r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5016
Expires: Wed, 14 Dec 2022 04:06:27 GMT
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10222
Expires: Wed, 14 Dec 2022 05:33:13 GMT
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 02:08:49 GMT
content-type: application/json
age: 2042
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4226
Expires: Wed, 14 Dec 2022 03:53:17 GMT
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RROsb6Jl71SFG5MFJ/1Fbw1Y0F6+BbdXKrEJ14Cfu36aLpx4b11uKEFcWG4mL6sgJlpcCiNO+MA=
x-amz-request-id: DGPSN0KKC4N49TTV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 01:52:09 GMT
age: 3042
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 02:42:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 02:33:19 GMT
age: 572
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2411
Cache-Control: max-age=111852
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:51 GMT
Etag: "639840ac-1d7"
Expires: Thu, 15 Dec 2022 09:47:03 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
pak-janggut.blogspot.com/search/label/Rozita
172.217.21.161200 OK 13 kB URL HTTP/1.1 pak-janggut.blogspot.com/search/label/Rozita
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4472)
Hash c7ff615eb5ba1745cf5eb2bdb69bc2e9
ea61db80b4fcac58b4746a88668691b24a2e2a4c
6a60efed767d5b97f32c061170919cdb5ca95d3cb483edbc5c753f16dc1aaf46
Analyzer Verdict Alert fortinet Phishing
GET /search/label/Rozita HTTP/1.1
Host: pak-janggut.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 14 Dec 2022 02:42:51 GMT
Date: Wed, 14 Dec 2022 02:42:51 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 10 Dec 2022 14:53:52 GMT
ETag: W/"31ca276a91db0f797e92e975b9ca1bcbe641ad242c16fba93fa754407f6bad0d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 13254
Server: GSE
ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
142.250.74.10200 OK 27 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
IP 142.250.74.10:0
File type ASCII text, with very long lines (820)
Hash 88ed7d5a26ffff39cbae41fa7b2c615d
5ea49f5aeeb49e8abd640da2f6d657fb57cc5acc
52943bd40a595c39f84e23ddd74755daa4d013b55c709de9b312661e59103ab3
GET /ajax/libs/jquery/1.4.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 27266
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 13:43:15 GMT
Expires: Sat, 09 Dec 2023 13:43:15 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 392377
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
pak-janggut.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 pak-janggut.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: pak-janggut.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/search/label/Rozita
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Dec 2022 03:58:44 GMT
Expires: Tue, 20 Dec 2022 03:58:44 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 13 Dec 2022 01:53:33 GMT
Content-Type: text/javascript
Age: 81848
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 829db7ae90e41b56fd29eb7544eeda4e
f93368a8127f4783bba6475826bdbfbcb712563a
d6a2e1304ddaa22a8036356fac8af535ced9fe1f2bce54c50e734f4ef6103881
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 351e38674c4649193e45dad43b63a037
6472ffc392de1fb7b52cb60bcf2af9263583c222
f5e042b6dee07492624bc561df0533c5205ed471281e31eb87f3a8d85c054c25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: close
Content-Length: 326
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:01:44 GMT
expires: Wed, 13 Dec 2023 14:01:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Dec 2022 06:58:47 GMT
content-type: text/css
age: 45668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: close
Content-Length: 326
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 14 Dec 2022 02:42:52 GMT
expires: Wed, 14 Dec 2022 02:42:52 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: close
Content-Length: 326
www.blogger.com/static/v1/widgets/2092647672-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 520327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: close
Content-Length: 326
connect.facebook.net/en_US/all.js
157.240.240.1301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 157.240.240.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Wed, 14 Dec 2022 02:42:52 GMT
Connection: keep-alive
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f0cd16a4285109b0d728642f1d1df3
833e9fa9eb60302f3f4c0370e52b533befd2e2e2
748e2cfb115a307c593b875812af31efbc2310a2b4309bf35091f9af98dfb980
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a799dd48356a677054f34a33639b8573
5bd30f252fca13084121f4766724c54a3156f137
8c009a68ba498c45068525c3b226b4b6931be274d36250dd8afadd592ff65d82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.155.171.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.171.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p7PL+Mz7snjFHmk6c5KJHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 31VKCF/7jfPeHc11ppzL9t5aMu4=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb8e1ce80f4fac6b8d656b13b542addc
e44f980c0f13ddde3a3a9d1deaa439cdeedd678b
3bed3cf4a831fd1278fffde1c1797805062e1bd75f79091fe7bff00f8292c59b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2476
Cache-Control: max-age=127783
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Etag: "63987ea7-1d7"
Expires: Thu, 15 Dec 2022 14:12:35 GMT
Last-Modified: Tue, 13 Dec 2022 13:31:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js
157.240.240.1200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 157.240.240.1:0
File type ASCII text, with very long lines (1957)
Hash dc194aefdf676f08a25cbb030e5fe00e
cd8f509938788ebf91ee88c1ecde1ec0a0015840
a75b6a3ddb7f1f03ca3290d1315a2be505b3bf7211085dbb528c8de0299d348d
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ebe234ae400877c50ece45752579f566
etag: "d3b491c6a4765d8d29aeb18aeb4cb7c0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 14 Dec 2022 02:54:43 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 3BlK799nbwiiXLsDDl/gDg==
x-fb-debug: 7VF45Dy4KqfpzbJ9KjtPuwzA5AHC4J5sHRLRTFDtXIRI7a671V8MIeIQkdwWcqMdhOOmUsIqWortX69T3mBxUw==
content-length: 1686
x-fb-trip-id: 1679558926
date: Wed, 14 Dec 2022 02:42:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.samsengfb.com/samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5912.6741
190.2.139.23200 OK 7.0 kB URL HTTP/1.1 www.samsengfb.com/samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5912.6741
IP 190.2.139.23:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (17166)
Hash 9f52aed78319a4fc44bd324b605af29d
299022bf9c2c855a85950a60ea09380ed4428065
63dbfebd7443937f4c286a5aa16759d5afa1de8c1798fcccbc43f4f624f8a4da
Analyzer Verdict Alert fortinet Malware
GET /samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5912.6741 HTTP/1.1
Host: www.samsengfb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
X-Powered-By: PHP/7.2.34
Content-Encoding: gzip
www.widgeo.net/geocompteur/geocity.php?c=geocity_rose&id=2052431&adult=0&cat=news
172.67.69.193200 OK 2.0 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity.php?c=geocity_rose&id=2052431&adult=0&cat=news
IP 172.67.69.193:0
File type ASCII text, with very long lines (2149)
Hash 4b0c1a0d1aa4234cf191557e6bb22f21
4bbce4d28e0427fd5208694531db1b6687e0baf7
f8de6883280e63d4cd9b96b7e5e1cf657a2517f9ee1ac3bfb13eb52b62880cff
GET /geocompteur/geocity.php?c=geocity_rose&id=2052431&adult=0&cat=news HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: application/javascript
Content-Length: 2034
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Tue, 20-Dec-2022 02:42:51 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Wed, 21 Dec 2022 02:42:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1DFe3Q%2BC2SkS1ESq0%2FFRicsYaVo4wxPCuHFy5ur%2BvmRZLu7hsys7sbdKQqKMvSJ%2BekRMbE1drRMhgcJbrVp5stzW3RZM7zxwhOqKh593Xf6ymhb2NQ9WEc%2Ft6MOlfvq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779396b3ae72b50f-OSL
alt-svc: h2=":443"; ma=60
www.widgeo.net/img/logopm.png
172.67.69.193200 OK 714 B URL HTTP/1.1 www.widgeo.net/img/logopm.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3832d6b8d8c47a5cefe6561297b514f6
f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
GET /img/logopm.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: image/webp
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 06 Jan 2023 21:00:16 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 538956
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fL9kfeY%2FTXzGfTV1SthuJGwfC6zsAos%2Bknm8Z0UOuVxN21NbqYJeGfZYxwS%2B1nzX%2B9XSgfRS35%2F0GVSy7HAF0cdNH1BND87bifP4f8LG%2BQRAXBlK11tCSxo%2BxYqX06Sg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779396b519fbb500-OSL
alt-svc: h2=":443"; ma=60
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
i66.photobucket.com/albums/h260/toonybug/templatestag.png
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/templatestag.png
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/templatestag.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/templatestag.png
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1nnWFextMVcLIfHIBkUDZ7DNN615WZO1asCuEc4wVCuSvGO1XYJwqg==
Vary: Origin
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1167641
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1167641
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1167641 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169954
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169954
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1169954 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1169953 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
143.204.55.73301 Moved Permanently 167 B URL HTTP/1.1 i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
IP 143.204.55.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/s282/theviejo/recurso_9_7.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X25_raglBQoRl39vzgwR38uRkLDTJOFVOrLEO0LtF_8epclavfORhw==
Vary: Origin
i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/background2-20.jpg HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: suOLKpcHkq4IQgF55ux2zWt6X2D8foz6KYyFQAaLD8HtMOKDLOk4TQ==
Vary: Origin
www.buatcoklat.com/images/banner03.gif
45.33.18.44302 Found 0 B URL HTTP/1.1 www.buatcoklat.com/images/banner03.gif
IP 45.33.18.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/banner03.gif HTTP/1.1
Host: www.buatcoklat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Wed, 14 Dec 2022 02:42:52 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://d39f23jfph0ylk.cloudfront.net/buatcoklat.com.gif
vary: Accept-Language
content-language: en
connection: close
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:51 GMT
Connection: close
Content-Length: 326
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb8e1ce80f4fac6b8d656b13b542addc
e44f980c0f13ddde3a3a9d1deaa439cdeedd678b
3bed3cf4a831fd1278fffde1c1797805062e1bd75f79091fe7bff00f8292c59b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3864
Cache-Control: max-age=129171
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Etag: "63987ea7-1d7"
Expires: Thu, 15 Dec 2022 14:35:43 GMT
Last-Modified: Tue, 13 Dec 2022 13:31:19 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
i66.photobucket.com/albums/h260/toonybug/header2-12.png
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/header2-12.png
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/header2-12.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/header2-12.png
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 44kqHoFsxaz_s2I0bZV8i_qAV6NC4HaTB3_iX7lH4Sc5vtj9FdsBsA==
Vary: Origin
lh4.ggpht.com/-Oc5mQKZnxJU/Ur9yRAH40QI/AAAAAAAB01I/Yn8IgZN90wk/w72-h72-p-k-no-nu/Fullscreen-capture-12272013-13356-PM_thumb%25255B1%25255D.jpg?imgmax=800
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 lh4.ggpht.com/-Oc5mQKZnxJU/Ur9yRAH40QI/AAAAAAAB01I/Yn8IgZN90wk/w72-h72-p-k-no-nu/Fullscreen-capture-12272013-13356-PM_thumb%25255B1%25255D.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8a50e82a9915eff28da70a19a17d0028
73eb91985dfc5fd3d47f758377583806c19e0cb7
78dde5e67f2750f95cbfe0c2cb7713648833c57ccf2c382b9daab6e27a4944e5
GET /-Oc5mQKZnxJU/Ur9yRAH40QI/AAAAAAAB01I/Yn8IgZN90wk/w72-h72-p-k-no-nu/Fullscreen-capture-12272013-13356-PM_thumb%25255B1%25255D.jpg?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d353"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Fullscreen-capture-12272013-13356-PM_thumb[1].jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 2853
X-XSS-Protection: 0
lh5.ggpht.com/-nwC7xKUA8KQ/UndBNF9B2xI/AAAAAAAB0p8/4vZM86A0lgI/w72-h72-p-k-no-nu/image-2_thumb.jpg?imgmax=800
142.250.74.161200 OK 3.6 kB URL HTTP/1.1 lh5.ggpht.com/-nwC7xKUA8KQ/UndBNF9B2xI/AAAAAAAB0p8/4vZM86A0lgI/w72-h72-p-k-no-nu/image-2_thumb.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c47e4d5b98303464c85206ef41862245
32f59431620e9009f98fd7c0c2719d67d4db4d3e
5cc1620c33674f31bb380e475f35c8de7510950625db46ac58928062124a2d12
GET /-nwC7xKUA8KQ/UndBNF9B2xI/AAAAAAAB0p8/4vZM86A0lgI/w72-h72-p-k-no-nu/image-2_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d2a0"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="image-2_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 3597
X-XSS-Protection: 0
www.rahsiakuihraya.com/images/ban3.gif
34.98.99.30200 OK 2.6 kB URL HTTP/1.1 www.rahsiakuihraya.com/images/ban3.gif
IP 34.98.99.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 6e0e72649d50296f15557e931c1e05e9
a86f0f6aa222653013fe3c36d434f67057c85e64
895c0f60e59fdd84e53ab7ddb8866c8f49e45386632dca017efedd48313c9e0c
GET /images/ban3.gif HTTP/1.1
Host: www.rahsiakuihraya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Sat, 10 Dec 2022 14:15:29 GMT
ETag: "63949481-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KtgrS35it06UYLDHWX2lqjXc6cYq/W2GL8Ir/NcJhmYxNo3vs/U052xfSkl3wbZgp1eOKi6QVqfWzvZapoVRww
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: system=PW;Path=/;Max-Age=86400;
caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
traffic_target=reseller;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
lh4.ggpht.com/-oH0luZ7UVnI/U0KDVsm3R8I/AAAAAAAB1YE/u6xBjijM2yE/w72-h72-p-k-no-nu/che-ta-565x412_thumb%25255B1%25255D.jpg?imgmax=800
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 lh4.ggpht.com/-oH0luZ7UVnI/U0KDVsm3R8I/AAAAAAAB1YE/u6xBjijM2yE/w72-h72-p-k-no-nu/che-ta-565x412_thumb%25255B1%25255D.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d44f9ff4dafb7f7036b7e167fe48ef6
068bcbf6060a0dcdcbf090bedc35eca7c010b918
d9b6a03bfe14f0b19950f9dfa65124dcfedef7911bbc6f2d617e6168fc7707d7
GET /-oH0luZ7UVnI/U0KDVsm3R8I/AAAAAAAB1YE/u6xBjijM2yE/w72-h72-p-k-no-nu/che-ta-565x412_thumb%25255B1%25255D.jpg?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d582"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="che-ta-565x412_thumb[1].jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 3798
X-XSS-Protection: 0
lh4.ggpht.com/-BUIH_W3x3HE/U0IE64TuXQI/AAAAAAAB1XU/eN66XkMzk6E/w72-h72-p-k-no-nu/jue_aziz.jpg_480_480_0_64000_0_1_0_thumb%25255B1%25255D.jpg?imgmax=800
142.250.74.161200 OK 3.7 kB URL HTTP/1.1 lh4.ggpht.com/-BUIH_W3x3HE/U0IE64TuXQI/AAAAAAAB1XU/eN66XkMzk6E/w72-h72-p-k-no-nu/jue_aziz.jpg_480_480_0_64000_0_1_0_thumb%25255B1%25255D.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7dee9ca440c7883ad673561de319d682
2c283d27d740450d951204e867a893376a9df4b5
bd448a11b2a6a869ae085a7e0437618294b8af7bdd341ea435961f175bda29fc
GET /-BUIH_W3x3HE/U0IE64TuXQI/AAAAAAAB1XU/eN66XkMzk6E/w72-h72-p-k-no-nu/jue_aziz.jpg_480_480_0_64000_0_1_0_thumb%25255B1%25255D.jpg?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d576"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jue_aziz.jpg_480_480_0_64000_0_1_0_thumb[1].jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 3689
X-XSS-Protection: 0
lh4.ggpht.com/-d45s0Gw6WqM/Uz_2dnWiiJI/AAAAAAAB1VM/aoI1ivDShyo/w72-h72-p-k-no-nu/fizz_thumb.jpg?imgmax=800
142.250.74.161200 OK 3.7 kB URL HTTP/1.1 lh4.ggpht.com/-d45s0Gw6WqM/Uz_2dnWiiJI/AAAAAAAB1VM/aoI1ivDShyo/w72-h72-p-k-no-nu/fizz_thumb.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash cd4d4e7e31d96aeee8c5d2645204feb1
2c5ad6e598a082bbf8fbfae666232b651ccb4356
32f36c233bbe9822faa2809e8958dfdcc4b66bf55f4d9b1c6a05903347bbd4ee
GET /-d45s0Gw6WqM/Uz_2dnWiiJI/AAAAAAAB1VM/aoI1ivDShyo/w72-h72-p-k-no-nu/fizz_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d554"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fizz_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 3671
X-XSS-Protection: 0
lh4.ggpht.com/-LDYiqa-UlPw/UxWY8zATmOI/AAAAAAAB1Ps/3iPmjzxEq88/w72-h72-p-k-no-nu/Screen-Shot-2014-01-27-at-5.45.52-PM-1_thumb.png?imgmax=800
142.250.74.161200 OK 10 kB URL HTTP/1.1 lh4.ggpht.com/-LDYiqa-UlPw/UxWY8zATmOI/AAAAAAAB1Ps/3iPmjzxEq88/w72-h72-p-k-no-nu/Screen-Shot-2014-01-27-at-5.45.52-PM-1_thumb.png?imgmax=800
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash dd502572853db49ef8a798cfb13b6d8d
3494238ed0b579d79f4668c4eec5e0f13772b5c8
a3fbca281f00823eb27c96b9bec08202a005143a6d98bbc2ee46ffd3c84a9f6f
GET /-LDYiqa-UlPw/UxWY8zATmOI/AAAAAAAB1Ps/3iPmjzxEq88/w72-h72-p-k-no-nu/Screen-Shot-2014-01-27-at-5.45.52-PM-1_thumb.png?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d4fc"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Screen-Shot-2014-01-27-at-5.45.52-PM-1_thumb.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 10538
X-XSS-Protection: 0
www.linkwithin.com/pixel.png
3.19.188.212200 OK 83 B URL HTTP/1.1 www.linkwithin.com/pixel.png
IP 3.19.188.212:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1dba98f5e46c0e7a1549b3d8af9b93
37284bda145ed93cee64997e3d6688cae7d98468
88021da4a13d993a2c94e4d8ddc9bd98b34985d806371e71e0531b37b8a0e081
GET /pixel.png HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: image/png
Content-Length: 83
Last-Modified: Thu, 18 Jun 2020 22:02:28 GMT
Connection: keep-alive
ETag: "5eebe474-53"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
i66.photobucket.com/albums/h260/toonybug/templatestag.png
143.204.55.106200 OK 6.1 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/templatestag.png
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 034aa733dacc7922e2d827d110a6277b
2bc7f2d7a43f541078f389e430a513d42451165b
aa1194a4bde2d3989823fb461bff38780122f52b25260bd8bbf4ae269627dd46
GET /albums/h260/toonybug/templatestag.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 6098
date: Tue, 13 Dec 2022 03:58:45 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="templatestag.webp"
expires: Wed, 13 Dec 2023 03:58:45 GMT
server: photobucket
x-amzn-trace-id: Root=1-6397f875-05d555371571125256d75201
x-request-id: -eYy9l7oQBCRZJVANvqgB
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yh8yImoobhkKFfJBwTwOcRc8KjZktFSq-_3W0InXLMuuZO1R2Jy30w==
age: 81847
vary: Accept, Origin
X-Firefox-Spdy: h2
i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
143.204.55.106200 OK 227 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 227 kB (226614 bytes)
Hash ef7477fb8ee9a569a09ee99354e024bc
1a7406d2f52fe0a9ead58edd224c0994a9c82fe5
6c1d19b7a44d5762cb0d83a48844d4d109b1a64f31278a9673e6a69fce21fa44
GET /albums/h260/toonybug/background2-20.jpg HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 226614
date: Tue, 13 Dec 2022 03:58:46 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="background2-20.webp"
expires: Wed, 13 Dec 2023 03:58:46 GMT
server: photobucket
x-amzn-trace-id: Root=1-6397f875-526817742495148f08dabb49
x-request-id: ECCw4M3hPcCenjhNvOld5
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zrPP4oC3aGmR1SvK75lcFqfYEmtc9CsyVrw60aAPd7LBO4SvTMnC9Q==
age: 81846
vary: Accept, Origin
X-Firefox-Spdy: h2
i66.photobucket.com/albums/h260/toonybug/header2-12.png
143.204.55.106200 OK 88 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/header2-12.png
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e77dc4b55a98f0276e869e8233aad288
f77186296a3c1a292896bb5f14300fc3cc73e517
1ab90235b5b9dd020b47882fad9b575eb25f3af7bd95362ad95c9089ab53b146
GET /albums/h260/toonybug/header2-12.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 88336
date: Tue, 13 Dec 2022 03:58:45 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="header2-12.webp"
expires: Wed, 13 Dec 2023 03:58:45 GMT
server: photobucket
x-amzn-trace-id: Root=1-6397f875-490009613584ff663f1b6500
x-request-id: W6dnNcDx9Uw6P2wu7wib_
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u65u9iDePgXvV3aSZjP7jc233EpMjGCXIJ12QszoxVbtKkUEmQ5DyA==
age: 81847
vary: Accept, Origin
X-Firefox-Spdy: h2
i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
143.204.55.106200 OK 866 B URL HTTP/2 i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cc4c3239458044ac24fec670759abe98
1d82930aeb5ee83c27c9cf18e4032c5ccc79fa9e
7e7869c41d518540d17a4197002c2d327bb3b39714f2ae67ede24aeaabc2a6f9
GET /albums/s282/theviejo/recurso_9_7.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 866
date: Tue, 13 Dec 2022 03:58:45 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="recurso_9_7.webp"
expires: Wed, 13 Dec 2023 03:58:45 GMT
server: photobucket
x-amzn-trace-id: Root=1-6397f875-3032fb5c42b04155329f2dc9
x-request-id: tJRQ39G-fQh8ZudVf4HQu
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J4vwpMDDiAGurT8sEPjxNQfXWH4fiDmuq1E1DNT5IoQFwbB44GDXVw==
age: 81847
vary: Accept, Origin
X-Firefox-Spdy: h2
lh6.ggpht.com/-w8Cq-r9-h0g/UfD1iIC98MI/AAAAAAAByec/t9cN2pEbSjk/w72-h72-p-k-no-nu/3%252520Peserta%252520Ratu%252520Cantik%252520Malaysia%252520Mohon%252520Maaf-Sara%252520Amelia_thumb%25255B1%25255D.jpg?imgmax=800
142.250.74.33200 OK 2.7 kB URL HTTP/1.1 lh6.ggpht.com/-w8Cq-r9-h0g/UfD1iIC98MI/AAAAAAAByec/t9cN2pEbSjk/w72-h72-p-k-no-nu/3%252520Peserta%252520Ratu%252520Cantik%252520Malaysia%252520Mohon%252520Maaf-Sara%252520Amelia_thumb%25255B1%25255D.jpg?imgmax=800
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d39a47f6c5d8436133130b4a50c72895
d5540366a80ad592882fd3c988b045b2ee4b54fa
f886dd9041fa1ccaa4eae2f1ae1f68ff705b6e0371c5c50053c985afa62d54d1
GET /-w8Cq-r9-h0g/UfD1iIC98MI/AAAAAAAByec/t9cN2pEbSjk/w72-h72-p-k-no-nu/3%252520Peserta%252520Ratu%252520Cantik%252520Malaysia%252520Mohon%252520Maaf-Sara%252520Amelia_thumb%25255B1%25255D.jpg?imgmax=800 HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="3 Peserta Ratu Cantik Malaysia Mohon Maaf-Sara Amelia_thumb[1].jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2688
X-XSS-Protection: 0
Date: Wed, 14 Dec 2022 02:42:52 GMT
Expires: Wed, 14 Dec 2022 03:58:45 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1c9e8"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-vapHBxVQ2C0/T-sdmrGAV8I/AAAAAAAAELc/F-tzH9gKIDI/s200/images.jpg
142.250.74.161200 OK 17 kB URL HTTP/1.1 1.bp.blogspot.com/-vapHBxVQ2C0/T-sdmrGAV8I/AAAAAAAAELc/F-tzH9gKIDI/s200/images.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x194, components 3\012- data
Hash 6d84778a75f7f06817a69e32b075ea46
bd7481bebef77d342633b16f9e4599fe92cdc640
25ae60ae76254c1f07eb56b346212a37a743aebf42f7daa29d4df46bfd73ac48
GET /-vapHBxVQ2C0/T-sdmrGAV8I/AAAAAAAAELc/F-tzH9gKIDI/s200/images.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v10b7"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="images.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 16745
X-XSS-Protection: 0
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 0c3fdf54a35d66a1e272956af95d34af
fd6cf4aa04104d6b48831bbf88bc6256fd5012c3
3adb20fd3b841e10b308345d164ac790a96228c3eac3e063efa505ae3c7d4cf6
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
date: Wed, 14 Dec 2022 02:40:34 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 716801008
content-type: text/javascript
content-length: 4405
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:5EA2_2E69C9F0:0050_6399382C_792A:63CC
x-iplb-instance: 42474
lh4.ggpht.com/-EPl26KWIh3Q/Uz7LLYkoMnI/AAAAAAAB1TQ/C7GqD4i_7mQ/w72-h72-p-k-no-nu/gambar%252520bapa%252520cekik%252520dan%252520pijak%252520bayi%252520sendiri_thumb%25255B1%25255D.jpg?imgmax=800
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 lh4.ggpht.com/-EPl26KWIh3Q/Uz7LLYkoMnI/AAAAAAAB1TQ/C7GqD4i_7mQ/w72-h72-p-k-no-nu/gambar%252520bapa%252520cekik%252520dan%252520pijak%252520bayi%252520sendiri_thumb%25255B1%25255D.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a4d7876b6f4cdedb165d4c217e187006
a391ff9ef9268ba275721d3c92cc194fb35cc562
be057ad14b8b3584be35ec03eddaa1bf09c54cdd0c3f9403fbdd739ec904034d
GET /-EPl26KWIh3Q/Uz7LLYkoMnI/AAAAAAAB1TQ/C7GqD4i_7mQ/w72-h72-p-k-no-nu/gambar%252520bapa%252520cekik%252520dan%252520pijak%252520bayi%252520sendiri_thumb%25255B1%25255D.jpg?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d535"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gambar bapa cekik dan pijak bayi sendiri_thumb[1].jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 4377
X-XSS-Protection: 0
lh5.ggpht.com/-3NLOMFjeVIY/UjvVBPJlX3I/AAAAAAAB0OA/P-xRlWKH36A/w72-h72-p-k-no-nu/Deejay%252520radio%252520FM%252520parah%252520ditikam%252520penyamun%252520%2525281%252529_thumb.jpg?imgmax=800
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 lh5.ggpht.com/-3NLOMFjeVIY/UjvVBPJlX3I/AAAAAAAB0OA/P-xRlWKH36A/w72-h72-p-k-no-nu/Deejay%252520radio%252520FM%252520parah%252520ditikam%252520penyamun%252520%2525281%252529_thumb.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash de20f313af7891fe3c8d5f11c58f4f3e
967c37cc2613cbdc69aed6bda2268f2cf475a458
edc582a7ecce809a9adb85c188729db277acbe5c67e56b3a751b54ced9d4705b
GET /-3NLOMFjeVIY/UjvVBPJlX3I/AAAAAAAB0OA/P-xRlWKH36A/w72-h72-p-k-no-nu/Deejay%252520radio%252520FM%252520parah%252520ditikam%252520penyamun%252520%2525281%252529_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d0e1"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Deejay radio FM parah ditikam penyamun (1)_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 3293
X-XSS-Protection: 0
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:52 GMT
Connection: close
Content-Length: 326
i66.photobucket.com/albums/h260/toonybug/postimage.png
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/postimage.png
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/postimage.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/postimage.png
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M3SNMXQAkvweSZFs7KT5a-k3GdSrvSKYvYVGsxwyqFcIRAn8IqOIXg==
Vary: Origin
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 116f1262180546a7ba78f96eb3d2d1e5
7184cb7a917561e7a335a0a70842e30590e5ad8a
2f6ab4385f5f9a486c24110ece77c96aa7b0a77b3b41f9760f1f4589c89fb89d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=109803
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Etag: "63984217-117"
Expires: Thu, 15 Dec 2022 09:12:55 GMT
Last-Modified: Tue, 13 Dec 2022 09:12:55 GMT
Server: nginx
Content-Length: 279
lh3.ggpht.com/-FM5UpkdUG_4/UuXNC6vqfuI/AAAAAAAB048/RfapES0wwp8/w72-h72-p-k-no-nu/Gambar%252520seksi%252520Rozita%252520Che%252520Wan%252520pakai%252520skirt%252520pendek%2525201_thumb.jpg?imgmax=800
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 lh3.ggpht.com/-FM5UpkdUG_4/UuXNC6vqfuI/AAAAAAAB048/RfapES0wwp8/w72-h72-p-k-no-nu/Gambar%252520seksi%252520Rozita%252520Che%252520Wan%252520pakai%252520skirt%252520pendek%2525201_thumb.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b87181c649b9ea2eb1dd8a5eeae7bdfb
5ffa3d325358d85cc6189e2e7b9c2580a9c4571f
22897f82ef7c4ec4322237d5b592b97fda9e8fd0fbfb78fa786b202639e454bc
GET /-FM5UpkdUG_4/UuXNC6vqfuI/AAAAAAAB048/RfapES0wwp8/w72-h72-p-k-no-nu/Gambar%252520seksi%252520Rozita%252520Che%252520Wan%252520pakai%252520skirt%252520pendek%2525201_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d390"
Expires: Thu, 15 Dec 2022 02:42:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Gambar seksi Rozita Che Wan pakai skirt pendek 1_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: fife
Content-Length: 3502
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 116f1262180546a7ba78f96eb3d2d1e5
7184cb7a917561e7a335a0a70842e30590e5ad8a
2f6ab4385f5f9a486c24110ece77c96aa7b0a77b3b41f9760f1f4589c89fb89d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=109803
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Etag: "63984217-117"
Expires: Thu, 15 Dec 2022 09:12:55 GMT
Last-Modified: Tue, 13 Dec 2022 09:12:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 116f1262180546a7ba78f96eb3d2d1e5
7184cb7a917561e7a335a0a70842e30590e5ad8a
2f6ab4385f5f9a486c24110ece77c96aa7b0a77b3b41f9760f1f4589c89fb89d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=109803
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:52 GMT
Etag: "63984217-117"
Expires: Thu, 15 Dec 2022 09:12:55 GMT
Last-Modified: Tue, 13 Dec 2022 09:12:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
i66.photobucket.com/albums/h260/toonybug/postimage.png
143.204.55.106200 OK 2.0 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/postimage.png
IP 143.204.55.106:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7c97b842c78875c6ec36e6f15281a0d7
6c74bf1c6f860006eeaf58b4c5d73aeed3a52ce7
a561536555277e841424fa2139b09af34ad672769e8a51ad8f9e316f519d4dc5
GET /albums/h260/toonybug/postimage.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 1964
date: Tue, 13 Dec 2022 03:58:45 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="postimage.webp"
expires: Wed, 13 Dec 2023 03:58:45 GMT
server: photobucket
x-amzn-trace-id: Root=1-6397f875-47bd67ef61d72436596fa7d1
x-request-id: ZsbpG1X7sc9_S_AGHK24O
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jo7eMolUr-b83nu6lFDQXcsabOgs9uKYeSR2ffFmHmfFBRPGGE1IsQ==
age: 81847
vary: Accept, Origin
X-Firefox-Spdy: h2
www.widgeo.net/tcm_t_u.js
172.67.69.193200 OK 0 B URL HTTP/2 www.widgeo.net/tcm_t_u.js
IP 172.67.69.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcm_t_u.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:52 GMT
content-type: application/javascript
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:31:38 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 425472
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17WqMiEWzzFSA%2FrbKGURlIMOyNLN5kw88fWnZ96QrTqa6cHHYnI9n1IefSWmeI139jUdR%2BA5e%2FOrEqGrEgsb8Px148mV%2BdwwUWZf%2FNmt%2FxtIPAvhGdb83iU59tOisiH9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b86e490b4d-OSL
X-Firefox-Spdy: h2
www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=main
104.149.151.166200 OK 653 B URL HTTP/1.1 www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=main
IP 104.149.151.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d0d05a23cb23fe35908361694e15b565
d14818ca4dc04d998081b92c3975ff6e9f6dcdea
1fe598dd28104053751c17c7371ef1e42ec25c08b513993cbc93a4f6b4b9c716
GET /box/?boxid=438668&boxtag=56x6cw&sec=main HTTP/1.1
Host: www7.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Wed, 17 Nov 2004 05:00:00 GMT
Last-Modified: Tue, 14 Dec 2021 02:42:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Cache: MISS
Content-Encoding: gzip
www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=form
104.149.151.166204 No Content 0 B URL HTTP/1.1 www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=form
IP 104.149.151.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /box/?boxid=438668&boxtag=56x6cw&sec=form HTTP/1.1
Host: www7.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Thu, 14 Dec 2023 02:42:52 GMT
Cache-Control: public, max-age=31536000
X-Cache: MISS
i66.photobucket.com/albums/h260/toonybug/divider-9.png
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/divider-9.png
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/divider-9.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 14 Dec 2022 02:42:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/divider-9.png
X-Cache: Redirect from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: r-yCaGvLgvxHGwh82PMZhNc-AqhtiG_ZniFIVzrP81EiiU33Trs2Rg==
Vary: Origin
www.widgeo.net/tcm.js
172.67.69.193200 OK 25 kB IP 172.67.69.193:0
File type HTML document, ASCII text, with very long lines (673)
Hash aa209059080144c5c4fa1dc9704546db
df48893d64e0053d2724c9e4b90133ec502ace1b
d4d7cdec95e92cb50c288f6bdf31b92459fc6265142a0e46246e1a31a049efd3
GET /tcm.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:52 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 17 Dec 2022 08:08:57 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 326034
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsgOr1vcQ1MjFNj7lk65guf%2Bj68%2FneQQWUaVlRzzO7m5yfrlxIsI4IE%2F7PY2oJ0XV83qYvMqyGH1XmeIGiCDo2BVN1nioL6thQz9sfLMP9D4I4h464eeHSI4E6LbwEPH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b85e420b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
d2b9l3u54v5v39.cloudfront.net/css/default.css
54.230.245.82200 OK 1.5 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/default.css
IP 54.230.245.82:0
File type ASCII text, with CRLF line terminators
Hash 8ea20baef891abad5a169261301f1b0d
b983c5b36da773d38fc2d9d56fb1e462080ac0f8
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af
GET /css/default.css HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 1489
Connection: keep-alive
Last-Modified: Mon, 21 Sep 2015 08:25:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Tue, 13 Dec 2022 06:30:48 GMT
ETag: "70d0ec1947f4d01:0"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iDFqNPZjyqFTLSaQDbYz0YF07Q11VKPAp_kVR21KfNGEhEuX9R_Ihw==
Age: 72725
d2b9l3u54v5v39.cloudfront.net/css/88x726.css?cbst=2
54.230.245.82200 OK 2.9 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/88x726.css?cbst=2
IP 54.230.245.82:0
File type ASCII text, with CRLF line terminators
Hash 4168b5a2517e8d07be159017f22759e7
ade414bcff8b8babb58bf6369fdbc7b8e2cf67b6
816427321da11d1632fac7711648e373bcbc01cf8b7b372d7b9178827906430a
GET /css/88x726.css?cbst=2 HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2866
Connection: keep-alive
Last-Modified: Thu, 18 Jan 2018 16:19:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Tue, 13 Dec 2022 02:52:32 GMT
ETag: "8ae83247890d31:0"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qU33VTIOXZQROceiHUIG4t-bw2_huyCuj-fLDR7Fg8MczKwY2B4c5A==
Age: 85821
d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
54.230.245.82200 OK 1.2 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
IP 54.230.245.82:0
File type ASCII text, with CRLF line terminators
Hash 263303c015aaddbd3c417327b3b50823
c5c4f7ec9f5c1a2cfafad6b5810ed0da2080d3cb
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617
GET /activejs/bdv_fsthd.js HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1199
Connection: keep-alive
Last-Modified: Thu, 14 Jan 2021 11:27:17 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Wed, 14 Dec 2022 00:48:11 GMT
ETag: "977ef3668ead61:0"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L6uAPNW5GVLEexM6NxoV--GCJ_aqtv4YWoatlXUIsvoY0mo0Bd9HXQ==
Age: 8753
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b59e600f451e1d9ee50eeb80805044c
84dcdad4c9072e38103ab84b747c98365ed9229f
f9426bebbf21a26d91180d1c1dbeb2940f4404a22106ec5b2a18250983d9c2cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9426BEBBF21A26D91180D1C1DBEB2940F4404A22106EC5B2A18250983D9C2CF"
Last-Modified: Tue, 13 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19909
Expires: Wed, 14 Dec 2022 08:14:42 GMT
Date: Wed, 14 Dec 2022 02:42:53 GMT
Connection: keep-alive
www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita
172.67.69.193200 OK 2.1 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita
IP 172.67.69.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (311)
Hash 1de56517f0e12dd34310507b50c03045
626c52d83a6283ea459f49b5ae47d89c01f3a453
26735e46547c349d6867f50320a1d1d5d52d086202048d5ffd65ba40e6d956e0
GET /geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Tue, 14-Mar-2023 02:42:51 GMT; Max-Age=7776000; path=/
pays=Norway; expires=Tue, 14-Mar-2023 02:42:51 GMT; Max-Age=7776000; path=/
ville=Oslo; expires=Tue, 14-Mar-2023 02:42:51 GMT; Max-Age=7776000; path=/
idcompteurcc_2052431=done; expires=Thu, 15-Dec-2022 02:42:51 GMT; Max-Age=86400; path=/
online_idcompteurcc_2052431=done; expires=Wed, 14-Dec-2022 02:45:51 GMT; Max-Age=180; path=/
originecc_2052431=United%2BStates%2523United%2BStates%2BCity%252314234%257CCanada%2523Canada%2BCity%25234680%257CCanada%2523Burnaby%25232312%257CUnited%2BStates%2523Boardman%25232045%257CUnited%2BStates%2523Chicago%2523844%257CUnited%2BStates%2523Fort%2BLauderdale%2523656%257CRussian%2BFederation%2523Moscow%2523629%257CNew%2BZealand%2523Auckland%2523528%257CMalaysia%2523Kuala%2BLumpur%2523252%257CGermany%2523Frankfurt%2BAm%2BMain%2523220%257CUnited%2BStates%2523Wilmington%2523202%257CUnited%2BStates%2523Seattle%2523186%257CKorea%252C%2BRepublic%2Bof%2523Jungnang%2523183%257CUnited%2BStates%2523Los%2BAngeles%2523179%257CUnited%2BStates%2523San%2BJose%2523170%257CMalaysia%2523Malaysia%2BCity%2523161%257CUnited%2BKingdom%2523United%2BKingdom%2BCity%2523151%257CNetherlands%2523Netherlands%2BCity%2523150%257CCanada%2523Toronto%2523145%257CUnited%2BKingdom%2523London%2523142%257CRussian%2BFederation%2523Kazan%2523128%257CUnited%2BStates%2523Raleigh%2523126%257CUnited%2BStates%2523Lenexa%2523114%257CIreland%2523Dublin%2523105%257CRussian%2BFederation%2523Saint%2BPetersburg%252397%257CUnited%2BKingdom%2523Bath%252396%257CUnited%2BStates%2523Las%2BVegas%252389%257CSingapore%2523Singapore%252382%257CKorea%252C%2BRepublic%2Bof%2523Korea%252C%2BRepublic%2Bof%2BCity%252381%257C; expires=Wed, 14-Dec-2022 02:45:51 GMT; Max-Age=180; path=/
online_2052431=1; expires=Wed, 14-Dec-2022 02:45:51 GMT; Max-Age=180; path=/
jour_2052431=2; expires=Wed, 14-Dec-2022 02:45:51 GMT; Max-Age=180; path=/
total_2052431=33174; expires=Wed, 14-Dec-2022 02:45:51 GMT; Max-Age=180; path=/
bonus_2052431=2208; expires=Thu, 15-Dec-2022 02:42:51 GMT; Max-Age=86400; path=/
bonus_j_2052431=1; expires=Wed, 14-Dec-2022 02:45:51 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Wed, 14 Dec 2022 02:45:51 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqmUph6XJriq72Q81EiCOofpSrSsBA1DPGvrPQZE%2BphqLjtSuOSwxZr1pEJ7FAFIHW%2BLkdx%2FCB3Hq%2FT%2FSJZnTlo%2FKdAhyLdvCnxHD6KwMVkwFAfPnLJJ3tePOSvVsJtv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779396b6ef96b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 14 Dec 2022 02:42:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
www.widgeo.net/geocompteur/shadow/flag_united%20states.png
172.67.69.193200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20states.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03d9bb2b449e6e964d86aec6d71b6856
e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2444625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPwusyyLv8yrxQblzId9BbxEOz6yF43h0pQCyVzcmwmhLSDkUiCZFy8bVXxmgbPYKuFNuQaMlddEjWN5BAwml6dg3Hxgx%2B8Ue9tuWrXx7Ev9BMJJdodw0zELwh6VUeTj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ae850b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_canada.png
172.67.69.193200 OK 886 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_canada.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dfda6415875b226812181f7ea64fcc8
6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
GET /geocompteur/shadow/flag_canada.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 11 Jan 2023 21:27:27 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 105325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HO9dbYTByvOx3%2FbKCbHKXJnRHHQMdQFFHJ14tPEqJxlYEshTwYUkugx%2FZ7b%2FaIKKAzLFryS13ZxepGqFzRBuHD%2FB%2Frc1USTkL6egnh0A5j332xxcgAJfXPPxiVxq1zoa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ae860b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
172.67.69.193200 OK 680 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 852881aef6d6a8bca3123c3201f64c74
0e5ef2c61383bb79c8a6ea068d9a688631d844fa
41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 03:12:56 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1380596
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKfZG5tPBY3CnQ6T1m5rr5gg1uy%2BXfyiA%2FpMK6CgIehD6DK2bBsvUBB2deq%2FHmRNeEWZp3Tu1%2BZRaHB3R9kMX0RUtvvmjcDB6k15MJXV8MTyK4OfSiF4obRqPhgz5%2Fow"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ae880b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.69.193200 OK 3.9 kB URL HTTP/1.1 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.69.193:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 12:08:17 GMT
ETag: W/"639719b1-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wJ7jnEgIvlcZQLw1WQF6z39STlJ7qaeEnVnVJ9fbU45CZMm2Te0eUX0EynERF%2BTC13FK2zV740M%2FFEDfgajZSqLRbJX9Cu2z%2FKsMF7CCuCEx0ZphKR3u1tg69tc9zrH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779396b9c8afb50f-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Fri, 16 Dec 2022 02:42:53 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
172.67.69.193200 OK 940 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8719b63ac81155fd64422298ef8a8b25
c034b5869772ddf1675ebdbeb3c0d3c540738c24
b313f56a36c855a1a34a02b96910ee4307e553a28a6e52bc64e2ab1bc2cfdae5
GET /geocompteur/shadow/flag_new%20zealand.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 940
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1173
content-disposition: inline; filename="flag_new%20zealand.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 07 Jan 2023 05:41:08 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 507705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGV8rlYE8JMWasPMFOXUeWtuur0oHNj0cFoH1vajbUS6%2ButLQzSmgPjkqCp4EFM7PRL4B97BoAdudUGc3xIAqRxLMnmLTlTJeSMRa5QV6MCYb34Vytsahv6NqBvAjW1R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9be8c0b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_malaysia.png
172.67.69.193200 OK 990 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_malaysia.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b69697ab6effe9c72ebc0d4768d9f8bc
806c9c63795f99ce88b81475741fe06b1346a94d
1a473a4d01199896dd76d0882be0aa5e3a9ada7201e4d21f61c74ec3ee5463da
GET /geocompteur/shadow/flag_malaysia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 990
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1216
content-disposition: inline; filename="flag_malaysia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 22 Dec 2022 22:04:40 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1831092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQar35IecFG7vZtiLI5%2FD%2B2EefiLyohfnUfJNBpF5j4GfGUioEuOn8sY%2B%2FDZ3JceSKBbN3uxJGSjujEt%2F1fi7A3EO1GDNXIypAV8Mr%2FqS09imzTqzkgA6FvOMaTPGdLu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9be8d0b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_germany.png
172.67.69.193200 OK 686 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_germany.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c667705cee250254b246ed54d521b22
ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
GET /geocompteur/shadow/flag_germany.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 26 Dec 2022 19:58:36 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1493056
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibZEdchMLXkJ6W8n1k4QdhzNnOXAv%2Fp0D11CK7uzn68H6pldtB8HPH5UpcstPmV1ijVnHMktH54gS7WNjzCOcAe7aWbk6B%2BtkMGucLTWjKL2TX6p0rC72W62Lettkdse"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9be900b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_united%20kingdom.png
172.67.69.193200 OK 1.2 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20kingdom.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0fca0f8c1f72968c8849d783accae326
6d6f3b4500a3f1fccc3474d59c716b2f60a59ea4
c1319ad29f9822f08a6740f0b89e91127cfb11a449f99528f0a7928156032c9e
GET /geocompteur/shadow/flag_united%20kingdom.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 1220
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1459
content-disposition: inline; filename="flag_united%20kingdom.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 27 Dec 2022 07:58:53 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1449839
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrAOEZs9%2BNlzB7w2y%2FeDVhmTf9hXlm3UMyrg2EyyhH0I%2BIS5ifudw3FLmPr2mqDeEkvABb98sr7SIYCv0IHIE37xy0Gl07oYd%2BdQ7ezWXU9uXdFrX4KMICNlCUDCJeUt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ce920b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_netherlands.png
172.67.69.193200 OK 710 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_netherlands.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4d48534384964664d122ef558ebf1acd
8cbccb6b66f6161c329f9945b58e79e09640cc90
286ee399704cd53efeabbca51dfc8459fb9633265ae4e9e046610f7d61d087bb
GET /geocompteur/shadow/flag_netherlands.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 710
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=892
content-disposition: inline; filename="flag_netherlands.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 11 Jan 2023 21:22:05 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 105647
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mERqmK%2F0yFpkksrpr6hU6HIt4FHF1cmPXUhCxDcO70m5NDW3UT7VKmIJGbaaewnGsgAxhpIVfr%2FKk6f09uwHhjr0dOvowRtv9HNDnyInUFQIZ6oYxSPUkfCiB7E4iCEa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ce930b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
172.67.69.193200 OK 814 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ec4b0c854ec18061c7bafbe9ac9d1c3b
77c850ef6479e29a631dba64d06ccc1eefb1adc6
48f6236fb62cb417c5d00552052f378bfd1a82ca9f21f341c69390fd346fd439
GET /geocompteur/shadow/flag_korea,%20republic%20of.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 814
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1163
content-disposition: inline; filename="flag_korea,%20republic%20of.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:21:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2305253
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YF%2BFST1vBe9S3Alw98sgjXWCDhk7cJ2hCnpV1TkteYDeu0d6VdC6563iwLDEMqrldPoM5WiytzoU42gpPf2oAwLbZ%2B8mMef6x94bo8dQiHv%2FLGc6szaR%2BVMy99rJWUmU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ce910b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_ireland.png
172.67.69.193200 OK 712 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_ireland.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e55f246106bcd5ae49ef1a026ec80d3
a5afe18fe64456cbb16e31287f4106228267f584
eaf4b1563a65fb7bd06ace795835a00a4f491a48506996bd65c161d35002351e
GET /geocompteur/shadow/flag_ireland.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 712
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=937
content-disposition: inline; filename="flag_ireland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 12:40:14 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1778558
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDMt1baELNVbqzONZbTxdBQMl%2ByBg9qV3hJ1IOuarEl1POFj3UVVMyc1LswHbOkQESpTXIEu8dTHGidkpu%2F9yO%2BBqJTEIsVO6NOcGXO96%2FCOi6YMhADj2Rrm65TxQDSc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ce950b4d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/shadow/flag_singapore.png
172.67.69.193200 OK 768 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_singapore.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 931d98f74f8bbb82364a40f7c3c5ea3b
f844a679d51126b38659a25e9c71c748da392714
04f122230781518f0b5807695a1c731e33bea9ba0264d612c799485074204627
GET /geocompteur/shadow/flag_singapore.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 768
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=939
content-disposition: inline; filename="flag_singapore.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 03 Jan 2023 21:38:37 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 795856
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6aU68g38sh%2BxFhAp0YzQPhGoJ7gx2GBUh%2Bo4fDo3Gq20gJDDlgLlpj41hvJypkg1D%2FL7B43FYabe1tY11sF%2B%2F2YjsOKx5eicchi%2B89o3eqTdjFiSQxYJHE%2FiqqQ2mKT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9de960b4d-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.106:0
Hash 1b1c40fa3a79ed3e95472eaf5dcfd9bf
b71ffcc813118a98e68fa6d911bf17df53d4b29a
2bfc1e52ec3f94f64944141a220f34b27b2e290002a65ab69149d75654f590e7
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Dec 2022 02:42:53 GMT
date: Wed, 14 Dec 2022 02:42:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kekcoklat.com/images/banner/banner180.gif
192.185.225.6200 OK 58 kB URL HTTP/1.1 www.kekcoklat.com/images/banner/banner180.gif
IP 192.185.225.6:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 180 x 60\012- data
Hash a741428fab4e3f6215f41f8a41200be3
2f2110a1ea3f1fe6be661d72e61b51c7fdbb2a87
68fc167c81c53c0f80769227b3db5ce7cbddef69e0c00fc3512714edf03faf91
GET /images/banner/banner180.gif HTTP/1.1
Host: www.kekcoklat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 May 2012 04:36:55 GMT
Accept-Ranges: bytes
Content-Length: 57811
Keep-Alive: timeout=5, max=75
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f984d58053be39408d40ea947d38943
871048440e5ee63f08e83909802a4cae099d24d2
cf34f29cecf5262d96efec6d5302d083733a55809df7a1c60ebbacce89ada95f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
172.67.69.193200 OK 23 kB URL HTTP/2 www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
IP 172.67.69.193:0
Hash 65a529019cc02e080d032f89e023df23
4ce50a605e5a84268cc132c91b9ddc23c2d0483f
b7372c067a99ab124f373655fa849335f8c1025a7631d9988a7e6863b88b8bf5
GET /geocompteur/css/city_css.php?c=geocity_rose HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
expires: Wed, 21 Dec 2022 02:42:51 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR4dYXlb6bxyi2ZBHEQT2p1VP2bo7cQ6zV2gerCuZpM%2FWoJOpwyFq%2Bl%2Bo4VIoEY09crZhqUAyYiTOxteqTG8nTK7v0mSHFi3kXb8sFzkA3ANq3NoxdpgS5queGa1%2B%2BRM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b9ae840b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/geocity_rose.png
172.67.69.193200 OK 1.5 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/geocity_rose.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fd8fcb06a3c68c043307fabecea3593f
0e5bc3f93162c0ead5a509577d5e044220bb0a34
20b0d8b04ef5ea8054fa50e23cb038e81f2af5b15bde64a1af632a9a65e6c5b9
GET /geocompteur/img/tmp/geocity_rose.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 1456
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2256
content-disposition: inline; filename="geocity_rose.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 11 Jan 2023 08:32:30 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 151821
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vjm03fY2mqA7qdAQ2DSHNERODG4hhhiQaSV2OEEnB7S57fMT6c8rWYItUofpyv%2FphVk8HWC6%2BKKbWh1z1EAcjZCnVTorg6pEUhzUEkNFqYvixnajfUqxFqyKGGGXjiBs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396baaec60b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/earth_red.png
172.67.69.193200 OK 2.6 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/earth_red.png
IP 172.67.69.193:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 58980cc45f0ee0efffdc30ade3c1e295
ed75a1ea320a5a5993f2d8c27b2873bde09364e7
e994d6dfb98c97b89266605ccb40fade20b65078c94749428fd2d2485725a602
GET /geocompteur/img/tmp/earth_red.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: image/webp
content-length: 2616
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3362
content-disposition: inline; filename="earth_red.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 29 Dec 2022 14:43:11 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1252781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8A%2BfrcarkjSKbd2IMIRrTiS%2FyJteTjDb6zdlKUJ8EZ%2FGDt9w9fZQWzNZZ3j2c8KGvg8MemvRbBoY4teA9GpTUiK2MBI4Ya%2F2ELkGlvGmR7N0B2vgsjURBJx8F%2BlOGyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396baaec30b4d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.69.193200 OK 80 kB URL HTTP/2 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.69.193:0
Hash 832816fe20d6eb50835976448dd9849f
6f96e2842cbbce41b0fd534bbe6c98ff4a324705
22f5daf193459a134d8c9415f0deae12fcf19c7dc54d581f4fe15f51d758f736
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_rose
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 12:08:17 GMT
etag: W/"639719b1-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMXo502DzrricBbP0tvWP2ruw3HiO%2FNHldU7M3SRETnrOB2SYmsd9LWmSLbDSOKuCA%2Bdhzicb%2BHWwi8Q%2FILPtq42vb9nb6wgPzvAKG2I7sQ%2F5dzw5tq1BzprFwoR8YJO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779396ba0e9f0b4d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 16 Dec 2022 02:42:53 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12915
Expires: Wed, 14 Dec 2022 06:18:08 GMT
Date: Wed, 14 Dec 2022 02:42:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12915
Expires: Wed, 14 Dec 2022 06:18:08 GMT
Date: Wed, 14 Dec 2022 02:42:53 GMT
Connection: keep-alive
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1167641&RD=788691515504&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=788691515504&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
54.241.51.109200 OK 5.8 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1167641&RD=788691515504&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=788691515504&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
IP 54.241.51.109:0
Hash 6ee3bf0deda5aa18851a33b8d0b743a7
46d06035d723af8777655162536a39b1990bce5b
e80dd790f973f240209e5ad75e6223801128ff7059efc1a8c851f9fdad3691a9
GET /BidVertiser.dbm?pid=361547&bid=1167641&RD=788691515504&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=788691515504&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:52 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:52 GMT
Set-Cookie: bdv_c12p=244; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:52 GMT
bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:52 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5305
CONNECTION: Close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12915
Expires: Wed, 14 Dec 2022 06:18:08 GMT
Date: Wed, 14 Dec 2022 02:42:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f716c6738340d8021691bc2aff68e4fc
5e6c56525ab93dc577430be0e846a72589fcd973
88b6791422c1899ff3410525e7856d0ffbb297517fffef3ae98db2f3b6010fbb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0ee0c469970516bf6d255dafb0bd1225
884a347c2db0f220ce35dae3a64b1525ddbc3fa4
ff8285413954679ea64613c021380586779d139c7e0ccb6595f9efe3f1ae7e1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 577cee5a6996494cac7908537e16b192
c598173a2cf846c6cb572b19c754929230318cad
3d2cec49a818850f1a30e6087f8654dceea8b6f16221e2bb15fb9d7e90f6fe96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: eb043760-3b4b-4b84-b2b0-f0fd98d3e47d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpLoEP-oAMFddA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef17-4b7553a0354fc9a021f0fa50;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ma2_pbWp6bdRX_FjDKvUK4GI2MbnqHDVWnGUc4xZESPpZjBBH_tQJw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:51:15 GMT
age: 17498
etag: "c598173a2cf846c6cb572b19c754929230318cad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3acfbf939eab432007f8315f2376f563
e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c
d02ae4fa55f6ba4b1ca2186eb31a40018eada1e1491efdc4a95ffba4c35afa07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5108
x-amzn-requestid: cba619a3-ef9a-420b-b280-2b53608aad53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpL0G93IAMF59Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef18-7cc4f81a16016a8d63156bff;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3JmSN0RECaKzxPmndCUHm_4YLojawf7kw8A43yj1h1IfuZQKsVl6eg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:32 GMT
age: 17181
etag: "e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.shamsuriyadi.com/ccimages/banner180.gif
113.23.169.115415 Unsupported Media Type 1 B URL HTTP/1.1 www.shamsuriyadi.com/ccimages/banner180.gif
IP 113.23.169.115:0
ASN #38182 Extreme Broadband - Total Broadband Experience
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /ccimages/banner180.gif HTTP/1.1
Host: www.shamsuriyadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 415 Unsupported Media Type
Date: Wed, 14 Dec 2022 02:42:51 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: close
Server: imunify360-webshield/1.18
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RuZ47uh2aq0Ib0ZGmC7gBooDauMtzuzRZspYkVePk5lFecEIrgTqFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:57:03 GMT
age: 17150
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
142.250.74.10200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP 142.250.74.10:0
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 14:17:24 GMT
expires: Thu, 07 Dec 2023 14:17:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 563129
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc772f749-9e66-487b-9fb9-af28772667ba.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc772f749-9e66-487b-9fb9-af28772667ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ce6761dcc650405555eb134161a3994
4d90c8a02d9ad3b5365f4c225b2c4e0f750b6a13
364c77e89f88e1fa9875c62f605ab9f0e1a21fed3dabd3924a63d710f18e66f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc772f749-9e66-487b-9fb9-af28772667ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5555
x-amzn-requestid: 20c3fc29-49a8-4209-9785-a9d8fba86640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpcuGmiIAMF3Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef84-7849f0232ebe674a11af2371;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5NbJYCE-njkhzjC5KFbwEivi7MY6LLej9R2jRKWpQhEVH1bWk3IZCg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:42 GMT
age: 17351
etag: "4d90c8a02d9ad3b5365f4c225b2c4e0f750b6a13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25e5932a6449b859223367ce1e67e59c
5d2ea71d4f0d952d665586bdf32ed0e88c605af6
160021eb4b65b4720d90337bf46bfc3c5b317b2ec406ba377c9368a11c56f629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12046
x-amzn-requestid: 53e890e7-eaa7-434d-bcde-4a1e60b5b6b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGqNWEhooAMFZxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f0bb-0282299f7b644bbd2b65c079;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XJelUmwr6ECrVewxG3xTG9Zfvy0dUgxkP6FhPndIJ43i3iK6yrJZsw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:34 GMT
age: 17179
etag: "5d2ea71d4f0d952d665586bdf32ed0e88c605af6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qd7ZLBasMl-7gVScLfJ4kxx2fbcyeL21COqu3913iENoLFvK8wkEvA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 22:16:33 GMT
age: 15980
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb6b7affcab2b32d113fed499e663b71
bd1a5ee0a85c497bc5e10c7baa9b84e06188a668
a475dbafedab35e26c9c8cededc8844a6647899aec7106d116cf73556748ef75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A475DBAFEDAB35E26C9C8CEDEDC8844A6647899AEC7106D116CF73556748EF75"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10286
Expires: Wed, 14 Dec 2022 05:34:19 GMT
Date: Wed, 14 Dec 2022 02:42:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ac4256479ee5f383b192e09c799dd82d
4caa07eee49d14260e509293194a9307f558130b
8af6f00413bfc875b297146fc0581c3c2cffc78ea728eb3289736a191128553c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f716c6738340d8021691bc2aff68e4fc
5e6c56525ab93dc577430be0e846a72589fcd973
88b6791422c1899ff3410525e7856d0ffbb297517fffef3ae98db2f3b6010fbb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=2x42x50&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/
143.204.46.236302 Found 149 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=2x42x50&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/
IP 143.204.46.236:0
File type HTML document, ASCII text
Hash 82342d828bf674fe9f54f92cc62a1c0c
e0d36b5d7cf00eadb331def19ef6199ce43e794b
ee06e765b45b9372672db15b33f4b1fd2f5214aaf4355507dd6a9e500a109aae
GET /hit.xiti?s=281802&p=geocity_rose&hl=2x42x50&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/ HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 149
date: Wed, 14 Dec 2022 02:42:53 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_rose&hl=2x42x50&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=C944AF87-D854-42DE-9119-A0DAB62CAAB4; Path=/; Domain=xiti.com; Expires=Sun, 14 Jan 2024 02:42:53 GMT; HttpOnly
atidx=C944AF87-D854-42DE-9119-A0DAB62CAAB4; Path=/; Domain=xiti.com; Expires=Sun, 14 Jan 2024 02:42:53 GMT; HttpOnly; Secure
atid=C944AF87-D854-42DE-9119-A0DAB62CAAB4; Path=/; Domain=xiti.com; Expires=Sun, 14 Jan 2024 02:42:53 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uVCi7LIBbs9duMc8YY-wY2Ff5YnRgfmFZ0bdV7EKZpCS4c7TaS4ltQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 474 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (503)
Hash 35a8c7ab8ed735cb3510c3d3b3a2c6f1
a89d15abfe5788f1ccfa933a08ed232d0cdb6b8e
19daab06b791533304a0bf49784913a44f9d2cba91d1b61a1fa5a016149d1ae5
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 02:42:53 GMT
location: https://www.blogger.com/followers.g?blogID=3330746960625431196&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fpak-janggut.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Sbnm223L8GqCOsiXjMnkAg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 474
server: GSE
set-cookie: __Host-GAPS=1:OrVDsdNBD6Wd5wV7G-WA9PbvMgqYNw:I_KB6AKCko4fAxkZ;Path=/;Expires=Fri, 13-Dec-2024 02:42:53 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=358555c030ee436c857d9da11c19060e
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=358555c030ee436c857d9da11c19060e
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d7d6654eb5878233cb0ad8f9200072f3
d57b516854aef2be9257c3738083b9bd37f63f09
d3206f67c3d0f19b347d97f20f6855a02fd4e082052eb3bca9f73e28b3e24691
GET /gid.js?userId=358555c030ee436c857d9da11c19060e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://pak-janggut.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=358555c030ee436c857d9da11c19060e; expires=Thu, 14 Dec 2023 02:42:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1169953 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=2x42x50&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On
143.204.46.236200 OK 373 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=2x42x50&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On
IP 143.204.46.236:0
File type GIF image data, version 89a, 39 x 25\012- data
Hash 29cb2a1e585dff1f4282449fdbbab2d7
075d147195f9dba1862a6f3990d219d7c4389225
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
GET /hit.xiti?s=281802&p=geocity_rose&hl=2x42x50&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 373
date: Wed, 14 Dec 2022 02:42:53 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f36e1bo7-h80S1k2NdwIaHJDEJlhFY0wA0H-I0uZdsPF16wAi-h1bA==
X-Firefox-Spdy: h2
d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2
54.230.245.82200 OK 2.8 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2
IP 54.230.245.82:0
File type ASCII text, with CRLF line terminators
Hash d58909e3606e94cade8eca195ab40f2e
e6363f5074ba81376c31b4cd770f0b0344621e24
68cec5539b0b468c927628d857780b25c5be36223db516828dce541b1c167c00
GET /css/58x466.css?cbst=2 HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2831
Connection: keep-alive
Last-Modified: Thu, 18 Jan 2018 16:19:13 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Tue, 13 Dec 2022 06:04:58 GMT
ETag: "ec706f147890d31:0"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XTUW5JL88XZuDo30Of2pYwiJswG4vl6Iik1TW17iyFPrNMO9Jz582g==
Age: 74274
onmarshtompor.com/?rb=jfC3YVsYqGwKpl4NPmDEuriSEhdYWVVsj8j7ZUL0WfaGtTEJKYbpdGxgMInr0EKzqIp7rDYLO8fsn-WLZblJm6CIhqsPJER1mYWSOX0Oc7tHaY4w6ajuTsyocBjD_Gd2ixK5ByG1lrGvB_xx0u0qlygJBzWLfldPKoCG0v3xvRJR3_q1iQUDF7rR8xcoaE-V7GIdJbQnRUNx3MgOtLbDtaZ1BOOajtb5o9dzRAt0KzHqsXxRz3nWfejBKPE%3D&request_ab2=96003&zoneid=3294720&js_build=iclick-v1.460.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.460.0&bs=1488d26e-2508-4e2a-87a7-bd67c5f94f89&userId=358555c030ee436c857d9da11c19060e&m=link
139.45.197.243200 OK 1.4 kB URL HTTP/1.1 onmarshtompor.com/?rb=jfC3YVsYqGwKpl4NPmDEuriSEhdYWVVsj8j7ZUL0WfaGtTEJKYbpdGxgMInr0EKzqIp7rDYLO8fsn-WLZblJm6CIhqsPJER1mYWSOX0Oc7tHaY4w6ajuTsyocBjD_Gd2ixK5ByG1lrGvB_xx0u0qlygJBzWLfldPKoCG0v3xvRJR3_q1iQUDF7rR8xcoaE-V7GIdJbQnRUNx3MgOtLbDtaZ1BOOajtb5o9dzRAt0KzHqsXxRz3nWfejBKPE%3D&request_ab2=96003&zoneid=3294720&js_build=iclick-v1.460.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.460.0&bs=1488d26e-2508-4e2a-87a7-bd67c5f94f89&userId=358555c030ee436c857d9da11c19060e&m=link
IP 139.45.197.243:0
File type JSON data\012- , ASCII text, with very long lines (1820), with no line terminators
Hash 96e873a583cfb96b7f6c9ee0ef15ead4
86d0bbc726924dba4a0a8a42d281ed031e3a9ef3
ba756c2263793811ca433bfb03f306da687245a56b391777c6d6c4576639e830
GET /?rb=jfC3YVsYqGwKpl4NPmDEuriSEhdYWVVsj8j7ZUL0WfaGtTEJKYbpdGxgMInr0EKzqIp7rDYLO8fsn-WLZblJm6CIhqsPJER1mYWSOX0Oc7tHaY4w6ajuTsyocBjD_Gd2ixK5ByG1lrGvB_xx0u0qlygJBzWLfldPKoCG0v3xvRJR3_q1iQUDF7rR8xcoaE-V7GIdJbQnRUNx3MgOtLbDtaZ1BOOajtb5o9dzRAt0KzHqsXxRz3nWfejBKPE%3D&request_ab2=96003&zoneid=3294720&js_build=iclick-v1.460.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.460.0&bs=1488d26e-2508-4e2a-87a7-bd67c5f94f89&userId=358555c030ee436c857d9da11c19060e&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://pak-janggut.blogspot.com/
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 02:42:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b960f467d97b17e14601c3a4bc806366
Access-Control-Allow-Origin: http://pak-janggut.blogspot.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=358555c030ee436c857d9da11c19060e; expires=Thu, 14 Dec 2023 02:42:53 GMT; path=/
oaidts=1670985773; expires=Thu, 14 Dec 2023 02:42:53 GMT; path=/
syncedCookie=true; expires=Wed, 21 Dec 2022 02:42:53 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
www.widgeo.net/hitparade.php?pagexiti=geocity_rose
172.67.69.193200 OK 3.6 kB URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geocity_rose
IP 172.67.69.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 099c473472fadfc55ec2011764d996ff
cd96f380194420485e43a22e67901b8495917b3f
fda5d5851454ce45c0ec3fc3fb6c8d171b4a346706bb418055db7b7f8a0350d8
GET /hitparade.php?pagexiti=geocity_rose HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Wed, 14 Dec 2022 02:45:51 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vf%2Buc1weivddIUf2QJaFuanLa5dcJwINqakJaL3ilB8iGDV2grYXFpKETra6Jt5VEiEOphf5FbxREtKoCdPneNc2Omi%2FM1xjGwNBLd7f1Fmbdb%2FBAYBbHXBX84g1E7zq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396b84e3e0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-a2a8F1cZ1pA/UtDEQAf7UKI/AAAAAAAABSs/Pw78LKftJSM/s45-c/*
142.250.74.161200 OK 1.8 kB URL HTTP/2 2.bp.blogspot.com/-a2a8F1cZ1pA/UtDEQAf7UKI/AAAAAAAABSs/Pw78LKftJSM/s45-c/*
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 99fab51d6ad334c42a05f0db6cc8532f
b5619d3d6a023d183e3524204ce1181536583572
2c634c594cdc4cc67f259a1af221cc120b66c2326bc7ca6afec0cda9daadb901
GET /-a2a8F1cZ1pA/UtDEQAf7UKI/AAAAAAAABSs/Pw78LKftJSM/s45-c/* HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="*.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1810
x-xss-protection: 0
date: Wed, 14 Dec 2022 00:03:44 GMT
expires: Fri, 11 Nov 2022 04:36:36 GMT
cache-control: public, max-age=86400, no-transform
age: 9550
etag: "v52c"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-SNHNQmxoVNs/TvVAp5vIAhI/AAAAAAAABWw/asRFhUakkO8/s45-c/DSC05641.JPG
142.250.74.161200 OK 2.0 kB URL HTTP/2 3.bp.blogspot.com/-SNHNQmxoVNs/TvVAp5vIAhI/AAAAAAAABWw/asRFhUakkO8/s45-c/DSC05641.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 4baee26cd326fe1bac951002f135cb97
fb115c64a6e8c90954147e1685e7bf84b099c56e
caac06f13c005445b14fd2479ddda47be11487bd12e0db5d395a9f3a9e0e763b
GET /-SNHNQmxoVNs/TvVAp5vIAhI/AAAAAAAABWw/asRFhUakkO8/s45-c/DSC05641.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="DSC05641.JPG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1953
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:42:54 GMT
expires: Sun, 27 Nov 2022 08:29:13 GMT
cache-control: public, max-age=86400, no-transform
etag: "v56c"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-FyYmc13_oNk/YtWsTpzMOtI/AAAAAAAAax4/b1WkV59-xokJGVLGV14OAlAKc8zgv5pMwCK4BGAYYCw/s45-c/1657207902075.png
142.250.74.161200 OK 3.0 kB URL HTTP/2 2.bp.blogspot.com/-FyYmc13_oNk/YtWsTpzMOtI/AAAAAAAAax4/b1WkV59-xokJGVLGV14OAlAKc8zgv5pMwCK4BGAYYCw/s45-c/1657207902075.png
IP 142.250.74.161:0
File type PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 420b8479d6a82697e5a84e7d4fcbcfda
1087ab065b87e34f659de2e18d07d2f59b74a2bd
062a3b33b7eecc1336b7f7b7b9129201091e945104a8d0017a4261753c2fbd13
GET /-FyYmc13_oNk/YtWsTpzMOtI/AAAAAAAAax4/b1WkV59-xokJGVLGV14OAlAKc8zgv5pMwCK4BGAYYCw/s45-c/1657207902075.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1657207902075.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3027
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:42:54 GMT
expires: Tue, 06 Dec 2022 07:09:55 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6b21"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23b92920e9ad09cdeabe3f51c10652c6
574d077eb61c84d57f6478f63816dfed1af83aeb
b128dddccab1de7e2589b38697887b18ea1297911cce834bdf50fd506f284b90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169954&RD=0513330136339&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=0513330136339&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
54.241.51.109200 OK 6.5 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169954&RD=0513330136339&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=0513330136339&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
IP 54.241.51.109:0
Hash a1e6a1a475244e2ddf4613852b2a589f
9045ce8e040ca3ed3adb289db76a681d7b3a0d1a
e9f50f1574a316e1383b5b36f3ab01f37948359238e400915f09474d83805638
GET /BidVertiser.dbm?pid=361547&bid=1169954&RD=0513330136339&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=0513330136339&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:53 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:53 GMT
Set-Cookie: bdv_c12p=244; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:53 GMT
bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:53 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 4161
CONNECTION: Close
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-6CJapH-LO2U/T3BQXyK0SpI/AAAAAAAAAA0/-ip6dt991jE/s45-c/3.jpg
142.250.74.161200 OK 1.7 kB URL HTTP/2 2.bp.blogspot.com/-6CJapH-LO2U/T3BQXyK0SpI/AAAAAAAAAA0/-ip6dt991jE/s45-c/3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 3ca675e0655fedbc0a2188cbb234afa8
2c8e15607147f1191fdc2c1e36a88ab4831a78c3
60b1608bc686e7d47d25ce10e7f37950a5dd115c56f42545299bcda6ca84fb5a
GET /-6CJapH-LO2U/T3BQXyK0SpI/AAAAAAAAAA0/-ip6dt991jE/s45-c/3.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="3.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1707
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:42:54 GMT
expires: Wed, 14 Dec 2022 22:11:12 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=2864675201662&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2864675201662&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
54.241.51.109200 OK 8.1 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=2864675201662&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2864675201662&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
IP 54.241.51.109:0
Hash 39b6ad67f0db03798bb1b7e8af8dda45
ca2fe5429d42b4cc91f30c79513e79eaa1e48012
2e7df4849badc59ed0c9ba773634cb7a0d97b6e410a59f3ab2d0f49ca0d108a7
GET /BidVertiser.dbm?pid=361547&bid=1169953&RD=2864675201662&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2864675201662&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:54 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:54 GMT
Set-Cookie: bdv_c12p=244; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:54 GMT
bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:54 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 7615
CONNECTION: Close
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-HjKHUtLKg90/WF04GLHhgdI/AAAAAAAAVF0/_AJxJm6ixcQS2kRLe85rf5BtrQNw2l2IgCK4B/s45-c/boa.jpg
142.250.74.161200 OK 1.5 kB URL HTTP/2 1.bp.blogspot.com/-HjKHUtLKg90/WF04GLHhgdI/AAAAAAAAVF0/_AJxJm6ixcQS2kRLe85rf5BtrQNw2l2IgCK4B/s45-c/boa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 2c53c52d7f8e27257535cfddaf818761
2b0aaeae7b0e715d7c6194e514591fd0c2a350b4
8d10c19235052321c5bf4aa25f86083366ca7c2c25e4ed71991d1902148bbd52
GET /-HjKHUtLKg90/WF04GLHhgdI/AAAAAAAAVF0/_AJxJm6ixcQS2kRLe85rf5BtrQNw2l2IgCK4B/s45-c/boa.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="boa.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1508
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:42:54 GMT
expires: Sun, 11 Dec 2022 18:34:13 GMT
cache-control: public, max-age=86400, no-transform
etag: "v545e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c4bdd6ef3e0ef2c33868d96eacf07dec
e37067aed86afe6d61372f325d5485dfcd35a350
56b8dc4555085a686f9cad922e1dc169140ae8d6475e24524096ca6f05576073
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23b92920e9ad09cdeabe3f51c10652c6
574d077eb61c84d57f6478f63816dfed1af83aeb
b128dddccab1de7e2589b38697887b18ea1297911cce834bdf50fd506f284b90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 926c6fac10f2d3c07155c52b700f06fc
7c51b25933c36ea1250b247168576a5516850e7a
a521012166a29f58da1581c7256da394ddef678434577d1f536f3631ebb39369
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/AD5-WCkuTNnmDY1b6LQEfyj36hSpbOdHCZ4CBs4TI96v6I0=s45-c
142.250.74.97200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCkuTNnmDY1b6LQEfyj36hSpbOdHCZ4CBs4TI96v6I0=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 58bc498fa916d7a72d1ea6e06d248f64
b3852656d68829ae2d8428db8ae4717b0c4b0399
be198d54609961e3b6073376518d11c221b70256977810598d49fa6129c0bc78
GET /a-/AD5-WCkuTNnmDY1b6LQEfyj36hSpbOdHCZ4CBs4TI96v6I0=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2315
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:42:54 GMT
expires: Wed, 07 Dec 2022 00:19:59 GMT
cache-control: public, max-age=86400, no-transform
etag: "v8298"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-6GdEdpO3Gdg/WDIAt5uPizI/AAAAAAAAC48/-Hv8HOF8eF0PnEk8Uyv_XnAWaIF4nKY4gCK4B/s45-c/*
142.250.74.161200 OK 1.2 kB URL HTTP/2 3.bp.blogspot.com/-6GdEdpO3Gdg/WDIAt5uPizI/AAAAAAAAC48/-Hv8HOF8eF0PnEk8Uyv_XnAWaIF4nKY4gCK4B/s45-c/*
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 423e44e1f3bc9ca1a9e53e6d39169a6f
148addc1613b225d191d2c8d46985c70d81ae7e8
2daf6ebc1e8581e6dcb816e7f4ef64c3c9f8f42773440f3e5d4c260825dc6432
GET /-6GdEdpO3Gdg/WDIAt5uPizI/AAAAAAAAC48/-Hv8HOF8eF0PnEk8Uyv_XnAWaIF4nKY4gCK4B/s45-c/* HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vba1"
expires: Thu, 15 Dec 2022 02:42:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="*.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 1151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23b92920e9ad09cdeabe3f51c10652c6
574d077eb61c84d57f6478f63816dfed1af83aeb
b128dddccab1de7e2589b38697887b18ea1297911cce834bdf50fd506f284b90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipMRn3ssADqmxxQw8WyTpbO7ez7yNAtSyzxsLuh_=s45-c?key=CNa_2q_bj_zg8gE
142.250.74.97200 OK 5.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMRn3ssADqmxxQw8WyTpbO7ez7yNAtSyzxsLuh_=s45-c?key=CNa_2q_bj_zg8gE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash cdaf673bfe7dbc5e729bcfa73bf9ef22
36d5da096e666cb65c0e50f91812441c297ca197
c5d90b055ad482aeae4510e7b7a51d8e003388c94a0e524b41da32002b7bde8b
GET /p/AF1QipMRn3ssADqmxxQw8WyTpbO7ez7yNAtSyzxsLuh_=s45-c?key=CNa_2q_bj_zg8gE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v323d"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 5177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOc5oVmpkwLSuI_Ba2qZh8_sYEUWY0Gt1bpuP7Y=s45-c?key=COKk8_uMmY3xIw
142.250.74.97200 OK 3.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOc5oVmpkwLSuI_Ba2qZh8_sYEUWY0Gt1bpuP7Y=s45-c?key=COKk8_uMmY3xIw
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 672c6a659f5b4e0fccde03020e6e91c2
bd61f22277929a2132c6cc7e081d87ab5e2a9496
ebac13e4b0796f7e385d84ee6daf306265af10c8b67354790b78d7b2af946dda
GET /p/AF1QipOc5oVmpkwLSuI_Ba2qZh8_sYEUWY0Gt1bpuP7Y=s45-c?key=COKk8_uMmY3xIw HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v271e"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 3391
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOjeQnPAhFtBXHRFzTuHvGRFuuRRLaVIQiHqQRK=s45-c?key=CNzb563G_YfV6gE
142.250.74.97200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOjeQnPAhFtBXHRFzTuHvGRFuuRRLaVIQiHqQRK=s45-c?key=CNzb563G_YfV6gE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 846538a41e9d5e1dcec315a103d57e2b
237d7df220da8aa15cd2c8644bf05d03beed5bb0
4403b2a019bbe8f90dd58478a4b32281ae0024ef9f4bbf6b16b27540fc60cae1
GET /p/AF1QipOjeQnPAhFtBXHRFzTuHvGRFuuRRLaVIQiHqQRK=s45-c?key=CNzb563G_YfV6gE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6101"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 4423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOEn9dswkY4CumDXosvqWFeexkMpQcqHsM3IIrg=s45-c?key=CMK-n9G43sO93AE
142.250.74.97200 OK 3.3 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOEn9dswkY4CumDXosvqWFeexkMpQcqHsM3IIrg=s45-c?key=CMK-n9G43sO93AE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 1377170ceb9a6f6b23761f26fa15ae67
46838ef55fa2bfb9b79b410f0ae68286c08db0e3
6dfc06e20d620704d268bdcd08e805918b19228b081a25542de1454101452ca2
GET /p/AF1QipOEn9dswkY4CumDXosvqWFeexkMpQcqHsM3IIrg=s45-c?key=CMK-n9G43sO93AE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vbe2d"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 3339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-V-f0RwnYuMo/Vxrz2L3m2cI/AAAAAAAAMnY/CDfnQjbjj4MOMpirTn4ezzNvZFaO230ZQCK4B/s45-c/irfan3.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 3.bp.blogspot.com/-V-f0RwnYuMo/Vxrz2L3m2cI/AAAAAAAAMnY/CDfnQjbjj4MOMpirTn4ezzNvZFaO230ZQCK4B/s45-c/irfan3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 0516e8aaee06ea09a4b340e0b82181b3
6ed562b861805c6e191128a9869ad2e384c33c49
331cea53b7ce5d6095a1cb7f180c96e7d9acc69065c6559635722ae1afcc3463
GET /-V-f0RwnYuMo/Vxrz2L3m2cI/AAAAAAAAMnY/CDfnQjbjj4MOMpirTn4ezzNvZFaO230ZQCK4B/s45-c/irfan3.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3278"
expires: Thu, 15 Dec 2022 02:42:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="irfan3.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 2179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WClDhTRx08AJgJF8i9egMnJZ-KPqvFgEoTSBV1FXlQ=s45-c
142.250.74.97200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WClDhTRx08AJgJF8i9egMnJZ-KPqvFgEoTSBV1FXlQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 4a6ddb0ab06a55a944665233057e143a
f0f3d7c859f5206d783e82b0ff0f48fb5e3441f7
2d5aae9caa5fe36a4ea0510adb4d36de1d7e83ceb3c07543882376eca63a3e2d
GET /a-/AD5-WClDhTRx08AJgJF8i9egMnJZ-KPqvFgEoTSBV1FXlQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v11f"
expires: Thu, 15 Dec 2022 02:42:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 1893
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNWwZDeonv-h87yzNRTUYGU4T8PuLIsEqr_yaJQ=s45-c?key=CJeUyZWt8_K-lgE
142.250.74.97200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNWwZDeonv-h87yzNRTUYGU4T8PuLIsEqr_yaJQ=s45-c?key=CJeUyZWt8_K-lgE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash dffcc95ac2f05220da08a60accb12d7d
1d14320be034c6f7bad646e4e7a446d1ccbca0aa
520d2a43c8eeb16590a2a8b538f34ce166bcb3b23e3d565100ed5872d6987abe
GET /p/AF1QipNWwZDeonv-h87yzNRTUYGU4T8PuLIsEqr_yaJQ=s45-c?key=CJeUyZWt8_K-lgE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2b9b"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 4197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNCI3gfVvw3moJryrsqQyNwZ4zv6KV1WzCC6oD7=s45-c?key=CI39gaO4suKFyAE
142.250.74.97200 OK 5.5 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNCI3gfVvw3moJryrsqQyNwZ4zv6KV1WzCC6oD7=s45-c?key=CI39gaO4suKFyAE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 214954def0d349df98a04a6d3a8638ac
3770b41d6ba7d798c4b7d3a629230e0231e3acff
3964579f74a9550bbd726706541193eeaceb5db31ca1cf234f29942d1893e3b9
GET /p/AF1QipNCI3gfVvw3moJryrsqQyNwZ4zv6KV1WzCC6oD7=s45-c?key=CI39gaO4suKFyAE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v131c"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 5543
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-TlgYh-wBM3M/U99iwdQgGPI/AAAAAAAACrc/UWt6D9231rU/s45-c/*
142.250.74.161200 OK 1.9 kB URL HTTP/2 3.bp.blogspot.com/-TlgYh-wBM3M/U99iwdQgGPI/AAAAAAAACrc/UWt6D9231rU/s45-c/*
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash b70a390b0b8c4f4bee8829cc1a59d1dd
46917da08d914b4cc594a1332b163c98004ab337
60b54b8ea208150f2cbbced26a89bd408ebfd9366b6186dc9e7b445ef25624ab
GET /-TlgYh-wBM3M/U99iwdQgGPI/AAAAAAAACrc/UWt6D9231rU/s45-c/* HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="*.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1941
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:42:54 GMT
expires: Mon, 05 Dec 2022 07:50:02 GMT
cache-control: public, max-age=86400, no-transform
etag: "vab8"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCmmsgskJGXwuizAtDaLsDuwjlychGf717-xFHczIg=s45-c
142.250.74.97200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmmsgskJGXwuizAtDaLsDuwjlychGf717-xFHczIg=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 987e36f034d079170ec0f71f30d7153e
1437ae261b298e1a4aa2f66f6b41b32dd93fc94b
099658a1b178270d676d5598760ada77dac5e399e5c73e537bfb47ba3d6622b5
GET /a-/AD5-WCmmsgskJGXwuizAtDaLsDuwjlychGf717-xFHczIg=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2039
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:42:54 GMT
expires: Wed, 14 Dec 2022 03:58:47 GMT
cache-control: public, max-age=86400, no-transform
etag: "v24a2"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNB_mfBlRYQachQtwH2U-p7lIXgtlMqL0oVZ4ZZ=s45-c?key=CJfIve-s1IyvsgE
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNB_mfBlRYQachQtwH2U-p7lIXgtlMqL0oVZ4ZZ=s45-c?key=CJfIve-s1IyvsgE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 2aef9032987f0b48a3d42bf9ae5811a3
db4c78d61bc66b106e6163f2ecc4605bf408331c
b5c66faa840338ac9d19262cb06fbc15bfe4f965bbf71b956f6f25b18965b09e
GET /p/AF1QipNB_mfBlRYQachQtwH2U-p7lIXgtlMqL0oVZ4ZZ=s45-c?key=CJfIve-s1IyvsgE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 3809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOEBc78rwMCaw4pbkmN31x4HvwSDk6wgwJ2FH9_=s45-c?key=CJCt4JiI4NP6KA
142.250.74.97200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOEBc78rwMCaw4pbkmN31x4HvwSDk6wgwJ2FH9_=s45-c?key=CJCt4JiI4NP6KA
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 9019a1e07522f0e04d33c5e7dd75f59e
1e23f221a4200e67ce4ac9fe81cd15593ad5a259
6f259a700e64b7ebdbcdc159c28b3f97c8de16827b02c131aac85b25da7561c7
GET /p/AF1QipOEBc78rwMCaw4pbkmN31x4HvwSDk6wgwJ2FH9_=s45-c?key=CJCt4JiI4NP6KA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v290f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:54 GMT
server: fife
content-length: 4825
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/_efYYsFWNGPw/S6GCbKmYGCI/AAAAAAAABXI/kakzSVFIr8o/S45-s45-c/dn100x50.gif
142.250.74.161200 OK 3.4 kB URL HTTP/2 4.bp.blogspot.com/_efYYsFWNGPw/S6GCbKmYGCI/AAAAAAAABXI/kakzSVFIr8o/S45-s45-c/dn100x50.gif
IP 142.250.74.161:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 6e7b6548fbba2f4c7ebf3063af3db330
75d615a98bb4cc181351d6d3592fe7a64abe7e0c
ed91f355e8a19ac0f139736c37970c621dfd8c671b789ca03ecd83d9e9202f68
GET /_efYYsFWNGPw/S6GCbKmYGCI/AAAAAAAABXI/kakzSVFIr8o/S45-s45-c/dn100x50.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v572"
expires: Thu, 15 Dec 2022 02:42:55 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dn100x50.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 02:42:55 GMT
server: fife
content-length: 3429
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Tue, 13 Dec 2022 15:34:10 GMT
Expires: Tue, 27 Dec 2022 15:34:10 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 40127
fonts.gstatic.com/s/bentham/v18/VdGeAZQPEpYfmHglGWsxCQ.woff2
216.58.207.227200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/bentham/v18/VdGeAZQPEpYfmHglGWsxCQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17988, version 1.0\012- data
Hash bf6a5846cb67a28b10fc51624b7c2021
aecc7ba490ee2def0bec0ad3bd79ba0caa0a4347
cb9dc64865a8ff81a07712442c9647fe79d1b371cdcbad6047d46bc7ee8254da
GET /s/bentham/v18/VdGeAZQPEpYfmHglGWsxCQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17988
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:18:29 GMT
Expires: Fri, 08 Dec 2023 08:18:29 GMT
Cache-Control: public, max-age=31536000
Age: 498268
Last-Modified: Tue, 19 Apr 2022 19:21:54 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/molengo/v16/I_uuMpWeuBzZNBtQXbNakw.woff2
216.58.207.227200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/molengo/v16/I_uuMpWeuBzZNBtQXbNakw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14016, version 1.0\012- data
Hash eca165efaa8a5c693fcf7b3a26cef43b
b5b486f83648089b2653aacdcab3d4516a6aee98
31addde7fb28b34660534c075be0623c663561d371279da1ab9689761db6c7da
GET /s/molengo/v16/I_uuMpWeuBzZNBtQXbNakw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14016
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 13:42:20 GMT
Expires: Sat, 09 Dec 2023 13:42:20 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:27:44 GMT
Content-Type: font/woff2
Age: 392437
fonts.gstatic.com/s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2
216.58.207.227200 OK 30 kB URL HTTP/1.1 fonts.gstatic.com/s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29868, version 1.0\012- data
Hash 8b26cc331e323dda95ea6d0dcf4d7542
1f6b0e5440044f6aa75b1f73d2f9c63a2f75bba9
2d5059c07b957f989ee2ed276e1f6d20428f4d3ed2523e7c305bd3e3ebc092ec
GET /s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 29868
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 13:35:23 GMT
Expires: Sat, 09 Dec 2023 13:35:23 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 19:09:14 GMT
Content-Type: font/woff2
Age: 392854
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.widgeo.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:52:41 GMT
expires: Tue, 12 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 114616
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab9b4970febf2e6a823ef47161cdb57d
0be05eeda17d17decf0b5f62e12ceef6cbead0e7
9de402cfb3e14440b0b8ca3751f9374a0c6a452928229b91a4dcf12f8bdc966d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DE402CFB3E14440B0B8CA3751F9374A0C6A452928229B91A4DCF12F8BDC966D"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6035
Expires: Wed, 14 Dec 2022 04:23:32 GMT
Date: Wed, 14 Dec 2022 02:42:57 GMT
Connection: keep-alive
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:56 GMT
Connection: close
Content-Length: 326
cleverjump.org/counter.js
217.23.10.44200 OK 5.6 kB URL HTTP/1.1 cleverjump.org/counter.js
IP 217.23.10.44:0
ASN #49981 WorldStream B.V.
File type ASCII text, with CRLF line terminators
Hash 83126dc4af783a2179ab362a5bbec530
b1fe91477d92ab09066f28ddda5b31a4bf0f1689
cb1ef4607e93916a5dd30beae4617069924cb5f10edb65d8f93468c3fbdc1dc4
GET /counter.js HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Wed, 14 Dec 2022 02:42:57 GMT
Content-Type: application/javascript
Content-Length: 5571
Last-Modified: Wed, 20 Jan 2021 12:50:32 GMT
Connection: keep-alive
ETag: "60082718-15c3"
Expires: Thu, 15 Dec 2022 02:42:57 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
cleverjump.org/hit?z0;s1280*1024*24;fP7jRWtOdvPNHWDlZ2Q5m7boHqN4gx2;cshb2;r;uhttp%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23;hPak%20Janggut%20Tukang%20Cerita%3A%20Rozita;0.9250018518026547
217.23.10.44200 OK 0 B URL HTTP/1.1 cleverjump.org/hit?z0;s1280*1024*24;fP7jRWtOdvPNHWDlZ2Q5m7boHqN4gx2;cshb2;r;uhttp%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23;hPak%20Janggut%20Tukang%20Cerita%3A%20Rozita;0.9250018518026547
IP 217.23.10.44:0
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?z0;s1280*1024*24;fP7jRWtOdvPNHWDlZ2Q5m7boHqN4gx2;cshb2;r;uhttp%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23;hPak%20Janggut%20Tukang%20Cerita%3A%20Rozita;0.9250018518026547 HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Wed, 14 Dec 2022 02:42:57 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
P3P: CP=CleverJump
Set-Cookie: _cjuh=3eA4ZJwsAL8vvgnL3j8N9Cz77IJKT3; expires=Thu, 14-Dec-2023 02:42:57 GMT; Max-Age=31536000; path=/hit; httponly; SameSite=None; Secure
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
154.51.131.168503 Service Unavailable 326 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
IP 154.51.131.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bf3231d7fad0292d818aac7d6d669f00
c29683b3788d729a5fc4504279d10e31da60745c
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 14 Dec 2022 02:42:56 GMT
Connection: close
Content-Length: 326
d39f23jfph0ylk.cloudfront.net/buatcoklat.com.gif
143.204.42.154200 OK 4.4 kB URL HTTP/2 d39f23jfph0ylk.cloudfront.net/buatcoklat.com.gif
IP 143.204.42.154:0
File type GIF image data, version 87a, 253 x 43\012- data
Hash 40da375b710fa50b7ac80e6fa6631301
1fb8573a11db47e18dcb9d63b59703698a515d38
4d87f9330df397e20ff54a229705d34c3db2e1cc25c247046aa033b42b2e6482
GET /buatcoklat.com.gif HTTP/1.1
Host: d39f23jfph0ylk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 4361
last-modified: Sat, 02 Jul 2022 06:39:13 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Dec 2022 03:12:20 GMT
etag: "40da375b710fa50b7ac80e6fa6631301"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9xLvN2fLCgFASLE6DySUBIUgEamIOn-CprBS5Mo7sMOePKt9LP5U8w==
age: 84638
X-Firefox-Spdy: h2
widgets.amung.us/colored.js
172.67.8.141200 OK 3.2 kB URL HTTP/1.1 widgets.amung.us/colored.js
IP 172.67.8.141:0
File type ASCII text, with very long lines (8596), with no line terminators
Hash fb2d2d6ae1380dd532a4f653267faf5e
5f1c850f1872fc8b43ec5bb2ebc29a76c77292b9
df88edf6843167ac3284b229fca9e2ef641db2c5b7abce9f638d7fc5d260713f
GET /colored.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:57 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 13 Dec 2022 21:48:43 GMT
etag: W/"6398f33b-2194"
expires: Thu, 15 Dec 2022 02:32:12 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 645
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779396d65b4f0af6-OSL
www.feedburner.com/fb/images/pub/i_heart_fb.gif
216.58.211.14200 OK 1.7 kB URL HTTP/1.1 www.feedburner.com/fb/images/pub/i_heart_fb.gif
IP 216.58.211.14:0
File type GIF image data, version 89a, 89 x 32\012- data
Hash 9d1a9e12e20db57876534f01de99d1ca
c2ba81d7d1f5189970efabab533b8c3d5ee1990e
bf428aaa348d904fc5a772bd2bc2e1404d6b8e305c1924c8391e397ada7beafd
GET /fb/images/pub/i_heart_fb.gif HTTP/1.1
Host: www.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/pichu-static
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="pichu-static"
Report-To: {"group":"pichu-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/pichu-static"}]}
Content-Length: 1743
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 14 Dec 2022 02:42:57 GMT
Expires: Wed, 14 Dec 2022 02:42:57 GMT
Cache-Control: public, max-age=0
Last-Modified: Thu, 03 Oct 2019 10:15:00 GMT
Content-Type: image/gif
Age: 0
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP 216.58.211.3:0
Hash f1710271f7b94ee7abb9100ee3c6b845
4e9d3505c4d7355cf7afefb7a9c54053afb88fd9
15fe60be650d1f0774035ba82e4d6852a9b93bcffc963ca9200f34b2144ea98c
POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:42:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cleverjump.org/hit/get-uid.php
217.23.10.44200 OK 30 B URL HTTP/1.1 cleverjump.org/hit/get-uid.php
IP 217.23.10.44:0
ASN #49981 WorldStream B.V.
File type ASCII text, with no line terminators
Hash 77ad13179ac692f8fea71ee68c0cb84a
5d5e75e6bcb880265ce4f9caf94bb8031e6aed25
c9d71ed38f5eaa4d36c92d1a646c30a7cef87e99970fff5fc60d13afaebc8552
Analyzer Verdict Alert fortinet Malware
GET /hit/get-uid.php HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Cookie: _cjuh=3eA4ZJwsAL8vvgnL3j8N9Cz77IJKT3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Wed, 14 Dec 2022 02:42:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: http://pak-janggut.blogspot.com
Access-Control-Allow-Credentials: true
connect.facebook.net/en_US/all.js?hash=d8a1bdedc567aa4e80de5902653f3198
157.240.240.1200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=d8a1bdedc567aa4e80de5902653f3198
IP 157.240.240.1:0
File type ASCII text, with very long lines (18605)
Hash a867efe84d00cc0071256a0b211ac4f2
93ee921a044104d168625028508213fcace4fb88
f406e3ffbd8e93a065f680060a8e0b89b8f4fdbd0b9c899cd266c42574e87228
GET /en_US/all.js?hash=d8a1bdedc567aa4e80de5902653f3198 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d7adbc4424e9abb49f1fd4e2d83ababe
etag: "e40b99a933cf206bedc00bebfdeace47"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 14 Dec 2023 00:41:45 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: qGfv6E0AzABxJWoLIRrE8g==
x-fb-debug: iNG549VQtsQvMMmXH4zDSVWmc0wGfpUByMqmGFvsUpfIUTntL41l88EOo7QBIo8bKvFw/nDF/Kz6z6P/ULMddw==
content-length: 88309
x-fb-trip-id: 1679558926
date: Wed, 14 Dec 2022 02:42:57 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83077a928ff8ad92246b682250baacee
a1eec6819ced545b52918efcb2c0050f79dd4fcf
922d976dab084d60aea80f2320674b8aa6a46487a9e1ba1ba7586a9d68fa201d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "922D976DAB084D60AEA80F2320674B8AA6A46487A9E1BA1BA7586A9D68FA201D"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13032
Expires: Wed, 14 Dec 2022 06:20:09 GMT
Date: Wed, 14 Dec 2022 02:42:57 GMT
Connection: keep-alive
pak-janggut.blogspot.com/favicon.ico
172.217.21.161200 OK 412 B URL HTTP/1.1 pak-janggut.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: pak-janggut.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/search/label/Rozita
Cookie: ck_TCM_pop=1; HstCfa1960718=1670985770447; HstCla1960718=1670985770447; HstCmu1960718=1670985770447; HstPn1960718=1; HstPt1960718=1; HstCnv1960718=1; HstCns1960718=1; prefetchAd_3294720=true
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Wed, 14 Dec 2022 02:42:57 GMT
Date: Wed, 14 Dec 2022 02:42:57 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 10 Dec 2022 14:53:52 GMT
ETag: W/"31ca276a91db0f797e92e975b9ca1bcbe641ad242c16fba93fa754407f6bad0d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
whos.amung.us/pingjs/?k=uweqylw0i29o&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&c=u&x=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&y=&a=0&d=6.844&v=27&r=9116
104.22.75.171200 OK 50 B URL HTTP/1.1 whos.amung.us/pingjs/?k=uweqylw0i29o&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&c=u&x=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&y=&a=0&d=6.844&v=27&r=9116
IP 104.22.75.171:0
File type ASCII text, with no line terminators
Hash d2428a02047f7448c67dc8f454386e8f
d98add564e27679dc3526e41c566f8e30a4a3d69
d3e6f88427c33bd209e7315719175cb5ee4f8b2a06958633f9763edf722eb919
GET /pingjs/?k=uweqylw0i29o&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&c=u&x=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&y=&a=0&d=6.844&v=27&r=9116 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:58 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 779396d7e9fbf210-ARN
s4.histats.com/stats/1960718.php?1960718&@f16&@g1&@h1&@i1&@j1670985770447&@k0&@l1&@mPak%20Janggut%20Tukang%20Cerita%3A%20Rozita&@n0&@o1000&@q0&@r0&@s4005&@ten-US&@u1280&@b1:-30365018&@b3:1670985770&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita&@w
54.39.128.117200 OK 101 B URL HTTP/1.1 s4.histats.com/stats/1960718.php?1960718&@f16&@g1&@h1&@i1&@j1670985770447&@k0&@l1&@mPak%20Janggut%20Tukang%20Cerita%3A%20Rozita&@n0&@o1000&@q0&@r0&@s4005&@ten-US&@u1280&@b1:-30365018&@b3:1670985770&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita&@w
IP 54.39.128.117:0
File type ASCII text, with no line terminators
Hash 6f95d141b25d2fd8d359e6b716b2ec20
cd105d3c37fa39af4b55a596296913e77079b74b
296d7b7d0099152c823c02e72be81bf679056e795a3e8091447a6e247641c418
GET /stats/1960718.php?1960718&@f16&@g1&@h1&@i1&@j1670985770447&@k0&@l1&@mPak%20Janggut%20Tukang%20Cerita%3A%20Rozita&@n0&@o1000&@q0&@r0&@s4005&@ten-US&@u1280&@b1:-30365018&@b3:1670985770&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:58 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 101
Connection: close
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169953&RD=86797432253158&DIF=2
54.241.51.109200 OK 10 kB URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169953&RD=86797432253158&DIF=2
IP 54.241.51.109:0
Hash 096cf348f0068d652c2128f18cc46da4
b90081b21984348905e9593393b2110e9dbc4c9f
a876e91a38cad8b3ef87b7c76ca065b4c230fdaec10fd73892ce153e8b36d6ab
GET /bidvertiser.dbm?pid=361547&bid=1169953&RD=86797432253158&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:57 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:57 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
widgets.amung.us/colwid/?c=ff77e82d00ca
172.67.8.141200 OK 4.0 kB URL HTTP/1.1 widgets.amung.us/colwid/?c=ff77e82d00ca
IP 172.67.8.141:0
File type PNG image data, 116 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 54c64aa8587c69df6f10b0763891b0b4
74f60d1fa9eb41d431dd3fe36d91e0c274ab7608
79d32b58eba104fc11044721004222599f3c6a2769f33ad0b7522f4536c5592c
GET /colwid/?c=ff77e82d00ca HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 02:42:58 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
content-disposition: filename=wau-widget.png
expires: Thu, 15 Dec 2022 02:42:58 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: MISS
Last-Modified: Wed, 14 Dec 2022 02:42:58 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779396d9ac330af6-OSL
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169954&RD=8698414093811&DIF=2
54.241.51.109200 OK 471 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169954&RD=8698414093811&DIF=2
IP 54.241.51.109:0
Hash 0cfba7a4237d49a4786c3b82cdc1beaa
7bd43cc330804d66cfd392567e048fa1f214c50d
cea4ff98dd355823fb395415bea8af57a1eae234998194d1ddc99b25afebd52f
GET /bidvertiser.dbm?pid=361547&bid=1169954&RD=8698414093811&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:57 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:57 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
cdn.tynt.com/tc.js
172.64.151.83200 OK 6.7 kB IP 172.64.151.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:58 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 126986
expires: Sat, 17 Dec 2022 02:42:58 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 779396dc9824fac4-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&cu=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&cu=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita&cu=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 14 Dec 2022 02:42:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 14 Dec 2022 02:42:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!uweqylw0i29o&dn=TC&cc=1&r=
67.202.105.31200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!uweqylw0i29o&dn=TC&cc=1&r=
IP 67.202.105.31:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!uweqylw0i29o&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 15 Dec 2022 02:42:59 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 14 Dec 2022 02:42:59 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 14 Dec 2022 02:42:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0&ct=Pak%20Janggut%20Tukang%20Cerita HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 14 Dec 2022 02:42:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 14 Dec 2022 02:42:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1670985776430&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 14 Dec 2022 02:42:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 0 B IP 172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:52 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: a2c4d555ffc6b9259b37be3981c6c254
cache-control: max-age=86400
last-modified: Mon, 12 Dec 2022 14:42:08 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 15 Dec 2022 01:52:52 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTEUnRD5AEQ1ZcPOtpf2QT57v2GdmVIrV6vcB3kTGWKcrPO1%2F5lGKcJYNNoxNmTKG4Pwby74EFxk2cVpxTknbBtmsbClq6YLG8XzRz4c4U416oa9AmXPzg2HcnOu6rVS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779396b6fc770b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=2804506576566&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2804506576566&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=2804506576566&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2804506576566&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
IP 54.241.51.109:0
GET /BidVertiser.dbm?pid=361547&bid=1169953&RD=2804506576566&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2804506576566&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:54 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:54 GMT
Set-Cookie: bdv_c12p=244; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:54 GMT
bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:54 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 7615
CONNECTION: Close
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169949&RD=13608218539154&DIF=2
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169949&RD=13608218539154&DIF=2
IP 54.241.51.109:0
GET /bidvertiser.dbm?pid=361547&bid=1169949&RD=13608218539154&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:57 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:57 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.460.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.460.0
IP 139.45.197.234:0
GET /5/3294720/?oo=1&js_build=iclick-v1.460.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: application/json
x-trace-id: 6f9639e562cfef40ef67601e6cb66c41
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://pak-janggut.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=358555c030ee436c857d9da11c19060e; expires=Thu, 14 Dec 2023 02:42:53 GMT; path=/; secure; SameSite=None
oaidts=1670985773; expires=Thu, 14 Dec 2023 02:42:53 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1167641&RD=8274684433851&DIF=2
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1167641&RD=8274684433851&DIF=2
IP 54.241.51.109:0
GET /bidvertiser.dbm?pid=361547&bid=1167641&RD=8274684433851&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:57 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:57 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
t.dtscout.com/i/?l=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&j=
141.101.120.11200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&j=
IP 141.101.120.11:0
GET /i/?l=http%3A%2F%2Fpak-janggut.blogspot.com%2Fsearch%2Flabel%2FRozita%23&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:58 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 14-Dec-2022 04:06:17 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 14-Dec-2022 06:42:57 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1670985777; Domain=dtscout.com; Expires=Fri, 24-Mar-2023 02:42:57 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.648
expires: Wed, 14 Dec 2022 02:42:56 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1J4mj9j3MXTMD9xUzbs6438EDeaQtCt97IViD0D%2F0RwJYdXlT2bRcNHLHxIfFzAaTvNw6epHs%2FaBRebbzYrHrzSGoXsZF2g%2F71DqooHDJwi7WLYYzd9IK368eK3MU9s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396d73c5c0a44-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geowidget_js.js
172.67.69.193200 OK 0 B URL HTTP/2 www.widgeo.net/geocompteur/geowidget_js.js
IP 172.67.69.193:0
GET /geocompteur/geowidget_js.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Dec 2022 02:42:53 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2217
cache-control: public, max-age=604800
expires: Tue, 20 Dec 2022 13:13:30 GMT
last-modified: Thu, 13 Feb 2020 12:35:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 48562
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYdyvzV2gDJHjYfjl0QkarRtrPVecd8vhSN9zyVUmE48o8u3yCXMp6tbvXR%2F5W4PDVSjfy8%2BmZxQWTF7tyf9GjsI%2Bx6eVayP1%2BxrpTpCNHDSsHnZwltXlQGt2526EF9X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779396babecb0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169949&RD=2985784544763&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2985784544763&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169949&RD=2985784544763&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2985784544763&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita
IP 54.241.51.109:0
GET /BidVertiser.dbm?pid=361547&bid=1169949&RD=2985784544763&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=2985784544763&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Rozita HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wednesday, 14-Dec-2022 02:42:52 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 14-Dec-2021 02:42:52 GMT
Set-Cookie: bdv_c12p=244; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:52 GMT
bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Thu, 15-Dec-2022 02:42:52 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5305
CONNECTION: Close