATzNfTMf2ebebDUA%2B8ekycg%2Bbh01zsLyYZI4q8XhV13On3x1ThT1GmDLt97J1lPdJ4gPoVt46Gd7J2ooe3h0m3oZHdqF7r7rzCSY%2BL9cBtRsndiElF3Z%2BozUhAJIv4Y8u4QQg0h6RBMX4XkhwRgHBdWkcQ3LmiT040HLJ2wY1K6%2FxdkPiale2eRxF8tKNkrX9Yqc1InFr12AdkbQnaGSLMR3OYZyHwE5j6E5D%2BTufsrSOKdVas0JC%2Bmu0s5hGwPoUQf1HrIJp%2F0kLU9ZKmHmB%2BVWRAEDZ8z6jdbjFV5Q0R17ge00Q5o4NebyNjEXh8u7YOpPpjZQmq2sC77MNn3sGsFLPdg3Zh4b22hywvkgiC3BDklyCVB7gjybrHLlQ1tcYMrm0XBSQ9PerUYaNfZprvadURCttNj8vgkF%2B%2F%2Fr3%2BGdXFUZpT5tNYMItrgrXC%2BHfmNMIp8Vqu1uKi2m7CygLRnpqtuyjGZffo3pHJMHvrfj4joCFaNwOQsaBaA5oNG6IOuDWpNH5vJnVwbxRORW06l2ki1dZVI6Y5NtaswHYPrAqkrwW142%2BqYPDk9WXPmTwh2cH7kvrvywd%2B%2FgpkCqSlwRd4l6Khrg0s6JzuXdG7JN6upk7HcpJNzXnbUidLNN8RGrg1fXrT9L15mE2IC998W1q3QhMukY8mXC5JzYZa0YYLcWrbviuhiZtcWMpNk6crFV5aW49QIa6VOhqDycOYpMDkmj3z%2B7fSdzv5yC9IMYbICcXZATgpSD8HSLdj04PzN2f2Hg%2Bd%2Bh9UzMOpUE6VnkGfFwITR6U8lCZQ4nWlUwIrTCCJxcOePB9y2vYaOCUHdVSRxga4p0FUFqOrDZo8OXGoOzv%2F0yaQ%2BRaRKg0iZ0k6kjPp4TJ6ZuTfNd4KOx6T87HVYeVRuVKs%2Brbfmg0aDikZUC5vtesApDWv1sF6nVTg7ZrXro38AAAD%2F%2FwEAAP%2F%2FD1Bx5YEEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3szv57%2BTshc1h0FQFGTS3TOZP%2B5hMcZING7WXUVvUl1VM6lNdVdTVT09yUGCC7KHPczBix608ybZ4BpEL57cXZlZUAkImYMQZHMVb6Kw4E1mNhj8oPne1%2B8d3ve%2B%2Bmg7OyY%2BMnq0%2BKbelErRufmKX37%2BvSA4V16RSdYr95r19%2Bu1c2XTfalVr%2FgvlF8TbF3PhX7g%2B4EflJekEW3dm5uQkOl%2BK6i0%2FEotrATzNfTMf2ebebDUA%2B8ekycg%2Bbh01zsLyYZI4q8XhV13On3x1ThT1GmDLt97J1lPdJ4gPoVt46Gd7J2ooe3h0m3oZHdqF7r7rzCSY%2BL9cBtRsndiElF3Z%2BozUhAJIv4Y8u4QQg0h6RBMX4XkhwRgHBdWkcQ3LmiT040HLJ2wY1K6%2FxdkPiale2eRxF8tKNkrX9Yqc1InFr12AdkbQnaGSLMR3OYZyHwE5j6E5D%2BTufsrSOKdVas0JC%2Bmu0s5hGwPoUQf1HrIJp%2F0kLU9ZKmHmB%2BVWRAEDZ8z6jdbjFV5Q0R17ge00Q5o4NebyNjEXh8u7YOpPpjZQmq2sC77MNn3sGsFLPdg3Zh4b22hywvkgiC3BDklyCVB7gjybrHLlQ1tcYMrm0XBSQ9PerUYaNfZprvadURCttNj8vgkF%2B%2F%2Fr3%2BGdXFUZpT5tNYMItrgrXC%2BHfmNMIp8Vqu1uKi2m7CygLRnpqtuyjGZffo3pHJMHvrfj4joCFaNwOQsaBaA5oNG6IOuDWpNH5vJnVwbxRORW06l2ki1dZVI6Y5NtaswHYPrAqkrwW142%2BqYPDk9WXPmTwh2cH7kvrvywd%2B%2FgpkCqSlwRd4l6Khrg0s6JzuXdG7JN6upk7HcpJNzXnbUidLNN8RGrg1fXrT9L15mE2IC998W1q3QhMukY8mXC5JzYZa0YYLcWrbviuhiZtcWMpNk6crFV5aW49QIa6VOhqDycOYpMDkmj3z%2B7fSdzv5yC9IMYbICcXZATgpSD8HSLdj04PzN2f2Hg%2Bd%2Bh9UzMOpUE6VnkGfFwITR6U8lCZQ4nWlUwIrTCCJxcOePB9y2vYaOCUHdVSRxga4p0FUFqOrDZo8OXGoOzv%2F0yaQ%2BRaRKg0iZ0k6kjPp4TJ6ZuTfNd4KOx6T87HVYeVRuVKs%2Brbfmg0aDikZUC5vtesApDWv1sF6nVTg7ZrXro38AAAD%2F%2FwEAAP%2F%2FD1Bx5YEEAAA%3D HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17189534; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleccac0a481ba7d925fb072bb0c449de3f8=[2229213,2229214,2106764]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11600ccc1fd74f87c6d96a5e741c91ac
Strict-Transport-Security: max-age=0; includeSubdomains
specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3ow%2F0IMoexFzaARFQSbdPZP54R4WY4xE42bdVfQm1VU1kzLVXU1V9%2FQkp%2BiC7GEPc%2FCiB%2Bm8STa4hkX%2FAKPMLKgEhPQth81VvCosHmVmg%2BN%2B0Hzv9XuH931ffbGbnREPGT1dfk9vS6XowmLVc1%2F52PcvuWsyzvpuv9X4pFG%2F5Jre6%2B1G1XvVfVuwTb0QeL7n%2BZ7vrkgjOrq%2FMBEhk8O2X2171XpQ9Rfr6JtHuc0cWOqA987Ic5C8rNxzLkKyEeLo%2B2VhN1OdvPZWlCmaaoMeP%2Fgw3ox1HiOawY5x0IkPzt3Q9mTlCDren8aF7v1nDGVJnF%2BOEMYH5yER9vamOUMFESPkTyPvjSDUCJKOwPQNSH5CAMZxZR1xdPuKNjndeqjSiVqSyoO%2FIfOSVO5fRBzdXVKy717XKkulji36nQKyP4LsjpBkY6TbFyDzMVj6OST%2FnSw8WEMc7a1bpSF5MZ1dyhFkZwQlBqDWQTb5pIOs4yBLHET81GW%2B7zc9zqjXajNW400RNrjn02bHp77XaCFjk3gDpMkATA3AzA4Ss4NNOYDJfobdKGC5A5uWxHl%2FBz1eIBcEuSXIKUEuCfKUIO8V%2B1zZwBa3ubJZ6J%2F34LzXiqFOu7t0X6ddEZPd5Iw8O9mL8%2Fg732BTnLqMMo%2FWW35Im7wdLHZCrxmEocfq9TYXtU4LVhaQ9sJ01G1ZkvkX%2FkAiS%2FLEY78ipGNYNQaT86CZD5oPm4EHujGstzxsxz%2Fl2igei9xyKtVWom1aDZXu2kSnVaYjcF0gSStIt5xddUaen57MfekWBDu%2BfGf%2B8En%2F5T%2FBTIHEFPhU3iPoqpvDazone9d0bskP60kqI7lNJ%2Be8ntJUzN15V2zl2vDVZTv49g02ESbw8ANh0zUacxl3LfluSXIuzIo2TJAfV%2B1HIrya2Y2lzMRZsnb1zZXVKDHCWqnjEag8Wf8HTJak8tnR9J0%2BU96FNCOYrECUHZPzgtRjsGQHNpmlt3oORs08YVJBnhVDE4Szn0oSKDHjNCxg%2F8fDGd61N9E1AWh6A3FUoGcK9FQBqgaw2VPDNDHHl3%2F7alJfI1SVYahMZS9URn1Zkhfn7pekNffXBJ093LSVp26zVvNoo73oN5tUNMN60Oo0fE5pUG8EjQatIbUlq98a%2FwsAAP%2F%2FAQAA%2F%2F%2BUEoDUgQQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3ow%2F0IMoexFzaARFQSbdPZP54R4WY4xE42bdVfQm1VU1kzLVXU1V9%2FQkp%2BiC7GEPc%2FCiB%2Bm8STa4hkX%2FAKPMLKgEhPQth81VvCosHmVmg%2BN%2B0Hzv9XuH931ffbGbnREPGT1dfk9vS6XowmLVc1%2F52PcvuWsyzvpuv9X4pFG%2F5Jre6%2B1G1XvVfVuwTb0QeL7n%2BZ7vrkgjOrq%2FMBEhk8O2X2171XpQ9Rfr6JtHuc0cWOqA987Ic5C8rNxzLkKyEeLo%2B2VhN1OdvPZWlCmaaoMeP%2Fgw3ox1HiOawY5x0IkPzt3Q9mTlCDren8aF7v1nDGVJnF%2BOEMYH5yER9vamOUMFESPkTyPvjSDUCJKOwPQNSH5CAMZxZR1xdPuKNjndeqjSiVqSyoO%2FIfOSVO5fRBzdXVKy717XKkulji36nQKyP4LsjpBkY6TbFyDzMVj6OST%2FnSw8WEMc7a1bpSF5MZ1dyhFkZwQlBqDWQTb5pIOs4yBLHET81GW%2B7zc9zqjXajNW400RNrjn02bHp77XaCFjk3gDpMkATA3AzA4Ss4NNOYDJfobdKGC5A5uWxHl%2FBz1eIBcEuSXIKUEuCfKUIO8V%2B1zZwBa3ubJZ6J%2F34LzXiqFOu7t0X6ddEZPd5Iw8O9mL8%2Fg732BTnLqMMo%2FWW35Im7wdLHZCrxmEocfq9TYXtU4LVhaQ9sJ01G1ZkvkX%2FkAiS%2FLEY78ipGNYNQaT86CZD5oPm4EHujGstzxsxz%2Fl2igei9xyKtVWom1aDZXu2kSnVaYjcF0gSStIt5xddUaen57MfekWBDu%2BfGf%2B8En%2F5T%2FBTIHEFPhU3iPoqpvDazone9d0bskP60kqI7lNJ%2Be8ntJUzN15V2zl2vDVZTv49g02ESbw8ANh0zUacxl3LfluSXIuzIo2TJAfV%2B1HIrya2Y2lzMRZsnb1zZXVKDHCWqnjEag8Wf8HTJak8tnR9J0%2BU96FNCOYrECUHZPzgtRjsGQHNpmlt3oORs08YVJBnhVDE4Szn0oSKDHjNCxg%2F8fDGd61N9E1AWh6A3FUoGcK9FQBqgaw2VPDNDHHl3%2F7alJfI1SVYahMZS9URn1Zkhfn7pekNffXBJ093LSVp26zVvNoo73oN5tUNMN60Oo0fE5pUG8EjQatIbUlq98a%2FwsAAP%2F%2FAQAA%2F%2F%2BUEoDUgQQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3ow%2F0IMoexFzaARFQSbdPZP54R4WY4xE42bdVfQm1VU1kzLVXU1V9%2FQkp%2BiC7GEPc%2FCiB%2Bm8STa4hkX%2FAKPMLKgEhPQth81VvCosHmVmg%2BN%2B0Hzv9XuH931ffbGbnREPGT1dfk9vS6XowmLVc1%2F52PcvuWsyzvpuv9X4pFG%2F5Jre6%2B1G1XvVfVuwTb0QeL7n%2BZ7vrkgjOrq%2FMBEhk8O2X2171XpQ9Rfr6JtHuc0cWOqA987Ic5C8rNxzLkKyEeLo%2B2VhN1OdvPZWlCmaaoMeP%2Fgw3ox1HiOawY5x0IkPzt3Q9mTlCDren8aF7v1nDGVJnF%2BOEMYH5yER9vamOUMFESPkTyPvjSDUCJKOwPQNSH5CAMZxZR1xdPuKNjndeqjSiVqSyoO%2FIfOSVO5fRBzdXVKy717XKkulji36nQKyP4LsjpBkY6TbFyDzMVj6OST%2FnSw8WEMc7a1bpSF5MZ1dyhFkZwQlBqDWQTb5pIOs4yBLHET81GW%2B7zc9zqjXajNW400RNrjn02bHp77XaCFjk3gDpMkATA3AzA4Ss4NNOYDJfobdKGC5A5uWxHl%2FBz1eIBcEuSXIKUEuCfKUIO8V%2B1zZwBa3ubJZ6J%2F34LzXiqFOu7t0X6ddEZPd5Iw8O9mL8%2Fg732BTnLqMMo%2FWW35Im7wdLHZCrxmEocfq9TYXtU4LVhaQ9sJ01G1ZkvkX%2FkAiS%2FLEY78ipGNYNQaT86CZD5oPm4EHujGstzxsxz%2Fl2igei9xyKtVWom1aDZXu2kSnVaYjcF0gSStIt5xddUaen57MfekWBDu%2BfGf%2B8En%2F5T%2FBTIHEFPhU3iPoqpvDazone9d0bskP60kqI7lNJ%2Be8ntJUzN15V2zl2vDVZTv49g02ESbw8ANh0zUacxl3LfluSXIuzIo2TJAfV%2B1HIrya2Y2lzMRZsnb1zZXVKDHCWqnjEag8Wf8HTJak8tnR9J0%2BU96FNCOYrECUHZPzgtRjsGQHNpmlt3oORs08YVJBnhVDE4Szn0oSKDHjNCxg%2F8fDGd61N9E1AWh6A3FUoGcK9FQBqgaw2VPDNDHHl3%2F7alJfI1SVYahMZS9URn1Zkhfn7pekNffXBJ093LSVp26zVvNoo73oN5tUNMN60Oo0fE5pUG8EjQatIbUlq98a%2FwsAAP%2F%2FAQAA%2F%2F%2BUEoDUgQQAAA%3D%3D HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17189534; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleccac0a481ba7d925fb072bb0c449de3f8=[2229213,2229214,2106764]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f25b3a5158dc6b55be9c5a121f7461a2
Strict-Transport-Security: max-age=0; includeSubdomains
specificationheadless.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
192.243.59.20200 OK 29 kB URL HTTP/1.1 specificationheadless.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 340bee3c23530f4bf8126dd4d1cf1b1f
21ae610123b5c8f412cc537e04d1ca0124820a99
7ff7f0470155d914e790d6a3b55e617b9be5d586d2e6e0049eeadeff865d2a54
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Cookie: u_pl=17189534; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleccac0a481ba7d925fb072bb0c449de3f8=[2229213,2229214,2106764]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:04:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2182fd3905a3890ffce10b62757bb682
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:04:53 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4066fd700ea1675c72fa3d2fa18119db
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8cba508f0383a5c6824d82bb805583b
238bb2a7bf42b2eff8c090099dbdb643c5b016c8
23d400c9ef3b44da1bb3592d914d56ac4be1e03175d30b7f4fde13578a684dd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "23D400C9EF3B44DA1BB3592D914D56AC4BE1E03175D30B7F4FDE13578A684DD4"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5715
Expires: Wed, 28 Sep 2022 19:40:09 GMT
Date: Wed, 28 Sep 2022 18:04:54 GMT
Connection: keep-alive
invaderannihilationperky.com/pixel/purst?dl=0&th=0&sc=0&rs=5854&rd=5854&fd=1411&bv=22.8.v.2&tmpl=136
192.243.61.225200 OK 0 B URL HTTP/1.1 invaderannihilationperky.com/pixel/purst?dl=0&th=0&sc=0&rs=5854&rd=5854&fd=1411&bv=22.8.v.2&tmpl=136
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=5854&rd=5854&fd=1411&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 18:04:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
resources.blogblog.com/blogblog/data/res/3436224651-indie_compiled.js
142.250.74.105200 OK 0 B URL HTTP/2 resources.blogblog.com/blogblog/data/res/3436224651-indie_compiled.js
IP 142.250.74.105:0
GET /blogblog/data/res/3436224651-indie_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:44:50 GMT
expires: Sun, 02 Oct 2022 13:44:50 GMT
cache-control: public, max-age=604800
last-modified: Sat, 24 Sep 2022 17:50:40 GMT
content-type: text/javascript
age: 274800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.100.4200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.100.4:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:51 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 15d1880ee5f5dc689b2c46a2dccb57d2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 18:04:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFlHP%2By%2F93xSJMQY%2FG3aVOzNO6upvty%2B9xu9Qe%2BkQLPr4vPglB5NM2KIPtPeuQdF5PnKCAyBIdFdql0RPISfANyQqPMvMcgGI36TrcPuB1j7cdP8jvkFVv1AiTs%2FftJhyUiU5xE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e67622bb676a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/57/d2/dc/57d2dcf7aac93d88e9ff3a6f7187cf70/1659972618.gif
45.133.44.9200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/cti/57/d2/dc/57d2dcf7aac93d88e9ff3a6f7187cf70/1659972618.gif
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
GET /cti/57/d2/dc/57d2dcf7aac93d88e9ff3a6f7187cf70/1659972618.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: image/gif
content-length: 202553
server: nginx/1.17.6
last-modified: Mon, 08 Aug 2022 15:30:26 GMT
etag: "62f12c12-31739"
expires: Fri, 30 Sep 2022 18:04:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/css/animate.css
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/css/animate.css
IP 172.64.201.2:0
GET /sb/ssp/notifications/text_bubble/2/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://worldnewsdailypost.blogspot.com
Connection: keep-alive
Referer: https://worldnewsdailypost.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 10:56:21 GMT
etag: W/"62cd5355-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 279901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofzOs5%2FIFiZz6FDg%2BujKHwZnYCJ5f7qPAeWgiKr7vg0S04M1MUeloxy0kyNe8%2BtRRTNJDDFLuO3FjsAJbjeqye%2Br%2B7YsCEmYBkN14ZascE%2Bjh6hG5vNg5525AsvA4x%2Fw338%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676bbd6a4052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js
IP 172.64.201.2:0
GET /sb/ssp/notifications/text_bubble/2/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:04:52 GMT
content-type: application/javascript
last-modified: Tue, 12 Jul 2022 10:56:19 GMT
etag: W/"62cd5353-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1242487
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71YR%2B8WyPNabYr2GT%2BuR45V2I3A2ytZo3nLmM%2F9%2BzSKmjm5ayjCxlF3ZFLysr4no004BFK%2F2MLB8pFL3urLTgpg64UG0upWRUkt2hsez70dUVkYxNh%2F8aJglFRhpyb9vSqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e676bdda24052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2