r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6698
Expires: Wed, 07 Dec 2022 12:38:48 GMT
Date: Wed, 07 Dec 2022 10:47:10 GMT
Connection: keep-alive
beyazewasual.blogspot.com/2022/06/the-best-16-kenpachi-bankai-chapter-669.html
142.250.74.33301 Moved Permanently 224 B URL HTTP/1.1 beyazewasual.blogspot.com/2022/06/the-best-16-kenpachi-bankai-chapter-669.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3553872298ea42a41b889e1ad8a75dab
efcb8965fc58806dab2fdbfd71aab73f37c01106
d4d6532aa6c87ee0fb911ae989190f5609d5726945b1d7c9f86528010706134c
GET /2022/06/the-best-16-kenpachi-bankai-chapter-669.html HTTP/1.1
Host: beyazewasual.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://beyazewasual.blogspot.com/2022/06/the-best-16-kenpachi-bankai-chapter-669.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 10:47:10 GMT
Expires: Wed, 07 Dec 2022 10:47:10 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 224
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 903
Cache-Control: max-age=86351
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:10 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 10:46:21 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2353
Expires: Wed, 07 Dec 2022 11:26:23 GMT
Date: Wed, 07 Dec 2022 10:47:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 10:18:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1704
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DzcG4HpIgPPR9Xz2+quVwPHmspZ0R1Jupyk+A84eETj8BkGM2KSxKJPGDcWriXyxEzfn7O6smhE=
x-amz-request-id: HXDFFJZNW18BCZ0N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 09:49:19 GMT
age: 3471
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 10:08:58 GMT
cache-control: public,max-age=3600
age: 2292
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 900
Cache-Control: max-age=167680
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:10 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:21:50 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JY+3aiUZRXyRg5x4oYX8CA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XrnAxjpyc8hWilSBHkWMpF3jEII=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15853735
expires: Mon, 27 Nov 2023 10:47:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkuRZ2f4P9WntjViWo2y7RfkSHs0YTsA%2BvWEQjgtrpltFdw00Iwk3ipXylGEe%2FzpDyxj7Z%2Bc9lWUkee3gjDNo2L578jDsiyTRGvMsJ8XhYI9wBsgIFqNwa%2BxBGiQs2s9fyyzBOMV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775cae86cccab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
beyazewasual.blogspot.com/2022/06/the-best-16-kenpachi-bankai-chapter-669.html
142.250.74.33200 OK 38 kB URL HTTP/2 beyazewasual.blogspot.com/2022/06/the-best-16-kenpachi-bankai-chapter-669.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (18779)
Hash 5e3b2b40bc1b9a9bda754fe02bbf281f
6c502c65a842e4cd6ffd6e47358ed588b988209d
aeeeea705a9b2856b0c6f4b8c73ec53ce708b79ed36548c9b3bc72327a037006
GET /2022/06/the-best-16-kenpachi-bankai-chapter-669.html HTTP/1.1
Host: beyazewasual.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
expires: Wed, 07 Dec 2022 10:47:11 GMT
date: Wed, 07 Dec 2022 10:47:11 GMT
cache-control: private, max-age=0
last-modified: Tue, 06 Dec 2022 12:40:43 GMT
etag: W/"07f4752523d4d01e3229f27854fb71926259ab14a101959ba19414933463cccc"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 37607
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/i.ytimg.com/vi/wkq2Mpqgvk4/sddefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.ytimg.com/vi/wkq2Mpqgvk4/sddefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/wkq2Mpqgvk4/sddefault.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/wkq2Mpqgvk4/sddefault.jpg
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.ytimg.com/vi/hgepxIsrWSA/maxresdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.ytimg.com/vi/hgepxIsrWSA/maxresdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/hgepxIsrWSA/maxresdefault.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/hgepxIsrWSA/maxresdefault.jpg
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.ytimg.com/vi/vJjUmPKviJk/maxresdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.ytimg.com/vi/vJjUmPKviJk/maxresdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/vJjUmPKviJk/maxresdefault.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/vJjUmPKviJk/maxresdefault.jpg
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/originals/4e/8d/c8/4e8dc8fd18ba71b9ad933f84903e46b1.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/originals/4e/8d/c8/4e8dc8fd18ba71b9ad933f84903e46b1.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/originals/4e/8d/c8/4e8dc8fd18ba71b9ad933f84903e46b1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/originals/4e/8d/c8/4e8dc8fd18ba71b9ad933f84903e46b1.jpg
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/736x/43/c8/fc/43c8fcd8a60f3acfd51d9523650122c2--manga-stream-free-manga.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/736x/43/c8/fc/43c8fcd8a60f3acfd51d9523650122c2--manga-stream-free-manga.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/736x/43/c8/fc/43c8fcd8a60f3acfd51d9523650122c2--manga-stream-free-manga.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/736x/43/c8/fc/43c8fcd8a60f3acfd51d9523650122c2--manga-stream-free-manga.jpg
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: text/javascript
age: 75786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 157 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Size 157 kB (156915 bytes)
Hash 64d62574443f9d2148012af05abf60ac
16fc9b9b71eb94dbfdc15da12e9b3f21dfe1636e
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 156915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:43:30 GMT
expires: Wed, 06 Dec 2023 05:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 08:51:54 GMT
content-type: text/javascript
age: 104621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4ed01ebc3a7060a95e72247e0ae6a39
dbe2e4b12ca89561072f913df9bafc6be744e277
cec228d80c97dc133a2df07e6ac7d7a6529d7f0975ba69b78ab1ea3dd39cc5a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1UYyg_z_Z6nI5WWcCAodoAPIk1j6QcmUbzH4YN3riLzaevxWIyCbJa9OtU6gDnY6voCMBvAB8LjhKSeiNqKNm7iRHXUqSg__78ZmUQElvDfMGd=w72-h72-n-k-no-nu
142.250.74.97200 OK 2.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1UYyg_z_Z6nI5WWcCAodoAPIk1j6QcmUbzH4YN3riLzaevxWIyCbJa9OtU6gDnY6voCMBvAB8LjhKSeiNqKNm7iRHXUqSg__78ZmUQElvDfMGd=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 8c9e350c298421cefe0fe696fa5de578
2cf536f7ad4f8c3c26dade0ce8b02d5e6c30ee88
097e6b4d276962be56a35717dcdd744ef1fe1945d2163b0d6d53600445a71614
GET /blogger_img_proxy/ANbyha1UYyg_z_Z6nI5WWcCAodoAPIk1j6QcmUbzH4YN3riLzaevxWIyCbJa9OtU6gDnY6voCMBvAB8LjhKSeiNqKNm7iRHXUqSg__78ZmUQElvDfMGd=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Dec 2022 10:47:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 10:47:11 GMT
server: fife
content-length: 2517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4ed01ebc3a7060a95e72247e0ae6a39
dbe2e4b12ca89561072f913df9bafc6be744e277
cec228d80c97dc133a2df07e6ac7d7a6529d7f0975ba69b78ab1ea3dd39cc5a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha245FJtaEmr6wchubJrosoXo2Q5Dq9MCVB1sQKD2JeGEjtc_iFSW3b-Yqa15U2VuxVeqCM1_oQ8BzozsQsSsbCMw1qcupf44ob5s8DJw3ypq_KT=w72-h72-n-k-no-nu
142.250.74.97200 OK 3.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha245FJtaEmr6wchubJrosoXo2Q5Dq9MCVB1sQKD2JeGEjtc_iFSW3b-Yqa15U2VuxVeqCM1_oQ8BzozsQsSsbCMw1qcupf44ob5s8DJw3ypq_KT=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash e56d8113560210734c3ac6b80f83502c
fe94cad29c7150af19c4214bdbd6b129fa9470ec
7e127121abed1ec3bb72149850d2b4185fc144928172db6162c263d7af141e79
GET /blogger_img_proxy/ANbyha245FJtaEmr6wchubJrosoXo2Q5Dq9MCVB1sQKD2JeGEjtc_iFSW3b-Yqa15U2VuxVeqCM1_oQ8BzozsQsSsbCMw1qcupf44ob5s8DJw3ypq_KT=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Dec 2022 10:47:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 10:47:11 GMT
server: fife
content-length: 3472
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4ed01ebc3a7060a95e72247e0ae6a39
dbe2e4b12ca89561072f913df9bafc6be744e277
cec228d80c97dc133a2df07e6ac7d7a6529d7f0975ba69b78ab1ea3dd39cc5a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha25WvUAobZXLFSKTvXYr6uCv5Hot7N4iTvxeqklLxRFmnkUbY7UlZ9iJfMxkSknCSlEQ5Id8Tz4E5J1Q9nEnnyd8DgxDjr5Rr5MX5LDNML8CzFp=w72-h72-n-k-no-nu
142.250.74.97200 OK 3.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha25WvUAobZXLFSKTvXYr6uCv5Hot7N4iTvxeqklLxRFmnkUbY7UlZ9iJfMxkSknCSlEQ5Id8Tz4E5J1Q9nEnnyd8DgxDjr5Rr5MX5LDNML8CzFp=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 5dfecea5e74a214f536cf74fefae224f
027be5f38f9b7148ad5c2e18c9b54817715233f7
75dea9e9faf71c0de58ab804774911f0353d2c8cf6356fe3796ec5c9fa9e15ba
GET /blogger_img_proxy/ANbyha25WvUAobZXLFSKTvXYr6uCv5Hot7N4iTvxeqklLxRFmnkUbY7UlZ9iJfMxkSknCSlEQ5Id8Tz4E5J1Q9nEnnyd8DgxDjr5Rr5MX5LDNML8CzFp=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Dec 2022 10:47:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 10:47:11 GMT
server: fife
content-length: 3665
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0xzyEJJeIe12CAiyhzwMuGVAn4tMPYfP42ntnpjvH3w_kYpUVlac1P_gHh_wRqz645kIsW2do0RpuXEmZsqHXRuByfIIJIpJg9o8Y7jeAe1e_6=w72-h72-n-k-no-nu
142.250.74.97200 OK 5.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0xzyEJJeIe12CAiyhzwMuGVAn4tMPYfP42ntnpjvH3w_kYpUVlac1P_gHh_wRqz645kIsW2do0RpuXEmZsqHXRuByfIIJIpJg9o8Y7jeAe1e_6=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash db379eb2ff913189f08c30e549f16a2c
dd6620e68da0f62ec877893953518f70e40cf79f
76483b6544b896d0cec9456dd1f4b14e090790d8a6ee436e321efb0293f4a00a
GET /blogger_img_proxy/ANbyha0xzyEJJeIe12CAiyhzwMuGVAn4tMPYfP42ntnpjvH3w_kYpUVlac1P_gHh_wRqz645kIsW2do0RpuXEmZsqHXRuByfIIJIpJg9o8Y7jeAe1e_6=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Dec 2022 10:47:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 10:47:11 GMT
server: fife
content-length: 5743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/wkq2Mpqgvk4/sddefault.jpg
172.217.21.182200 OK 48 kB URL HTTP/2 i.ytimg.com/vi/wkq2Mpqgvk4/sddefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 0b26985eb08a9b6e3f270c1aac050cf2
76778b142aef29a763e8cdcc5cb7f67a06ffb44f
ff7bd9a33ba1ee4d01f1b99ee849a47850d1e3461965b250f8560493475327f4
GET /vi/wkq2Mpqgvk4/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beyazewasual.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 47811
date: Wed, 07 Dec 2022 10:47:11 GMT
expires: Wed, 07 Dec 2022 12:47:11 GMT
cache-control: public, max-age=7200
etag: "1460864974"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/hgepxIsrWSA/maxresdefault.jpg
172.217.21.182200 OK 132 kB URL HTTP/2 i.ytimg.com/vi/hgepxIsrWSA/maxresdefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 132 kB (131473 bytes)
Hash 387cd957aa4736722e42efaa9c598ce0
8f25d3917986a19b1455ac35e7f7ed97b3797e20
34c879d84eb19ad0a0428b59d12f431f8b1b5ff50839b402de32f88882464cee
GET /vi/hgepxIsrWSA/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beyazewasual.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 131473
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 10:47:11 GMT
expires: Wed, 07 Dec 2022 12:47:11 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/3NUIo0j6yFM/hqdefault.jpg
172.217.21.182200 OK 34 kB URL HTTP/2 i.ytimg.com/vi/3NUIo0j6yFM/hqdefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash fec0c72d96e60641342b1fce29eab679
eb338453d17eee35dd1aedf02180bf5cecf8ec52
d6395e9b03d3353fee821d488f640a3a606cd0b32ea3f3e4b48951037968beea
GET /vi/3NUIo0j6yFM/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beyazewasual.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 34546
date: Wed, 07 Dec 2022 10:47:11 GMT
expires: Wed, 07 Dec 2022 12:47:11 GMT
cache-control: public, max-age=7200
etag: "1460037380"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/vJjUmPKviJk/maxresdefault.jpg
172.217.21.182200 OK 102 kB URL HTTP/2 i.ytimg.com/vi/vJjUmPKviJk/maxresdefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 102 kB (102484 bytes)
Hash 85e3eec64a4cb8a0a6ba4692ea99c921
ec51c26a97cb2f386886e5e5330048949e427ee1
fb3e7379308ef3896979a77bdf1eb83ff3ba7f34389ea9a698473372d06502f9
GET /vi/vJjUmPKviJk/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beyazewasual.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 102484
date: Wed, 07 Dec 2022 10:47:11 GMT
expires: Wed, 07 Dec 2022 12:47:11 GMT
cache-control: public, max-age=7200
etag: "1580254027"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/up.mangadudes.com/bleach/669/bleach-7344973-890620d928a975edb6b8f2529bf4a09a.jpg
192.0.77.2200 OK 112 kB URL HTTP/2 i0.wp.com/up.mangadudes.com/bleach/669/bleach-7344973-890620d928a975edb6b8f2529bf4a09a.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1156, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 112 kB (112348 bytes)
Hash 4788a84e8c0ef94012d237ada122f07d
169853f4e2079d6ab4c6dd64bf1d114acabacd44
2b743bcb9cd3fd5e70505b9f97492b532227577ae365643a9516a49a52c6f613
GET /up.mangadudes.com/bleach/669/bleach-7344973-890620d928a975edb6b8f2529bf4a09a.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: image/webp
content-length: 112348
last-modified: Wed, 07 Dec 2022 10:47:11 GMT
expires: Fri, 06 Dec 2024 22:47:11 GMT
cache-control: public, max-age=63115200
link: <http://up.mangadudes.com/bleach/669/bleach-7344973-890620d928a975edb6b8f2529bf4a09a.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6ca0ede0724c5146"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4ed01ebc3a7060a95e72247e0ae6a39
dbe2e4b12ca89561072f913df9bafc6be744e277
cec228d80c97dc133a2df07e6ac7d7a6529d7f0975ba69b78ab1ea3dd39cc5a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/64.media.tumblr.com/09b365cf8b69ed4768343424e5f01856/tumblr_o59n91c7jE1r8d1xgo1_500.jpg
192.0.77.2200 OK 37 kB URL HTTP/2 i0.wp.com/64.media.tumblr.com/09b365cf8b69ed4768343424e5f01856/tumblr_o59n91c7jE1r8d1xgo1_500.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x674, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0737d54a72e51c3e13d60a6361dc9e0
3a7b77565650cf1436a14f26f118a5627ec1e063
bdbbbb2677b916880bbf2b56b87982f23e2c4d2d8aa3e961546bca10d55b789d
GET /64.media.tumblr.com/09b365cf8b69ed4768343424e5f01856/tumblr_o59n91c7jE1r8d1xgo1_500.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: image/webp
content-length: 36832
last-modified: Wed, 07 Dec 2022 10:47:11 GMT
expires: Fri, 06 Dec 2024 22:47:11 GMT
cache-control: public, max-age=63115200
link: <http://64.media.tumblr.com/09b365cf8b69ed4768343424e5f01856/tumblr_o59n91c7jE1r8d1xgo1_500.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "87f993adc586a5e0"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/12dimension.files.wordpress.com/2016/04/bleach_ch669_p004-005.png
192.0.77.2200 OK 286 kB URL HTTP/2 i0.wp.com/12dimension.files.wordpress.com/2016/04/bleach_ch669_p004-005.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 286 kB (286120 bytes)
Hash e4f59291cb01f5f11b70560e1bb82db0
00d4b51887d80fb0a7b4d5084aa06b1f24bf975c
4fc164ef629d9c38f9155faba92808aea7aa858316814950d6af79fe13a01efc
GET /12dimension.files.wordpress.com/2016/04/bleach_ch669_p004-005.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: image/webp
content-length: 286120
last-modified: Wed, 07 Dec 2022 10:47:11 GMT
expires: Fri, 06 Dec 2024 22:47:11 GMT
cache-control: public, max-age=63115200
link: <http://12dimension.files.wordpress.com/2016/04/bleach_ch669_p004-005.png>; rel="canonical"
x-content-type-options: nosniff
etag: "2c7edb0983fbb147"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/shannaro.files.wordpress.com/2016/04/669a.png
192.0.77.2200 OK 29 kB URL HTTP/2 i0.wp.com/shannaro.files.wordpress.com/2016/04/669a.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1cb63f48c00330707e1110af10666f52
ed5b6a910b1d82f688e8b96e2651c347dbcf44c8
494c4eb826a83d33173d2cfcaf5c7236c72d053b621df334d9691e59363e7a87
GET /shannaro.files.wordpress.com/2016/04/669a.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: image/webp
content-length: 29352
last-modified: Wed, 07 Dec 2022 10:47:11 GMT
expires: Fri, 06 Dec 2024 22:47:11 GMT
cache-control: public, max-age=63115200
link: <http://shannaro.files.wordpress.com/2016/04/669a.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9a9e28cf87c908b9"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43c6c37699028807b1b0c93ced3c0998
7a84d6c99f5c1f1a6ae1822e529b656aeb2d873f
fab8ec55bdd920de034299ebdc344ecf5aafc48e9f3eda7a8708fc5dad7c6222
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAB8EC55BDD920DE034299EBDC344ECF5AAFC48E9F3EDA7A8708FC5DAD7C6222"
Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5848
Expires: Wed, 07 Dec 2022 12:24:39 GMT
Date: Wed, 07 Dec 2022 10:47:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43c6c37699028807b1b0c93ced3c0998
7a84d6c99f5c1f1a6ae1822e529b656aeb2d873f
fab8ec55bdd920de034299ebdc344ecf5aafc48e9f3eda7a8708fc5dad7c6222
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAB8EC55BDD920DE034299EBDC344ECF5AAFC48E9F3EDA7A8708FC5DAD7C6222"
Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5857
Expires: Wed, 07 Dec 2022 12:24:48 GMT
Date: Wed, 07 Dec 2022 10:47:11 GMT
Connection: keep-alive
i0.wp.com/12dimension.files.wordpress.com/2016/04/bleach_ch669_p016-017.png
192.0.77.2200 OK 648 kB URL HTTP/2 i0.wp.com/12dimension.files.wordpress.com/2016/04/bleach_ch669_p016-017.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 648 kB (647840 bytes)
Hash b312e38d2b099b864987c60ede9d4967
8465a323c063305df575678a62b6f14f557304c9
97ef184cd6d360c1531d168d7570280feb83e540495e7f2a1505ce484a4bfc2f
GET /12dimension.files.wordpress.com/2016/04/bleach_ch669_p016-017.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: image/webp
content-length: 647840
last-modified: Wed, 07 Dec 2022 10:47:11 GMT
expires: Fri, 06 Dec 2024 22:47:11 GMT
cache-control: public, max-age=63115200
link: <http://12dimension.files.wordpress.com/2016/04/bleach_ch669_p016-017.png>; rel="canonical"
x-content-type-options: nosniff
etag: "c96b35acfd13f248"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
192.243.61.227200 OK 9.3 kB URL HTTP/1.1 vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25090), with no line terminators
Hash 1a1d9a5657673bc231156bfd7296b576
4517be4aa21ff35a3cbd1829eebf14130fe72b2f
5176324f22d74ba2d3a54b020a5f35f0adaf68a425915c8a3f4cbb32404bcde9
GET /1d1eca97b1cca4833437b01078981d7d/invoke.js HTTP/1.1
Host: vg4u8rvq65t6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 10:47:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e44ce923377ee11d36c1335bbfd30369
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10521
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 10:47:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10521
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 10:47:12 GMT
Connection: keep-alive
i0.wp.com/images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/57572551-fba4-4717-994e-5761bf9bb756/d9y5l58-675f2caa-348a-45ee-9332-85130388fcbc.png/v1/fill/w_743,h_1076,q_70,strp/kenpachi_zaraki_bankai___bleach_669_by_sparklez1989_d9y5l58-pre.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9MTMwMCIsInBhdGgiOiJcL2ZcLzU3NTcyNTUxLWZiYTQtNDcxNy05OTRlLTU3NjFiZjliYjc1NlwvZDl5NWw1OC02NzVmMmNhYS0zNDhhLTQ1ZWUtOTMzMi04NTEzMDM4OGZjYmMucG5nIiwid2lkdGgiOiI8PTg5OCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19._3XlbY-ailQ22wN8sjvlaO5arJpCe8gMRR0p8hEKDow
192.0.77.2403 Forbidden 568 B URL HTTP/2 i0.wp.com/images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/57572551-fba4-4717-994e-5761bf9bb756/d9y5l58-675f2caa-348a-45ee-9332-85130388fcbc.png/v1/fill/w_743,h_1076,q_70,strp/kenpachi_zaraki_bankai___bleach_669_by_sparklez1989_d9y5l58-pre.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9MTMwMCIsInBhdGgiOiJcL2ZcLzU3NTcyNTUxLWZiYTQtNDcxNy05OTRlLTU3NjFiZjliYjc1NlwvZDl5NWw1OC02NzVmMmNhYS0zNDhhLTQ1ZWUtOTMzMi04NTEzMDM4OGZjYmMucG5nIiwid2lkdGgiOiI8PTg5OCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19._3XlbY-ailQ22wN8sjvlaO5arJpCe8gMRR0p8hEKDow
IP 192.0.77.2:0
Hash 5c36e89caa72dabe83629570e8aa3e1a
38c30770cf96e60eeb4eb985290e58ca535c4c5b
1fba27d6832b7c524e43ec1da954180279093bdf7dbdf138b24fd9153e63f524
GET /images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/57572551-fba4-4717-994e-5761bf9bb756/d9y5l58-675f2caa-348a-45ee-9332-85130388fcbc.png/v1/fill/w_743,h_1076,q_70,strp/kenpachi_zaraki_bankai___bleach_669_by_sparklez1989_d9y5l58-pre.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9MTMwMCIsInBhdGgiOiJcL2ZcLzU3NTcyNTUxLWZiYTQtNDcxNy05OTRlLTU3NjFiZjliYjc1NlwvZDl5NWw1OC02NzVmMmNhYS0zNDhhLTQ1ZWUtOTMzMi04NTEzMDM4OGZjYmMucG5nIiwid2lkdGgiOiI8PTg5OCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19._3XlbY-ailQ22wN8sjvlaO5arJpCe8gMRR0p8hEKDow HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 44108
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2409529ecac5140de749d864da85af0d
99f431b4ca446996dbacb969440e2ecfb11fd9e0
81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 6d0cc220-31bc-4815-ade5-7e3e5403f39f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cniYTGgRoAMF5lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c7dce-64fbea8330a62e4f741c0c4e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 11:00:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ww1ouNhiKEmc1TDn6Gwr7crmeiy6pztTeSbEd4Iw6PB_nS4hsDFgbw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:52:33 GMT
age: 10479
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpyIdH9YEXjxbGhZpBIfzoZHQxMvAKl0eCFQsgMt0e1SSeWsiuey7g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:15:06 GMT
age: 45126
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FjScmvs74slr4Mr8vhQLRNh-88KqMx4L1FwNKdBwbUUPDuu1ivOuoQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:47:19 GMT
age: 46793
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: e8fd4184-16b2-4174-9b14-074386b04dcb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cuXZpEXMoAMF1MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638f390a-58acf5140350736c18f94ff5;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 12:43:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DsznPl3Xshc76_XzIE3AJTK5ZZXVowWj5PaL3UoDKae5MnBNVjPsuw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:06:00 GMT
age: 45672
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 16531
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vg4u8rvq65t6.com/69/29/c1/6929c19bfe090c99ffe7d91526f90658.js
192.243.61.227200 OK 21 kB URL HTTP/1.1 vg4u8rvq65t6.com/69/29/c1/6929c19bfe090c99ffe7d91526f90658.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60142), with no line terminators
Hash 60eb3183997fbee07b0e7ad6e6361a64
53af15b363482e4da3a5b0206e0fc42869093697
bf63bbdcc366440b922c41a5f610ad65de177dac2a0a78ddac90b8db5e37c76e
GET /69/29/c1/6929c19bfe090c99ffe7d91526f90658.js HTTP/1.1
Host: vg4u8rvq65t6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 10:47:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9c837ac78808c89274efbd962979f9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i0.wp.com/i0.wp.com/i.imgur.com/MUuW2Za.jpg
192.0.77.2404 Not Found 537 B URL HTTP/2 i0.wp.com/i0.wp.com/i.imgur.com/MUuW2Za.jpg
IP 192.0.77.2:0
Hash fc308acf58c4a7753b272f8fb67f765b
a8e4df292f81d1709e8b532ca826338cb78049b7
a634f334639f8b06dccd44841caaea551fc4e38bcb988a3ef517e347fe3a6bf4
GET /i0.wp.com/i.imgur.com/MUuW2Za.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 2
X-Firefox-Spdy: h2
i0.wp.com/external-preview.redd.it/1c4jJU-37IM6A8RuR4-YaleGzdIv8lAHdOLFY665PgM.jpg?width=640&crop=smart&auto=webp&s=34830850f02f7aa2f50a8c151692d9e1aefc999c
192.0.77.2403 Forbidden 1.6 kB URL HTTP/2 i0.wp.com/external-preview.redd.it/1c4jJU-37IM6A8RuR4-YaleGzdIv8lAHdOLFY665PgM.jpg?width=640&crop=smart&auto=webp&s=34830850f02f7aa2f50a8c151692d9e1aefc999c
IP 192.0.77.2:0
Hash 862ea21478a7b583751e4d0f6415c361
c1888e4072b2a084faf46d07ac0a609fbbf1fbce
1f861909859517494cd308163c48b112b065e7c772c3e347c650bda406f5ca37
GET /external-preview.redd.it/1c4jJU-37IM6A8RuR4-YaleGzdIv8lAHdOLFY665PgM.jpg?width=640&crop=smart&auto=webp&s=34830850f02f7aa2f50a8c151692d9e1aefc999c HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2
i0.wp.com/i0.wp.com/i.imgur.com/MUuW2Za.jpg
192.0.77.2404 Not Found 916 B URL HTTP/2 i0.wp.com/i0.wp.com/i.imgur.com/MUuW2Za.jpg
IP 192.0.77.2:0
Hash 583bc84cd0b07392dc774ad7482d84ce
90c37df343fcb1ec254f88e54179fd7ba0c646e0
abce975b857059203dd3b27c873fc0700b4d3152abdbea88c6e12e8d90a91ffa
GET /i0.wp.com/i.imgur.com/MUuW2Za.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2
www.youtube.com/embed/hgepxIsrWSA
216.58.207.238200 OK 30 kB URL HTTP/2 www.youtube.com/embed/hgepxIsrWSA
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56418)
Hash 56ea4698772fcdeb446f89c70483fe60
122471824059e8b147949159b78bd999e73442b8
76f6fb5a8dd1cd6fe9457ad4d35a2d64a6ca5ff81948a0aa18cb859261ad1b83
GET /embed/hgepxIsrWSA HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Dec 2022 10:47:12 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=q6Tlsx3JyEs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=EdwJgyi9NJ8; Domain=.youtube.com; Expires=Mon, 05-Jun-2023 10:47:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+556; expires=Fri, 06-Dec-2024 10:47:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/dprd.agamkab.go.id/assets/img/not_found.png
192.0.77.2200 OK 2.1 kB URL HTTP/2 i0.wp.com/dprd.agamkab.go.id/assets/img/not_found.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 580x435, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 689484af072b2d1717533e5878e913ed
a2eb7531c3273e45affaba1195b5a1a25c4ac719
e515a8bca69cb9f38f05f60560ea5a74d9455607670d9b0f744b20f85039bd93
GET /dprd.agamkab.go.id/assets/img/not_found.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: image/webp
content-length: 2118
last-modified: Tue, 11 May 2021 14:02:49 GMT
expires: Fri, 12 May 2023 02:02:49 GMT
cache-control: public, max-age=63115200
link: <http://dprd.agamkab.go.id/assets/img/not_found.png>; rel="canonical"
x-content-type-options: nosniff
etag: "35c093813653cb9e"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102734
Date: Wed, 07 Dec 2022 10:47:12 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 15:19:26 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m-uiktHqInoHv1t84JXXiIk1xBy_iM5zfgCoo88Gk2W5-AGSOLln5A==
Age: 6502
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 540550a9fbecce579544bff1ea091cd7
6eb39a5ab6db1bab605197c5a8b096bdbd6bb2d9
c4942043b3d68fa02563b8975634f430855f2a99258edd7512fae0f55c63d874
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyazewasual.blogspot.com
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://beyazewasual.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=cc216207-ba74-4b70-9069-8c2b8b7aa566:1:1; expires=Sat, 04 Dec 2032 10:47:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
i0.wp.com/kesra.paserkab.go.id/uploads/berita/notfound.png
192.0.77.2200 OK 2.5 kB URL HTTP/2 i0.wp.com/kesra.paserkab.go.id/uploads/berita/notfound.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c751d38b953ee602fbcbbfa732910fa9
73ba843eece0bb6ac1912cef4c40b3163631ac69
3db2f334eea4acf8f49bfd7626a41bd38f19be909ef6f2376c75003f059dfb20
GET /kesra.paserkab.go.id/uploads/berita/notfound.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: image/webp
content-length: 2534
last-modified: Mon, 10 May 2021 23:27:00 GMT
expires: Thu, 11 May 2023 11:27:00 GMT
cache-control: public, max-age=63115200
link: <http://kesra.paserkab.go.id/uploads/berita/notfound.png>; rel="canonical"
x-content-type-options: nosniff
etag: "c18e61d8fe414c8a"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash fc46d68e497b5b198a7efe7e3732a7fa
8c4f03532c6ada06771c75a977bb7b9a4ae798a5
51b7fdacb866daadd0a4bc7fd224e97ffd962117e3794490198e1a1f65e5d559
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyazewasual.blogspot.com
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://beyazewasual.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=73051648-544e-4715-bc53-cfe280396b77:3:1; expires=Sat, 04 Dec 2032 10:47:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150599275461
192.0.77.2404 Not Found 537 B URL HTTP/2 i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150599275461
IP 192.0.77.2:0
Hash 4f72f9926d0cac6529bdd669ebf226ac
3bfb8de3be538ad5b77bcba75946f747c3082dd3
d9c257a19a27544a682a36896f8e50e5c520a66788ff4efecfcd77756c90a51c
GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150599275461 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html; charset=utf-8
x-nc: EXPIRED arn 7
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:46:16 GMT
expires: Fri, 01 Dec 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 478856
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 12:31:58 GMT
expires: Sun, 03 Dec 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 339314
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4272427aec58f70a2189081cf08dd45a
4aafd88bba141908524806f443d4e8dfdcb5f816
3921b739fe40043d4c63c0e7c480cacad9480c5bb56166349c5cd1b7657516b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3921B739FE40043D4C63C0E7C480CACAD9480C5BB56166349C5CD1B7657516B2"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17555
Expires: Wed, 07 Dec 2022 15:39:47 GMT
Date: Wed, 07 Dec 2022 10:47:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 07 Dec 2022 10:47:12 GMT
date: Wed, 07 Dec 2022 10:47:12 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 006bb180a40612ecb5c5d88eb741957d
a6893fed89f7a538cf8d5c6ff25f6996b60e9e02
36ac9650d965d5e8890bb973ae6ff7136bafd6aad8e0542ae5a561f3e7491271
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f102009ee79b2e189790d6fbb4d63ea
17e30730060775758855bd9e495dcfce60a5c5a4
60c0522a11350f7a842cf4a03b12e16c4e51800d48099765e96a4bc815e15360
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60C0522A11350F7A842CF4A03B12E16C4E51800D48099765E96A4BC815E15360"
Last-Modified: Mon, 05 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10010
Expires: Wed, 07 Dec 2022 13:34:03 GMT
Date: Wed, 07 Dec 2022 10:47:13 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 06:50:11 GMT
expires: Thu, 07 Dec 2023 06:50:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 14222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 006bb180a40612ecb5c5d88eb741957d
a6893fed89f7a538cf8d5c6ff25f6996b60e9e02
36ac9650d965d5e8890bb973ae6ff7136bafd6aad8e0542ae5a561f3e7491271
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
foundfroshelves.com/pixel/purst?dl=0&th=0&sc=0&rs=2476&rd=2476&fd=1184&bv=22.10.v.9&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 foundfroshelves.com/pixel/purst?dl=0&th=0&sc=0&rs=2476&rd=2476&fd=1184&bv=22.10.v.9&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2476&rd=2476&fd=1184&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 10:47:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 10:36:04 GMT
expires: Wed, 07 Dec 2022 10:51:04 GMT
cache-control: public, max-age=900
age: 669
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 07 Dec 2022 10:47:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Dec 2022 10:47:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 1a2cbe74da1d5a9d7c48b42ad2db8857
caf4577b2796a1a52826239d1942964a02dd0c32
d0dae288c5f6ea4a4557b90b38baf52f387459b5f3947d8bf1976e05440485a2
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 07 Dec 2022 10:47:13 GMT
server: ESF
cache-control: private
content-length: 31207
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34c7ea5adb0245bd2982be787007b10f
00ae5c05e6cd23cb84975f9e3c4e8a7decdab17c
9e561c15522fbb38bbd321a4d38776cd60fe8a612f80358dc9202a1fae96d6a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E561C15522FBB38BBD321A4D38776CD60FE8A612F80358DC9202A1FAE96D6A2"
Last-Modified: Tue, 06 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12329
Expires: Wed, 07 Dec 2022 14:12:42 GMT
Date: Wed, 07 Dec 2022 10:47:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.238200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 10:47:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+894; expires=Fri, 06-Dec-2024 10:47:13 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 10:47:13 GMT
cache-control: private
X-Firefox-Spdy: h2
mummybeautydebauch.com/ntv.json?key=1d1eca97b1cca4833437b01078981d7d&vstc=4
192.243.59.13200 OK 17 kB URL HTTP/1.1 mummybeautydebauch.com/ntv.json?key=1d1eca97b1cca4833437b01078981d7d&vstc=4
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (17164), with no line terminators
Hash 15a1680ab98f9afaad9b0f0d4ac68989
9c3ab9701639064f77793a4673825cc521717969
6c5c25a814f4a630f87447333804a9aace3b436989f027298abd9b521db1dac7
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=1d1eca97b1cca4833437b01078981d7d&vstc=4 HTTP/1.1
Host: mummybeautydebauch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyazewasual.blogspot.com
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 10:47:13 GMT
Content-Type: application/json
Content-Length: 17164
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://beyazewasual.blogspot.com
Access-Control-Allow-Origin: https://beyazewasual.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15865918; expires=Thu, 08 Dec 2022 10:47:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 10:47:13 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 10:47:13 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 08 Dec 2022 10:47:13 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 08 Dec 2022 10:47:13 GMT; secure; SameSite=None
nlec1d1eca97b1cca4833437b01078981d7d=[2229337,2229333,2229329,2019380]; expires=Wed, 07 Dec 2022 10:47:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f3a2fad52a0aa696f582465ed2b4aa7b
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 10:47:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba4980ad49f7492d93498d99ccde7cfa
Strict-Transport-Security: max-age=0; includeSubdomains
i.pinimg.com/originals/4e/8d/c8/4e8dc8fd18ba71b9ad933f84903e46b1.jpg
151.101.84.84200 OK 130 kB URL HTTP/2 i.pinimg.com/originals/4e/8d/c8/4e8dc8fd18ba71b9ad933f84903e46b1.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x671, components 3\012- data
Size 130 kB (129709 bytes)
Hash 8b0bf57e3cbb72f57aac0ac394d66361
467c3d6fff43b61fa33a4d6dbc2fa9713bf8948e
766bf0f2a337c7847bb38552bec5ba349b6a7da6022e25f3a18f7fe68dfb7fea
GET /originals/4e/8d/c8/4e8dc8fd18ba71b9ad933f84903e46b1.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beyazewasual.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8b0bf57e3cbb72f57aac0ac394d66361"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Wed, 07 Dec 2022 10:47:13 GMT
content-length: 129709
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 013c196cc4de35282aaea20eb5452e45
5b9a869fbbde5005053adbcf03ef368c527d588d
47a1f070b27d88ef1775ff4c60c037a723f5df4a4aca4a5805613330d2428a23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5583
Cache-Control: max-age=146813
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:13 GMT
Etag: "638ff3df-1d7"
Expires: Fri, 09 Dec 2022 03:34:06 GMT
Last-Modified: Wed, 07 Dec 2022 02:01:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93cd4106946bc499c4dbdfcab6ea7718
5628412fd5319f549699b48bc27ff0f2f334e6bd
9b471a64f51d01dc302ad60957ad702f536d4e2682ee9a594fe2253e1101d909
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B471A64F51D01DC302AD60957AD702F536D4E2682EE9A594FE2253E1101D909"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3109
Expires: Wed, 07 Dec 2022 11:39:02 GMT
Date: Wed, 07 Dec 2022 10:47:13 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:39:55 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 900598783
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Dec 2022 10:47:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.pinimg.com/736x/43/c8/fc/43c8fcd8a60f3acfd51d9523650122c2--manga-stream-free-manga.jpg
151.101.84.84200 OK 161 kB URL HTTP/2 i.pinimg.com/736x/43/c8/fc/43c8fcd8a60f3acfd51d9523650122c2--manga-stream-free-manga.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 736x1063, components 3\012- data
Size 161 kB (161213 bytes)
Hash 01100c594505bbcf26ac7a9c58700eec
d72b32d849e8c25a8c21e6c77b440b4117a78ac5
e814047b0da6d0c2a7eaaee22d4bb225d63c9f07cbd5b76229f659f8c3a77905
GET /736x/43/c8/fc/43c8fcd8a60f3acfd51d9523650122c2--manga-stream-free-manga.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beyazewasual.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "01100c594505bbcf26ac7a9c58700eec"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Wed, 07 Dec 2022 10:47:13 GMT
content-length: 161213
X-Firefox-Spdy: h2
mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXkeEeHDVPehFBkFQkEn3%2FNiZcdHFuEaCMcn%2BIuitfvWkTHVXU9U9PckpuCB7nIMH9SCdb5IN6iLuVRBkIsgSFHcuSw7mXxAUFo%2FSswOjD%2Bq999X3Dt%2F3qj7dz86Ij4yebnxgdpXWdLFV86uvbqpYmNxV125UA7%2FmX6puqvhi81J1UCbbfyPwWzX%2Ftep7km%2Bbxbof%2BH7gB9VlZWVoBotTFiq52w1qXb%2FWrNeCVhMD%2B3%2FsMg%2BOehD9M%2FIclJg8uXX%2FHhQfI46%2BvyLddmqS19%2BNMk1TY9EXRzfj7djkMaJ5G1oPYXw0m4ZxE0I%2BPwcTH80cwPQPSgdgakK8hwFYfDSTCdY%2FfKyUacgYTDyNvD%2BG1GMoOgY3t6DEAwJwgbV1xNGdNWNzuvOYpSU7IZVHf0PlE1L54wLi6LslrQbV60ZnqTKxwyAsoAZjqN4YSXaMdNeDyo%2FB00%2BgxG9k8dEq4uhg3WkDJYqpe6XGUOEYWg5BnYesPMpDFnrIEg%2BROK3SVjf0%2FXbIwkaj0%2BScNxqctzoXRUs0mp3QR8ZLeUOkyRBcD8HtHhK7h201hM1%2Bgtsq4IQHl06Id3UPfVEglwS5I8gpQa4I8pQg7xeHQru6K%2B4I7TIWzGp9VhvFyKS9fXpo0p6MyX5yRp6d7uWvF97CtjytBiKQnHbbLOCcNjuNRrPRZn7gtzvdTiDaAk4VUO7c1OqumpALT32ERE3Iua%2BeAaPHcPoYXJ0HzQLQfNSu%2B6Bbo2bHx278A7VKhorGqYmSRo1p03OJSWvcRBCmQJJWkO54%2B%2FqMvDhV9XLlQ0h%2BcvmXhTeT0cMFcFsgsQU%2BVj8T9PTt0TWTk4NrJnfk3nqSqkjt0vIlr6c0lU98877cyY0VK1fc8Ou3eUmU7d0b0qWrNBYq7jny7ZISQtplY7kkP664Tck2Mre1lNk4S1Y33lleiRIrnVMmHoOqB%2Bv%2FgKsJqbzy%2FPSPnv%2F1Tyg7hs0KRNkJmQWUOQZP9uCSuXpnCKyez7DEQ54VI1tn80utCLScY8oKuP9gNu%2F33W30bAU0vYU4KtC3Bfq6ANVDuGxhlCb25PL9L8r4EkxXRkzbygHTVn82XW2Zbpbp6oS89HsTTp1WZSv0Q%2BnXJQu7LGxTX3TDZpfRbiDbrEUDpG7Chyb4FwAA%2F%2F8BAAD%2F%2FxqOAXqKBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXkeEeHDVPehFBkFQkEn3%2FNiZcdHFuEaCMcn%2BIuitfvWkTHVXU9U9PckpuCB7nIMH9SCdb5IN6iLuVRBkIsgSFHcuSw7mXxAUFo%2FSswOjD%2Bq999X3Dt%2F3qj7dz86Ij4yebnxgdpXWdLFV86uvbqpYmNxV125UA7%2FmX6puqvhi81J1UCbbfyPwWzX%2Ftep7km%2Bbxbof%2BH7gB9VlZWVoBotTFiq52w1qXb%2FWrNeCVhMD%2B3%2FsMg%2BOehD9M%2FIclJg8uXX%2FHhQfI46%2BvyLddmqS19%2BNMk1TY9EXRzfj7djkMaJ5G1oPYXw0m4ZxE0I%2BPwcTH80cwPQPSgdgakK8hwFYfDSTCdY%2FfKyUacgYTDyNvD%2BG1GMoOgY3t6DEAwJwgbV1xNGdNWNzuvOYpSU7IZVHf0PlE1L54wLi6LslrQbV60ZnqTKxwyAsoAZjqN4YSXaMdNeDyo%2FB00%2BgxG9k8dEq4uhg3WkDJYqpe6XGUOEYWg5BnYesPMpDFnrIEg%2BROK3SVjf0%2FXbIwkaj0%2BScNxqctzoXRUs0mp3QR8ZLeUOkyRBcD8HtHhK7h201hM1%2Bgtsq4IQHl06Id3UPfVEglwS5I8gpQa4I8pQg7xeHQru6K%2B4I7TIWzGp9VhvFyKS9fXpo0p6MyX5yRp6d7uWvF97CtjytBiKQnHbbLOCcNjuNRrPRZn7gtzvdTiDaAk4VUO7c1OqumpALT32ERE3Iua%2BeAaPHcPoYXJ0HzQLQfNSu%2B6Bbo2bHx278A7VKhorGqYmSRo1p03OJSWvcRBCmQJJWkO54%2B%2FqMvDhV9XLlQ0h%2BcvmXhTeT0cMFcFsgsQU%2BVj8T9PTt0TWTk4NrJnfk3nqSqkjt0vIlr6c0lU98877cyY0VK1fc8Ou3eUmU7d0b0qWrNBYq7jny7ZISQtplY7kkP664Tck2Mre1lNk4S1Y33lleiRIrnVMmHoOqB%2Bv%2FgKsJqbzy%2FPSPnv%2F1Tyg7hs0KRNkJmQWUOQZP9uCSuXpnCKyez7DEQ54VI1tn80utCLScY8oKuP9gNu%2F33W30bAU0vYU4KtC3Bfq6ANVDuGxhlCb25PL9L8r4EkxXRkzbygHTVn82XW2Zbpbp6oS89HsTTp1WZSv0Q%2BnXJQu7LGxTX3TDZpfRbiDbrEUDpG7Chyb4FwAA%2F%2F8BAAD%2F%2FxqOAXqKBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXkeEeHDVPehFBkFQkEn3%2FNiZcdHFuEaCMcn%2BIuitfvWkTHVXU9U9PckpuCB7nIMH9SCdb5IN6iLuVRBkIsgSFHcuSw7mXxAUFo%2FSswOjD%2Bq999X3Dt%2F3qj7dz86Ij4yebnxgdpXWdLFV86uvbqpYmNxV125UA7%2FmX6puqvhi81J1UCbbfyPwWzX%2Ftep7km%2Bbxbof%2BH7gB9VlZWVoBotTFiq52w1qXb%2FWrNeCVhMD%2B3%2FsMg%2BOehD9M%2FIclJg8uXX%2FHhQfI46%2BvyLddmqS19%2BNMk1TY9EXRzfj7djkMaJ5G1oPYXw0m4ZxE0I%2BPwcTH80cwPQPSgdgakK8hwFYfDSTCdY%2FfKyUacgYTDyNvD%2BG1GMoOgY3t6DEAwJwgbV1xNGdNWNzuvOYpSU7IZVHf0PlE1L54wLi6LslrQbV60ZnqTKxwyAsoAZjqN4YSXaMdNeDyo%2FB00%2BgxG9k8dEq4uhg3WkDJYqpe6XGUOEYWg5BnYesPMpDFnrIEg%2BROK3SVjf0%2FXbIwkaj0%2BScNxqctzoXRUs0mp3QR8ZLeUOkyRBcD8HtHhK7h201hM1%2Bgtsq4IQHl06Id3UPfVEglwS5I8gpQa4I8pQg7xeHQru6K%2B4I7TIWzGp9VhvFyKS9fXpo0p6MyX5yRp6d7uWvF97CtjytBiKQnHbbLOCcNjuNRrPRZn7gtzvdTiDaAk4VUO7c1OqumpALT32ERE3Iua%2BeAaPHcPoYXJ0HzQLQfNSu%2B6Bbo2bHx278A7VKhorGqYmSRo1p03OJSWvcRBCmQJJWkO54%2B%2FqMvDhV9XLlQ0h%2BcvmXhTeT0cMFcFsgsQU%2BVj8T9PTt0TWTk4NrJnfk3nqSqkjt0vIlr6c0lU98877cyY0VK1fc8Ou3eUmU7d0b0qWrNBYq7jny7ZISQtplY7kkP664Tck2Mre1lNk4S1Y33lleiRIrnVMmHoOqB%2Bv%2FgKsJqbzy%2FPSPnv%2F1Tyg7hs0KRNkJmQWUOQZP9uCSuXpnCKyez7DEQ54VI1tn80utCLScY8oKuP9gNu%2F33W30bAU0vYU4KtC3Bfq6ANVDuGxhlCb25PL9L8r4EkxXRkzbygHTVn82XW2Zbpbp6oS89HsTTp1WZSv0Q%2BnXJQu7LGxTX3TDZpfRbiDbrEUDpG7Chyb4FwAA%2F%2F8BAAD%2F%2FxqOAXqKBAAA HTTP/1.1
Host: mummybeautydebauch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229337,2229333,2229329,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 10:47:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ae22bb53926ad9bad295ed22e65c1d2
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Wed, 07 Dec 2022 12:40:19 GMT
Date: Wed, 07 Dec 2022 10:47:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Wed, 07 Dec 2022 12:40:19 GMT
Date: Wed, 07 Dec 2022 10:47:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Wed, 07 Dec 2022 12:40:19 GMT
Date: Wed, 07 Dec 2022 10:47:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Wed, 07 Dec 2022 12:40:19 GMT
Date: Wed, 07 Dec 2022 10:47:14 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Fri, 09 Dec 2022 10:47:14 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Fri, 09 Dec 2022 10:47:14 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3t%2F8EFbwcw96kUEQVGTSPR87My66GNdIMCbZL4Le6qsnZaq7mqru6UlOwQXZ4xw8qAfpPJNsUBdxr4IgE0GWgJi5LDmYP0Jh8Sg9GRh9od73fep5D8%2FzVn22l50RHxk9Xf%2FQ7Cit6UKr5ldf3VCxMLmrrt6qBn7Nv1LdUPHl5pXqoEy2%2F2bgt2r%2Ba9X3Jd8yC3U%2F8P3AD6pLysrQDBamLFRyvxvUun6tWa8FrSYG9r%2FYZR4c9SD6Z%2BQ5KDH5%2F%2BbDB1B8jDj64Zp0W6lJ3ngvyjRNjUVfHN6Ot2KTx4jmbWg9hPHhbBrGTQj54gJMfDhzANPfLx2AqQnxHgVg8eFMJlj%2F4Fwp05AxmHgSeX8MqcdQdAxu7kCJEwJwgdU1xNG9VWNzun3O0pKdkMrjv6DyCan8cQlx9P2iVoPqTaOzVJnYYRAWUIMxVG%2BMJDtCuuNB5Ufg6adQ4jey8HgFcbS%2F5rSBEsXUvVJjqHAMLYegzkNWHuUhCz1kiYdInFZpqxv6fjtkYaPRaXLOGw3OW53LoiUazU7oI%2BOlvCHSZAiuh%2BB2F4ndxZYawmY%2Fw20WcMKDSyfEu76LviiQS4LcEeSUIFcEeUqQ94sDoV3dFfeEdhkLZrU%2Bq41iZNLeHj0waU%2FGZC85I89O9%2FLnC29jS55WAxFITrttFnBOm51Go9loMz%2Fw251uJxBtAacKKHdhanVHTcilJz5GoibkwtdPg9EjOH0Erp4BzQLQfNSu%2B6Cbo2bHx078I7VKhorGqYmSRo1p03OJSWvcRBCmQJJWkG57e%2FqMvDhV9dLvTUh%2BfPXXi28lo0cXwW2BxBb4RP1C0NN3RzdMTvZvmNyRB2tJqiK1Q8uXvJnSVP7v2w%2Fkdm6sWL7mht%2B8w0uibO%2Ffki5dobFQcc%2BR7xaVENIuGcsl%2BWnZbUi2nrnNxczGWbKy%2Fu7ScpRY6Zwy8RhUnaz9Da4mpPLK89M%2F%2BtTJ61B2DJsViLJjMgsocwSe7MIlc%2FXOEFg9n2FJBXlWjGydzS%2B1ItByjikr4P6F2bzfc3fRsxXQ9A7iqEDfFujrAlQP4bKLozSxx1cfflnGV2C6MmLaVvaZtvrzCXm58lGZbpfp%2BvmmnTqtylboh9KvSxZ2WdimvuiGzS6j3UC2WYsGSN2ED03wDwAAAP%2F%2FAQAA%2F%2F%2BqKwu7igQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3t%2F8EFbwcw96kUEQVGTSPR87My66GNdIMCbZL4Le6qsnZaq7mqru6UlOwQXZ4xw8qAfpPJNsUBdxr4IgE0GWgJi5LDmYP0Jh8Sg9GRh9od73fep5D8%2FzVn22l50RHxk9Xf%2FQ7Cit6UKr5ldf3VCxMLmrrt6qBn7Nv1LdUPHl5pXqoEy2%2F2bgt2r%2Ba9X3Jd8yC3U%2F8P3AD6pLysrQDBamLFRyvxvUun6tWa8FrSYG9r%2FYZR4c9SD6Z%2BQ5KDH5%2F%2BbDB1B8jDj64Zp0W6lJ3ngvyjRNjUVfHN6Ot2KTx4jmbWg9hPHhbBrGTQj54gJMfDhzANPfLx2AqQnxHgVg8eFMJlj%2F4Fwp05AxmHgSeX8MqcdQdAxu7kCJEwJwgdU1xNG9VWNzun3O0pKdkMrjv6DyCan8cQlx9P2iVoPqTaOzVJnYYRAWUIMxVG%2BMJDtCuuNB5Ufg6adQ4jey8HgFcbS%2F5rSBEsXUvVJjqHAMLYegzkNWHuUhCz1kiYdInFZpqxv6fjtkYaPRaXLOGw3OW53LoiUazU7oI%2BOlvCHSZAiuh%2BB2F4ndxZYawmY%2Fw20WcMKDSyfEu76LviiQS4LcEeSUIFcEeUqQ94sDoV3dFfeEdhkLZrU%2Bq41iZNLeHj0waU%2FGZC85I89O9%2FLnC29jS55WAxFITrttFnBOm51Go9loMz%2Fw251uJxBtAacKKHdhanVHTcilJz5GoibkwtdPg9EjOH0Erp4BzQLQfNSu%2B6Cbo2bHx078I7VKhorGqYmSRo1p03OJSWvcRBCmQJJWkG57e%2FqMvDhV9dLvTUh%2BfPXXi28lo0cXwW2BxBb4RP1C0NN3RzdMTvZvmNyRB2tJqiK1Q8uXvJnSVP7v2w%2Fkdm6sWL7mht%2B8w0uibO%2Ffki5dobFQcc%2BR7xaVENIuGcsl%2BWnZbUi2nrnNxczGWbKy%2Fu7ScpRY6Zwy8RhUnaz9Da4mpPLK89M%2F%2BtTJ61B2DJsViLJjMgsocwSe7MIlc%2FXOEFg9n2FJBXlWjGydzS%2B1ItByjikr4P6F2bzfc3fRsxXQ9A7iqEDfFujrAlQP4bKLozSxx1cfflnGV2C6MmLaVvaZtvrzCXm58lGZbpfp%2BvmmnTqtylboh9KvSxZ2WdimvuiGzS6j3UC2WYsGSN2ED03wDwAAAP%2F%2FAQAA%2F%2F%2BqKwu7igQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3t%2F8EFbwcw96kUEQVGTSPR87My66GNdIMCbZL4Le6qsnZaq7mqru6UlOwQXZ4xw8qAfpPJNsUBdxr4IgE0GWgJi5LDmYP0Jh8Sg9GRh9od73fep5D8%2FzVn22l50RHxk9Xf%2FQ7Cit6UKr5ldf3VCxMLmrrt6qBn7Nv1LdUPHl5pXqoEy2%2F2bgt2r%2Ba9X3Jd8yC3U%2F8P3AD6pLysrQDBamLFRyvxvUun6tWa8FrSYG9r%2FYZR4c9SD6Z%2BQ5KDH5%2F%2BbDB1B8jDj64Zp0W6lJ3ngvyjRNjUVfHN6Ot2KTx4jmbWg9hPHhbBrGTQj54gJMfDhzANPfLx2AqQnxHgVg8eFMJlj%2F4Fwp05AxmHgSeX8MqcdQdAxu7kCJEwJwgdU1xNG9VWNzun3O0pKdkMrjv6DyCan8cQlx9P2iVoPqTaOzVJnYYRAWUIMxVG%2BMJDtCuuNB5Ufg6adQ4jey8HgFcbS%2F5rSBEsXUvVJjqHAMLYegzkNWHuUhCz1kiYdInFZpqxv6fjtkYaPRaXLOGw3OW53LoiUazU7oI%2BOlvCHSZAiuh%2BB2F4ndxZYawmY%2Fw20WcMKDSyfEu76LviiQS4LcEeSUIFcEeUqQ94sDoV3dFfeEdhkLZrU%2Bq41iZNLeHj0waU%2FGZC85I89O9%2FLnC29jS55WAxFITrttFnBOm51Go9loMz%2Fw251uJxBtAacKKHdhanVHTcilJz5GoibkwtdPg9EjOH0Erp4BzQLQfNSu%2B6Cbo2bHx078I7VKhorGqYmSRo1p03OJSWvcRBCmQJJWkG57e%2FqMvDhV9dLvTUh%2BfPXXi28lo0cXwW2BxBb4RP1C0NN3RzdMTvZvmNyRB2tJqiK1Q8uXvJnSVP7v2w%2Fkdm6sWL7mht%2B8w0uibO%2Ffki5dobFQcc%2BR7xaVENIuGcsl%2BWnZbUi2nrnNxczGWbKy%2Fu7ScpRY6Zwy8RhUnaz9Da4mpPLK89M%2F%2BtTJ61B2DJsViLJjMgsocwSe7MIlc%2FXOEFg9n2FJBXlWjGydzS%2B1ItByjikr4P6F2bzfc3fRsxXQ9A7iqEDfFujrAlQP4bKLozSxx1cfflnGV2C6MmLaVvaZtvrzCXm58lGZbpfp%2BvmmnTqtylboh9KvSxZ2WdimvuiGzS6j3UC2WYsGSN2ED03wDwAAAP%2F%2FAQAA%2F%2F%2BqKwu7igQAAA%3D%3D HTTP/1.1
Host: mummybeautydebauch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229337,2229333,2229329,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 10:47:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b2e83de844e6c57b98672eae23788248
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Fri, 09 Dec 2022 10:47:14 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.9200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Fri, 09 Dec 2022 10:47:14 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fP4gHV92DXmQQBAWZdM%2FHzoyLLsY1EoxJ9ougt%2FrqSZnqrqaqe3qSU3BB9jgHD%2BpBOs8kG9RF3KsgyESQJSjuXJYczH%2FgRWHxKD07MPpCvR%2F1vIfneao%2B2c%2FOiI%2BMnm68b3aV1nSxVfOrr2yqWJjcVdduVgO%2F5l%2Bubqr4UvNydVAm23898Fs1%2F9Xqu5Jvm8W6H%2Fh%2B4AfVZWVlaAaLUxQqudcNal2%2F1qzXglYTA%2Fvf2WUeHPUg%2BmfkWSgx%2Bd%2FWg%2FtQfIw4%2Bu6qdNupSV57J8o0TY1FXxzdirdjk8eI5m1oPYTx0Wwbxk0I%2BewcTHw0UwDTPygVgKkJ8R4FYPHRjCZY%2F%2FAJU6YhYzDxFPL%2BGFKPoegY3NyGEg8JwAXW1hFHd9eMzenOE5SW6IRUHv8FlU9I5feLiKNvl7QaVG8YnaXKxA6DsIAajKF6YyTZMdJdDyo%2FBk8%2FhhK%2FksXHq4ijg3WnDZQopuqVGkOFY2g5BHUesvIoD1noIUs8ROK0Slvd0PfbIQsbjU6Tc95ocN7qXBIt0Wh2Qh8ZL%2BkNkSZDcD0Et3tI7B621RA2%2BxFuq4ATHlw6Id61PfRFgVwS5I4gpwS5IshTgrxfHArt6q64K7TLWDCr9VltFCOT9vbpoUl7Mib7yRl5ZurLn8%2B%2FiW15Wg1EIDnttlnAOW12Go1mo838wG93up1AtAWcKqDcuanUXTUhF%2F%2F%2FIRI1Iee%2BfBqMHsPpY3B1ATQLQPNRu%2B6Dbo2aHR%2B78ffUKhkqGqcmSho1pk3PJSatcRNBmAJJWkG64%2B3rM%2FLClNVLlWuQ%2FOTKzwtvJKNHC%2BC2QGILfKR%2BIujpO6PrJicH103uyP31JFWR2qXlS95IaSrPf%2F2e3MmNFStX3fCrt3gJlO29m9KlqzQWKu458s2SEkLaZWO5JD%2BsuE3JNjK3tZTZOEtWN95eXokSK51TJh6Dqofrf4OrCam8%2FNz0j1745Q8oO4bNCkTZCZkFlDkGT%2Fbgkjl7Zwisnu%2Bw5DzyrBjZOptfakWg5XymrID718zm%2Fb67g56tgKa3EUcF%2BrZAXxegegiXLYzSxJ5cefB5GV%2BA6cqIaVs5YNrqT0trPyjTranJE%2FLib004dVqVrdAPpV%2BXLOyysE190Q2bXUa7gWyzFg2QugkfmuAfAAAA%2F%2F8BAAD%2F%2F%2FEl2fiKBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fP4gHV92DXmQQBAWZdM%2FHzoyLLsY1EoxJ9ougt%2FrqSZnqrqaqe3qSU3BB9jgHD%2BpBOs8kG9RF3KsgyESQJSjuXJYczH%2FgRWHxKD07MPpCvR%2F1vIfneao%2B2c%2FOiI%2BMnm68b3aV1nSxVfOrr2yqWJjcVdduVgO%2F5l%2Bubqr4UvNydVAm23898Fs1%2F9Xqu5Jvm8W6H%2Fh%2B4AfVZWVlaAaLUxQqudcNal2%2F1qzXglYTA%2Fvf2WUeHPUg%2BmfkWSgx%2Bd%2FWg%2FtQfIw4%2Bu6qdNupSV57J8o0TY1FXxzdirdjk8eI5m1oPYTx0Wwbxk0I%2BewcTHw0UwDTPygVgKkJ8R4FYPHRjCZY%2F%2FAJU6YhYzDxFPL%2BGFKPoegY3NyGEg8JwAXW1hFHd9eMzenOE5SW6IRUHv8FlU9I5feLiKNvl7QaVG8YnaXKxA6DsIAajKF6YyTZMdJdDyo%2FBk8%2FhhK%2FksXHq4ijg3WnDZQopuqVGkOFY2g5BHUesvIoD1noIUs8ROK0Slvd0PfbIQsbjU6Tc95ocN7qXBIt0Wh2Qh8ZL%2BkNkSZDcD0Et3tI7B621RA2%2BxFuq4ATHlw6Id61PfRFgVwS5I4gpwS5IshTgrxfHArt6q64K7TLWDCr9VltFCOT9vbpoUl7Mib7yRl5ZurLn8%2B%2FiW15Wg1EIDnttlnAOW12Go1mo838wG93up1AtAWcKqDcuanUXTUhF%2F%2F%2FIRI1Iee%2BfBqMHsPpY3B1ATQLQPNRu%2B6Dbo2aHR%2B78ffUKhkqGqcmSho1pk3PJSatcRNBmAJJWkG64%2B3rM%2FLClNVLlWuQ%2FOTKzwtvJKNHC%2BC2QGILfKR%2BIujpO6PrJicH103uyP31JFWR2qXlS95IaSrPf%2F2e3MmNFStX3fCrt3gJlO29m9KlqzQWKu458s2SEkLaZWO5JD%2BsuE3JNjK3tZTZOEtWN95eXokSK51TJh6Dqofrf4OrCam8%2FNz0j1745Q8oO4bNCkTZCZkFlDkGT%2Fbgkjl7Zwisnu%2Bw5DzyrBjZOptfakWg5XymrID718zm%2Fb67g56tgKa3EUcF%2BrZAXxegegiXLYzSxJ5cefB5GV%2BA6cqIaVs5YNrqT0trPyjTranJE%2FLib004dVqVrdAPpV%2BXLOyysE190Q2bXUa7gWyzFg2QugkfmuAfAAAA%2F%2F8BAAD%2F%2F%2FEl2fiKBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fP4gHV92DXmQQBAWZdM%2FHzoyLLsY1EoxJ9ougt%2FrqSZnqrqaqe3qSU3BB9jgHD%2BpBOs8kG9RF3KsgyESQJSjuXJYczH%2FgRWHxKD07MPpCvR%2F1vIfneao%2B2c%2FOiI%2BMnm68b3aV1nSxVfOrr2yqWJjcVdduVgO%2F5l%2Bubqr4UvNydVAm23898Fs1%2F9Xqu5Jvm8W6H%2Fh%2B4AfVZWVlaAaLUxQqudcNal2%2F1qzXglYTA%2Fvf2WUeHPUg%2BmfkWSgx%2Bd%2FWg%2FtQfIw4%2Bu6qdNupSV57J8o0TY1FXxzdirdjk8eI5m1oPYTx0Wwbxk0I%2BewcTHw0UwDTPygVgKkJ8R4FYPHRjCZY%2F%2FAJU6YhYzDxFPL%2BGFKPoegY3NyGEg8JwAXW1hFHd9eMzenOE5SW6IRUHv8FlU9I5feLiKNvl7QaVG8YnaXKxA6DsIAajKF6YyTZMdJdDyo%2FBk8%2FhhK%2FksXHq4ijg3WnDZQopuqVGkOFY2g5BHUesvIoD1noIUs8ROK0Slvd0PfbIQsbjU6Tc95ocN7qXBIt0Wh2Qh8ZL%2BkNkSZDcD0Et3tI7B621RA2%2BxFuq4ATHlw6Id61PfRFgVwS5I4gpwS5IshTgrxfHArt6q64K7TLWDCr9VltFCOT9vbpoUl7Mib7yRl5ZurLn8%2B%2FiW15Wg1EIDnttlnAOW12Go1mo838wG93up1AtAWcKqDcuanUXTUhF%2F%2F%2FIRI1Iee%2BfBqMHsPpY3B1ATQLQPNRu%2B6Dbo2aHR%2B78ffUKhkqGqcmSho1pk3PJSatcRNBmAJJWkG64%2B3rM%2FLClNVLlWuQ%2FOTKzwtvJKNHC%2BC2QGILfKR%2BIujpO6PrJicH103uyP31JFWR2qXlS95IaSrPf%2F2e3MmNFStX3fCrt3gJlO29m9KlqzQWKu458s2SEkLaZWO5JD%2BsuE3JNjK3tZTZOEtWN95eXokSK51TJh6Dqofrf4OrCam8%2FNz0j1745Q8oO4bNCkTZCZkFlDkGT%2Fbgkjl7Zwisnu%2Bw5DzyrBjZOptfakWg5XymrID718zm%2Fb67g56tgKa3EUcF%2BrZAXxegegiXLYzSxJ5cefB5GV%2BA6cqIaVs5YNrqT0trPyjTranJE%2FLib004dVqVrdAPpV%2BXLOyysE190Q2bXUa7gWyzFg2QugkfmuAfAAAA%2F%2F8BAAD%2F%2F%2FEl2fiKBAAA HTTP/1.1
Host: mummybeautydebauch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229337,2229333,2229329,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 10:47:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a3708cfd022ae994eeb08a6370c090d
Strict-Transport-Security: max-age=0; includeSubdomains
mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BCPHgqnvQiwyCoCCT7vnYmXHRYFwjwZhkvwh6q6%2BelKnuaqq6pyc5BRdkj3PwoB6k80yyQV3EPSoIMhFkCYo7lyUH8yd4UFg8Ss8ORF%2Fo96OfF%2Bp5nqqP97Mz4iOjpxvvmV2lNV1o1fzqy5sqFiZ31bUb1cCv%2BZermyq%2B1LxcHZTJ9l8L%2FFbNf6X6juTbZqHuB74f%2BEF1WVkZmsHCFIVK7naDWtevNeu1oNXEwP53dpkHRz2I%2Fhl5BkpM%2Fr91%2Fx4UHyOOvr0i3XZqklffjjJNU2PRF0c34%2B3Y5DGi8za0HsL4aLYN4yaEfDoHEx%2FNFMD0D0oFYGpCvIcBWHw0ownWP3zMlGnIGEw8ibw%2FhtRjKDoGN7egxAMCcIG1dcTRnTVjc7rzGKUlOiGVR39B5RNS%2Bf0i4uibJa0G1etGZ6kyscMgLKAGY6jeGEl2jHTXg8qPwdOPoMSvZOHRKuLoYN1pAyWKqXqlxlDhGFoOQZ2HrPyUhyz0kCUeInFapa1u6PvtkIWNRqfJOW80OG91LomWaDQ7oY%2BMl%2FSGSJMhuB6C2z0kdg%2Fbagib%2FQi3VcAJDy6dEO%2FqHvqiQC4JckeQU4JcEeQpQd4vDoV2dVfcEdplLJjV%2Bqw2ipFJe%2Fv00KQ9GZP95Iw8PfXlz%2BfewLY8rQYikJx22yzgnDY7jUaz0WZ%2B4Lc73U4g2gJOFVBubip1V03IxSc%2BQKImZO6Lp8DoMZw%2BBlcXQLMANB%2B16z7o1qjZ8bEbf0%2BtkqGicWqipFFj2vRcYtIaNxGEKZCkFaQ73r4%2BI89PWb1YuQnJTxZ%2Fnn89GT2cB7cFElvgQ%2FUTQU%2FfHl0zOTm4ZnJH7q0nqYrULi1v8npKU%2Fm%2Fr96VO7mxYuWKG375Ji%2BBsr17Q7p0lcZCxT1Hvl5SQki7bCyX5IcVtynZRua2ljIbZ8nqxlvLK1FipXPKxGNQ9WD9b3A1IZWXnp2%2B0Qu%2F%2FAFlx7BZgSg7IbOAMsfgyR5ccrL43WdlfA5nCKw%2B32HJHPKsGNk6O%2F%2BpFYGW5zNlBdy%2FZnbe77vb6NkKaHoLcVSgbwv0dQGqh3DZ%2FChN7Mni%2FdnhTFdGTNvKAdNWf1Ja%2B%2F7U3zJdnZAXfmvCqdOqbIV%2BKP26ZGGXhW3qi27Y7DLaDWSbtWiA1E340AT%2FAAAA%2F%2F8BAAD%2F%2F0TfowSKBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 mummybeautydebauch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BCPHgqnvQiwyCoCCT7vnYmXHRYFwjwZhkvwh6q6%2BelKnuaqq6pyc5BRdkj3PwoB6k80yyQV3EPSoIMhFkCYo7lyUH8yd4UFg8Ss8ORF%2Fo96OfF%2Bp5nqqP97Mz4iOjpxvvmV2lNV1o1fzqy5sqFiZ31bUb1cCv%2BZermyq%2B1LxcHZTJ9l8L%2FFbNf6X6juTbZqHuB74f%2BEF1WVkZmsHCFIVK7naDWtevNeu1oNXEwP53dpkHRz2I%2Fhl5BkpM%2Fr91%2Fx4UHyOOvr0i3XZqklffjjJNU2PRF0c34%2B3Y5DGi8za0HsL4aLYN4yaEfDoHEx%2FNFMD0D0oFYGpCvIcBWHw0ownWP3zMlGnIGEw8ibw%2FhtRjKDoGN7egxAMCcIG1dcTRnTVjc7rzGKUlOiGVR39B5RNS%2Bf0i4uibJa0G1etGZ6kyscMgLKAGY6jeGEl2jHTXg8qPwdOPoMSvZOHRKuLoYN1pAyWKqXqlxlDhGFoOQZ2HrPyUhyz0kCUeInFapa1u6PvtkIWNRqfJOW80OG91LomWaDQ7oY%2BMl%2FSGSJMhuB6C2z0kdg%2Fbagib%2FQi3VcAJDy6dEO%2FqHvqiQC4JckeQU4JcEeQpQd4vDoV2dVfcEdplLJjV%2Bqw2ipFJe%2Fv00KQ9GZP95Iw8PfXlz%2BfewLY8rQYikJx22yzgnDY7jUaz0WZ%2B4Lc73U4g2gJOFVBubip1V03IxSc%2BQKImZO6Lp8DoMZw%2BBlcXQLMANB%2B16z7o1qjZ8bEbf0%2BtkqGicWqipFFj2vRcYtIaNxGEKZCkFaQ73r4%2BI89PWb1YuQnJTxZ%2Fnn89GT2cB7cFElvgQ%2FUTQU%2FfHl0zOTm4ZnJH7q0nqYrULi1v8npKU%2Fm%2Fr96VO7mxYuWKG375Ji%2BBsr17Q7p0lcZCxT1Hvl5SQki7bCyX5IcVtynZRua2ljIbZ8nqxlvLK1FipXPKxGNQ9WD9b3A1IZWXnp2%2B0Qu%2F%2FAFlx7BZgSg7IbOAMsfgyR5ccrL43WdlfA5nCKw%2B32HJHPKsGNk6O%2F%2BpFYGW5zNlBdy%2FZnbe77vb6NkKaHoLcVSgbwv0dQGqh3DZ%2FChN7Mni%2FdnhTFdGTNvKAdNWf1Ja%2B%2F7U3zJdnZAXfmvCqdOqbIV%2BKP26ZGGXhW3qi27Y7DLaDWSbtWiA1E340AT%2FAAAA%2F%2F8BAAD%2F%2F0TfowSKBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BCPHgqnvQiwyCoCCT7vnYmXHRYFwjwZhkvwh6q6%2BelKnuaqq6pyc5BRdkj3PwoB6k80yyQV3EPSoIMhFkCYo7lyUH8yd4UFg8Ss8ORF%2Fo96OfF%2Bp5nqqP97Mz4iOjpxvvmV2lNV1o1fzqy5sqFiZ31bUb1cCv%2BZermyq%2B1LxcHZTJ9l8L%2FFbNf6X6juTbZqHuB74f%2BEF1WVkZmsHCFIVK7naDWtevNeu1oNXEwP53dpkHRz2I%2Fhl5BkpM%2Fr91%2Fx4UHyOOvr0i3XZqklffjjJNU2PRF0c34%2B3Y5DGi8za0HsL4aLYN4yaEfDoHEx%2FNFMD0D0oFYGpCvIcBWHw0ownWP3zMlGnIGEw8ibw%2FhtRjKDoGN7egxAMCcIG1dcTRnTVjc7rzGKUlOiGVR39B5RNS%2Bf0i4uibJa0G1etGZ6kyscMgLKAGY6jeGEl2jHTXg8qPwdOPoMSvZOHRKuLoYN1pAyWKqXqlxlDhGFoOQZ2HrPyUhyz0kCUeInFapa1u6PvtkIWNRqfJOW80OG91LomWaDQ7oY%2BMl%2FSGSJMhuB6C2z0kdg%2Fbagib%2FQi3VcAJDy6dEO%2FqHvqiQC4JckeQU4JcEeQpQd4vDoV2dVfcEdplLJjV%2Bqw2ipFJe%2Fv00KQ9GZP95Iw8PfXlz%2BfewLY8rQYikJx22yzgnDY7jUaz0WZ%2B4Lc73U4g2gJOFVBubip1V03IxSc%2BQKImZO6Lp8DoMZw%2BBlcXQLMANB%2B16z7o1qjZ8bEbf0%2BtkqGicWqipFFj2vRcYtIaNxGEKZCkFaQ73r4%2BI89PWb1YuQnJTxZ%2Fnn89GT2cB7cFElvgQ%2FUTQU%2FfHl0zOTm4ZnJH7q0nqYrULi1v8npKU%2Fm%2Fr96VO7mxYuWKG375Ji%2BBsr17Q7p0lcZCxT1Hvl5SQki7bCyX5IcVtynZRua2ljIbZ8nqxlvLK1FipXPKxGNQ9WD9b3A1IZWXnp2%2B0Qu%2F%2FAFlx7BZgSg7IbOAMsfgyR5ccrL43WdlfA5nCKw%2B32HJHPKsGNk6O%2F%2BpFYGW5zNlBdy%2FZnbe77vb6NkKaHoLcVSgbwv0dQGqh3DZ%2FChN7Mni%2FdnhTFdGTNvKAdNWf1Ja%2B%2F7U3zJdnZAXfmvCqdOqbIV%2BKP26ZGGXhW3qi27Y7DLaDWSbtWiA1E340AT%2FAAAA%2F%2F8BAAD%2F%2F0TfowSKBAAA HTTP/1.1
Host: mummybeautydebauch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229337,2229333,2229329,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 10:47:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8b87e521b0de8dbb8bc29a46fa977f7
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4277085&@f16&@g1&@h1&@i1&@j1670410033398&@k0&@l1&@mThe%20Best%2016%20Kenpachi%20Bankai%20Chapter%20669%20-%20beyazewasual&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:144050175&@b3:1670410033&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbeyazewasual.blogspot.com%2F2022%2F06%2Fthe-best-16-kenpachi-bankai-chapter-669.html&@w
149.56.240.128200 OK 44 B URL HTTP/1.1 s4.histats.com/stats/0.php?4277085&@f16&@g1&@h1&@i1&@j1670410033398&@k0&@l1&@mThe%20Best%2016%20Kenpachi%20Bankai%20Chapter%20669%20-%20beyazewasual&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:144050175&@b3:1670410033&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbeyazewasual.blogspot.com%2F2022%2F06%2Fthe-best-16-kenpachi-bankai-chapter-669.html&@w
IP 149.56.240.128:0
File type ASCII text, with no line terminators
Hash 524dc11ff7e5401c84f333a243c48787
b9b28b0d02e1e70130c6181182fdc4c07295361a
2085c3948b363ece8fe6e44bf26b0a318dc9446186f3cfafbf440cdffea898b7
GET /stats/0.php?4277085&@f16&@g1&@h1&@i1&@j1670410033398&@k0&@l1&@mThe%20Best%2016%20Kenpachi%20Bankai%20Chapter%20669%20-%20beyazewasual&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:144050175&@b3:1670410033&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbeyazewasual.blogspot.com%2F2022%2F06%2Fthe-best-16-kenpachi-bankai-chapter-669.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 10:47:14 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 44
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ca0163b98fe08400ca256eab5d2c4aa6
9f98a05573d6618a68e19da6f9b323bff4383193
49dc62f616be2b0f8db1221efc5885d66e53c5d96633d4fffb9f98a153bc40c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5622
Cache-Control: max-age=96804
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:14 GMT
Etag: "638f3060-117"
Expires: Thu, 08 Dec 2022 13:40:38 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:56 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
192.243.61.227200 OK 9.3 kB URL HTTP/1.1 vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25158), with no line terminators
Hash c12ae55f0ab7bfed6fca00db4e247e13
55c5c5eb3ae60dc4cf8e9a6903c6cbc6324ba5cb
6f142c455ad56bd1785ae00d81dcedba559585540dc8881df6f86f828fbfe5a9
GET /1d1eca97b1cca4833437b01078981d7d/invoke.js HTTP/1.1
Host: vg4u8rvq65t6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 10:47:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5f96db241cd2483b413e58a6cecf150f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ca0163b98fe08400ca256eab5d2c4aa6
9f98a05573d6618a68e19da6f9b323bff4383193
49dc62f616be2b0f8db1221efc5885d66e53c5d96633d4fffb9f98a153bc40c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5622
Cache-Control: max-age=96804
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:47:14 GMT
Etag: "638f3060-117"
Expires: Thu, 08 Dec 2022 13:40:38 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:56 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bff9a70c3cfe2c4ce031fa410a438318
c85c8438f21b55d31778e032631a76370e7674d2
9ea53d85e364955566a5bda657fc25b32fe3aa95db63118bc21e80f895180782
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EA53D85E364955566A5BDA657FC25B32FE3AA95DB63118BC21E80F895180782"
Last-Modified: Sun, 04 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3153
Expires: Wed, 07 Dec 2022 11:39:47 GMT
Date: Wed, 07 Dec 2022 10:47:14 GMT
Connection: keep-alive
use.fontawesome.com/releases/v5.8.2/webfonts/fa-regular-400.woff2
172.64.133.15200 OK 14 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.2/webfonts/fa-regular-400.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 329.-17695\012- data
Hash 7980a6361c25b4665dbbe92d4488783c
22516802ef9ac878298519c18ffab11769ee6cd7
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af
GET /releases/v5.8.2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyazewasual.blogspot.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: font/woff2
content-length: 13584
x-amz-id-2: sQLFvS1TS5E2OGQTYOVLZJUau+vr+ge7cMIrpahzThrwp0OARL54rTZez/VrigYbL0+AMK1ICb4=
x-amz-request-id: ZPDJ9W88D7376KEV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:20 GMT
etag: "7980a6361c25b4665dbbe92d4488783c"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfsfqdlcFaQEoZg5hCXbr%2FQr83T1dl6TOPPd6iM1z%2FvUxUqf%2B0rpL0ocXmPLgMWDcdpZc8t56nNeBiznwylXI4wzMIbdxDnnbuT0W%2BVYpoMhSUJ%2BaQ2OX6eGzCmEWwjeNOZrw7T2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775cae9bd94472ac-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.8.2/css/all.css
172.64.133.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.2/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (54998)
Hash a00d052fb680d79d38934c76f74f529f
cf1a25080d61122c656e9a2b81fef94ceaf2a465
d50abee2789efa19283c367c22a52d137e6a2a996034b8130c00825b7b9c9257
GET /releases/v5.8.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: text/css
x-amz-id-2: A13t2dcXpzTTZgEjPuP6tfduWmX/PiPKqL+HLwKDStm72wAg+oyniX4/8PUSTbUsKE65giW7DrI=
x-amz-request-id: 2HZEYSVMP0Q9Z9CS
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 912966
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryCqwedLI%2B9klSkeNCRdqz1uZyYKEhd8J8H5AMVlns9BTmqq6BHk6IJjJi7FhvdGfFTV1Kqgc4hUIJL4QsXLFKJCEiPHy6I3c5RcKZpi95L1OuuJQreUlNGPZ%2FIcGvLZHRJCFEmg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cae9ab94376c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2
172.64.133.15200 OK 75 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 74656, version 329.-17695\012- data
Hash 9f4ce3dc689981a1b87faab0f5484f9e
1b33b1246610585c440e464b04df64cf0cea1dca
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
GET /releases/v5.8.2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyazewasual.blogspot.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: font/woff2
content-length: 74656
x-amz-id-2: yPvYB7z6Ujex7TDiFiysih5E/QYdPxKcbj8k3fju4onq1NTNCzj+K9zHB+A5xFpNweEOLBviGO4=
x-amz-request-id: ZPDKN3JC7SHQD6DH
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:20 GMT
etag: "9f4ce3dc689981a1b87faab0f5484f9e"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knGSmj%2Fp6%2FpJCoLAEYBUOJ8QiRLANthSn1JBXTOg0s%2FD0hcy7KUz3vv1wa7rEEgVJ2YNJTKP2SBk5nGx5DwTdcchhj5EPfthR%2BD2KU7%2FH5rofWct0VBOGr8IcjhkImIWLfUeNlKB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775cae9bd94372ac-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 74328, version 329.-17695\012- data
Hash 64b3e814a66c2719b15abf8f7998bd73
fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
GET /releases/v5.8.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyazewasual.blogspot.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:47:14 GMT
content-type: font/woff2
content-length: 74328
x-amz-id-2: ekwU82p6jfjWpY8Ur41WCZWfFeAMSd3JpiG8FWhuwGeCUA55xkz8X+dbq+mhY0S+xfzarESIOxY=
x-amz-request-id: ZPDM4M49ECVZR5XA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:21 GMT
etag: "64b3e814a66c2719b15abf8f7998bd73"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAdXI79XNH6rOuL2J5WIYGKHydquBOHuEFoRbL9v8u3xCbIppSvJPkkDeLk%2FjLhi2ZLqpgU1J%2FSTj00IoE1EO7PBL5Q49O5w8AIiyfOze3V7pc%2FSfDoghg58aLHnvhYraPQ2GV5X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775cae9bd94872ac-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/33f5ddc0-c745-4436-9bec-da07217be815/d9y5vq9-4b7da6fe-f643-49ca-8082-d76e6860b6a7.png/v1/fill/w_622,h_350,q_70,strp/bleach_chapter_669_review__zaraki_s_bankai_by_tensazangetsu59_d9y5vq9-350t.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NTc2IiwicGF0aCI6IlwvZlwvMzNmNWRkYzAtYzc0NS00NDM2LTliZWMtZGEwNzIxN2JlODE1XC9kOXk1dnE5LTRiN2RhNmZlLWY2NDMtNDljYS04MDgyLWQ3NmU2ODYwYjZhNy5wbmciLCJ3aWR0aCI6Ijw9MTAyNCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19.CgcnU9fFiTV-on3GrCkIm78rshcFbt6NFWlHtfw23AY
192.0.77.2403 Forbidden 0 B URL HTTP/2 i0.wp.com/images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/33f5ddc0-c745-4436-9bec-da07217be815/d9y5vq9-4b7da6fe-f643-49ca-8082-d76e6860b6a7.png/v1/fill/w_622,h_350,q_70,strp/bleach_chapter_669_review__zaraki_s_bankai_by_tensazangetsu59_d9y5vq9-350t.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NTc2IiwicGF0aCI6IlwvZlwvMzNmNWRkYzAtYzc0NS00NDM2LTliZWMtZGEwNzIxN2JlODE1XC9kOXk1dnE5LTRiN2RhNmZlLWY2NDMtNDljYS04MDgyLWQ3NmU2ODYwYjZhNy5wbmciLCJ3aWR0aCI6Ijw9MTAyNCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19.CgcnU9fFiTV-on3GrCkIm78rshcFbt6NFWlHtfw23AY
IP 192.0.77.2:0
GET /images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/33f5ddc0-c745-4436-9bec-da07217be815/d9y5vq9-4b7da6fe-f643-49ca-8082-d76e6860b6a7.png/v1/fill/w_622,h_350,q_70,strp/bleach_chapter_669_review__zaraki_s_bankai_by_tensazangetsu59_d9y5vq9-350t.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NTc2IiwicGF0aCI6IlwvZlwvMzNmNWRkYzAtYzc0NS00NDM2LTliZWMtZGEwNzIxN2JlODE1XC9kOXk1dnE5LTRiN2RhNmZlLWY2NDMtNDljYS04MDgyLWQ3NmU2ODYwYjZhNy5wbmciLCJ3aWR0aCI6Ijw9MTAyNCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19.CgcnU9fFiTV-on3GrCkIm78rshcFbt6NFWlHtfw23AY HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 6
X-Firefox-Spdy: h2
i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150489275472
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150489275472
IP 192.0.77.2:0
GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150489275472 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 7
X-Firefox-Spdy: h2
i0.wp.com/external-preview.redd.it/1c4jJU-37IM6A8RuR4-YaleGzdIv8lAHdOLFY665PgM.jpg?width=640&crop=smart&auto=webp&s=34830850f02f7aa2f50a8c151692d9e1aefc999c
192.0.77.2403 Forbidden 0 B URL HTTP/2 i0.wp.com/external-preview.redd.it/1c4jJU-37IM6A8RuR4-YaleGzdIv8lAHdOLFY665PgM.jpg?width=640&crop=smart&auto=webp&s=34830850f02f7aa2f50a8c151692d9e1aefc999c
IP 192.0.77.2:0
GET /external-preview.redd.it/1c4jJU-37IM6A8RuR4-YaleGzdIv8lAHdOLFY665PgM.jpg?width=640&crop=smart&auto=webp&s=34830850f02f7aa2f50a8c151692d9e1aefc999c HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2
i0.wp.com/images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/33f5ddc0-c745-4436-9bec-da07217be815/d9y5vq9-4b7da6fe-f643-49ca-8082-d76e6860b6a7.png/v1/fill/w_622,h_350,q_70,strp/bleach_chapter_669_review__zaraki_s_bankai_by_tensazangetsu59_d9y5vq9-350t.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NTc2IiwicGF0aCI6IlwvZlwvMzNmNWRkYzAtYzc0NS00NDM2LTliZWMtZGEwNzIxN2JlODE1XC9kOXk1dnE5LTRiN2RhNmZlLWY2NDMtNDljYS04MDgyLWQ3NmU2ODYwYjZhNy5wbmciLCJ3aWR0aCI6Ijw9MTAyNCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19.CgcnU9fFiTV-on3GrCkIm78rshcFbt6NFWlHtfw23AY
192.0.77.2403 Forbidden 0 B URL HTTP/2 i0.wp.com/images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/33f5ddc0-c745-4436-9bec-da07217be815/d9y5vq9-4b7da6fe-f643-49ca-8082-d76e6860b6a7.png/v1/fill/w_622,h_350,q_70,strp/bleach_chapter_669_review__zaraki_s_bankai_by_tensazangetsu59_d9y5vq9-350t.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NTc2IiwicGF0aCI6IlwvZlwvMzNmNWRkYzAtYzc0NS00NDM2LTliZWMtZGEwNzIxN2JlODE1XC9kOXk1dnE5LTRiN2RhNmZlLWY2NDMtNDljYS04MDgyLWQ3NmU2ODYwYjZhNy5wbmciLCJ3aWR0aCI6Ijw9MTAyNCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19.CgcnU9fFiTV-on3GrCkIm78rshcFbt6NFWlHtfw23AY
IP 192.0.77.2:0
GET /images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/33f5ddc0-c745-4436-9bec-da07217be815/d9y5vq9-4b7da6fe-f643-49ca-8082-d76e6860b6a7.png/v1/fill/w_622,h_350,q_70,strp/bleach_chapter_669_review__zaraki_s_bankai_by_tensazangetsu59_d9y5vq9-350t.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NTc2IiwicGF0aCI6IlwvZlwvMzNmNWRkYzAtYzc0NS00NDM2LTliZWMtZGEwNzIxN2JlODE1XC9kOXk1dnE5LTRiN2RhNmZlLWY2NDMtNDljYS04MDgyLWQ3NmU2ODYwYjZhNy5wbmciLCJ3aWR0aCI6Ijw9MTAyNCJ9XV0sImF1ZCI6WyJ1cm46c2VydmljZTppbWFnZS5vcGVyYXRpb25zIl19.CgcnU9fFiTV-on3GrCkIm78rshcFbt6NFWlHtfw23AY HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 6
X-Firefox-Spdy: h2
i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150489275472
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150489275472
IP 192.0.77.2:0
GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150489275472 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 10:47:11 GMT
content-type: text/html; charset=utf-8
x-nc: EXPIRED arn 7
X-Firefox-Spdy: h2
i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150599275461
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150599275461
IP 192.0.77.2:0
GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1174150599275461 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyazewasual.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 10:47:12 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 7
X-Firefox-Spdy: h2