GET hayatialyawmiya.blogspot.com/
200 OK 58 kB URL User Request GET HTTP/2 hayatialyawmiya.blogspot.com/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1148)
Hash a80bb409963850968892db99ad1b0c39
ed935f468b68a25c26c78f05714b7c7dfbab86b5
32467af1205b8879ca629a460b8c8c7c8324664fe8187d97334512b4680a94a6
GET / HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:23 GMT
date: Thu, 23 Nov 2023 15:44:23 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
etag: W/"2ef8bca76c55b21d2c0709ae80ff1772c16451a3749ab4b6b86efb9a44b3b132"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 58108
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET hayatialyawmiya.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL GET HTTP/3 hayatialyawmiya.blogspot.com/js/cookienotice.js
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Thu, 23 Nov 2023 15:44:23 GMT
expires: Thu, 30 Nov 2023 15:44:23 GMT
cache-control: public, max-age=604800
last-modified: Thu, 23 Nov 2023 14:53:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7485870457833928
200 OK 53 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7485870457833928
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3968)
Hash 3351c5231285968a86f2ebe7147616ec
1e6cb25a0eb1d66e9570cb3d16b62f87d07a47e5
ec08f8d08be4b3a973577ac95e02bdc14ac799b22de47a6b8cdcd7fff96c3c4d
GET /pagead/js/adsbygoogle.js?client=ca-pub-7485870457833928 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Nov 2023 15:44:23 GMT
expires: Thu, 23 Nov 2023 15:44:23 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11711174197124558851
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/owl.carousel.min.js
200 OK 5.7 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/owl.carousel.min.js
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (635)
Hash 88d0fe722f04973e2888b58a63aa0570
f947512e51f8ef4b15bba3f701de64e53a7f7f9b
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
GET /ajax/libs/owl-carousel/1.3.3/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 5743
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f3f-5d52"
last-modified: Mon, 04 May 2020 16:13:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 38569
expires: Tue, 12 Nov 2024 15:44:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2niKN1jTn8BU9b8x56P4xqRDCSjaFu%2FuHz%2FP5q9mSiK4A71ahiIu69L5u8uUnJXlamUArMvJm8y%2FTAO3pFZfvDqppKFcyz5QD4g9CO%2B6yAh4kbGlon4MoaZ5xXk%2FjH7%2FT5c7DLUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82aa8884dcc80b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
200 OK 30 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32038)
Hash f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 29929
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-176f8"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 128099
expires: Tue, 12 Nov 2024 15:44:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBWabAZgHIwuyqRg3W1M7%2BmVlAupAtQQfVrekFdc7gckmzw8%2Fzf7nO7MpuhnGl1zG9aFG98VvQ4TlKnQ2BVQ9Wvi7omkec%2BCxrmkHQTN8YE%2FMs7EX7PSEGzsnzuxWoDuqZ%2FMw4pC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82aa8884ece90b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/jquery.marquee/1.3.1/jquery.marquee.min.js
200 OK 2.0 kB URL GET HTTP/2 cdn.jsdelivr.net/jquery.marquee/1.3.1/jquery.marquee.min.js
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type HTML document, ASCII text, with very long lines (530)
Hash e2242d0e2ff6d845fdc7ebebf5f1273f
da81e6c22859f8037569104cd426ecaec1c3a8e5
0c474668e4325cc159ac1555013432e62325ac62d3dfe3dbae53bbeefc07b45b
GET /jquery.marquee/1.3.1/jquery.marquee.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"122f-2oHmwihZ+AN1aRBM1CbsrsHDqOU"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Nov 2023 15:44:23 GMT
age: 2648196
x-served-by: cache-fra-etou8220020-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1954
X-Firefox-Spdy: h2
GET www.dexpredict.com/a/display.php?r=3899835
204 No Content 0 B URL GET HTTP/2 www.dexpredict.com/a/display.php?r=3899835
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectdexpredict.com
Fingerprint91:74:31:3A:17:D8:FA:91:C9:D6:D4:04:19:22:65:A1:3C:38:DD:2B
ValiditySat, 28 Oct 2023 18:07:08 GMT - Fri, 26 Jan 2024 18:07:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=3899835 HTTP/1.1
Host: www.dexpredict.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 23 Nov 2023 15:44:23 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFk0K6Va8dGInqyESF6pH5qhhW3zpn9I1FiD6h37k017M6moRoT769HSkiJPhIQQaX9%2Bl1YEfF9Ic7j6P%2Fu%2FsGqQ%2Fulen%2BsufEhus7Dz47QYpVV%2FJWPDzj68MnfgPiYWedTmAvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88848c5956a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.dexpredict.com/a/display.php?r=3899807
204 No Content 0 B URL GET HTTP/2 www.dexpredict.com/a/display.php?r=3899807
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectdexpredict.com
Fingerprint91:74:31:3A:17:D8:FA:91:C9:D6:D4:04:19:22:65:A1:3C:38:DD:2B
ValiditySat, 28 Oct 2023 18:07:08 GMT - Fri, 26 Jan 2024 18:07:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=3899807 HTTP/1.1
Host: www.dexpredict.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 23 Nov 2023 15:44:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJFe29D2gFLci1v6YYiAuwbhm5cTjJYqEKiFzx6Kf89yOwfF0gRF6J9qIAFvzTD92J4G7mREJd7afImHJb3xtEM58q7KqeSSr%2FeoHsCn1%2FXNWuzKdVCpQfgEv%2F9nKLK0TpgHe5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88850d1156a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.blogger.com/static/v1/widgets/1897193141-widgets.js
200 OK 59 kB URL GET HTTP/3 www.blogger.com/static/v1/widgets/1897193141-widgets.js
IP
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint4A:89:9B:E5:F1:54:0E:2D:0A:8E:40:A8:27:DF:2E:6B:7F:74:51:90
ValidityMon, 23 Oct 2023 11:17:52 GMT - Mon, 15 Jan 2024 11:17:51 GMT
File type ASCII text, with very long lines (2258)
Hash a7702af194f7ed03dbf459c22f803db7
d5d4027fe53fb98160fd97a9d65d28395bc3a42b
72b56d06cc3995965996f7d90fd241e0a6fa1952474ddf2ded661ac20153c94b
GET /static/v1/widgets/1897193141-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 59218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 02:14:02 GMT
expires: Tue, 19 Nov 2024 02:14:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Nov 2023 00:54:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 307822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7485870457833928&plah=hayatialyawmiya.blogspot.com
200 OK 138 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7485870457833928&plah=hayatialyawmiya.blogspot.com
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (2106)
Size 138 kB (138526 bytes)
Hash 99b14a8032c69761f1099731fa73f510
1b7580c96408fc810014b549f36e1947f3a924b6
0b9132b8f7349d5986aeb4715196edc36986d3f4dc78da4b5856b0c5fdc60b5a
GET /pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7485870457833928&plah=hayatialyawmiya.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Nov 2023 15:44:24 GMT
expires: Thu, 23 Nov 2023 15:44:24 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 1787869011032012978
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 138526
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET 1.bp.blogspot.com/-UBdQoQR1REA/XXUYKf0vhvI/AAAAAAAAGp8/OnnuQmkMmtwZjFTF0JCerkF2QUa4WRPugCLcBGAs/s1600/iu6POQ.png
200 OK 935 B URL GET HTTP/2 1.bp.blogspot.com/-UBdQoQR1REA/XXUYKf0vhvI/AAAAAAAAGp8/OnnuQmkMmtwZjFTF0JCerkF2QUa4WRPugCLcBGAs/s1600/iu6POQ.png
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type PNG image data, 102 x 102, 8-bit colormap, non-interlaced\012- data
Hash 98c3a6df0ef14509860ee4a845bd141e
c521eff6f57921ea5eb9c2240fd8dd8d52102630
eb508cf1771c0d254ed665fcc50676c2bb8977eeef3155c9b1aa7a68598b7d36
GET /-UBdQoQR1REA/XXUYKf0vhvI/AAAAAAAAGp8/OnnuQmkMmtwZjFTF0JCerkF2QUa4WRPugCLcBGAs/s1600/iu6POQ.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1aa0"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="iu6POQ.png"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET 1.bp.blogspot.com/-Oib4kpIjD8Q/XaU-EJzVwUI/AAAAAAAAGzM/Ty_D9_1-xREmt2CPBD7uk5IDEDkbKp5pQCLcBGAsYHQ/s1600/t-go%2Bpak.jpg
200 OK 5.1 kB URL GET HTTP/3 1.bp.blogspot.com/-Oib4kpIjD8Q/XaU-EJzVwUI/AAAAAAAAGzM/Ty_D9_1-xREmt2CPBD7uk5IDEDkbKp5pQCLcBGAsYHQ/s1600/t-go%2Bpak.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 102x102, components 3\012- data
Hash d2cb3faf633d3c916d0c44fbbd259cc0
8a072cf4eb709672d80cf65288f2e72af8d53b44
856cec4c1db0b636b1f765451659e23cdb75c1e601853605ec1e73b4b4842ba4
GET /-Oib4kpIjD8Q/XaU-EJzVwUI/AAAAAAAAGzM/Ty_D9_1-xREmt2CPBD7uk5IDEDkbKp5pQCLcBGAsYHQ/s1600/t-go%2Bpak.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1b34"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="t-go pak.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 5135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET 1.bp.blogspot.com/-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s72-c/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg
200 OK 3.4 kB URL GET HTTP/2 1.bp.blogspot.com/-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s72-c/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b2170b529ffc678f37cc98ad048048d5
791088fe1fb3e55b8300afa8f603494df8813e6f
3f0b70ccecadde0bcdaf25cf6445d4942faf910a1e6d04607c48b016ab3e0d5d
GET /-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s72-c/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5a"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="soin des cheveux hayati alyawmiya.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 3392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.fontstatic.com/f=vip-hakm-bold
200 OK 9.8 kB URL GET HTTP/2 www.fontstatic.com/f=vip-hakm-bold
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectfontstatic.com
FingerprintF1:BA:85:F1:4A:E7:75:3E:27:68:ED:79:20:9A:14:F6:A6:E8:BE:B3
ValiditySat, 11 Nov 2023 10:49:55 GMT - Fri, 09 Feb 2024 10:49:54 GMT
File type Unicode text, UTF-8 text, with no line terminators
Hash 8219e8082d802cf9dd3a073892879d27
ff83c4814f028ca9be71db8ee868c4e9c3e75480
888dd76d6ed1bb45164c30c09d3dbfafdd24ef48f796f544616d71dbc4c7fbe3
GET /f=vip-hakm-bold HTTP/1.1
Host: www.fontstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:23 GMT
content-type: text/css; charset=UTF-8
pragma: no-cache
x-cache: MISS
x-proxy-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwR9Ema1l8UtWSlrZq0tz6BVqphlytMnPzn90vYSGvUF4wWIzQobeai%2BlpFVxUfjkY65UhSjMZrJ07YfjD7KyNjx%2BZ94Rgy%2FLVjUI3Wk7L%2FwJyH2RvOlFx5h3yrEhDPOAzQs7Ks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa8884cf2a5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET uprimp.com/slider.php?section=General&pub=241468&ga=g&side=random
200 OK 74 kB URL GET HTTP/2 uprimp.com/slider.php?section=General&pub=241468&ga=g&side=random
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
Hash aab37a125302dad6268198d4565559ce
83a84688a6f7be9bf525ef1a1905363cbef89110
17745e2fa71b2c02c4f4aa901a895961828a49c8681d265aeae20dec06a8cd2a
GET /slider.php?section=General&pub=241468&ga=g&side=random HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: application/javascript
expires: Thu, 23 Nov 2023 15:44:24 GMT
last-modified: Thu, 23 Nov 2023 15:44:24 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
GET 1.bp.blogspot.com/-RiEEzLzqNFs/X7FN9Z2U44I/AAAAAAAAAHs/RxkfakWS6iMTWpKEnuYJMnPOHfyANZY5QCK4BGAYYCw/s798/hayati%2Balyawmiya%2B%25D8%25AD%25D9%258A%25D8%25A7%25D8%25AA%25D9%258A%2B%25D8%25A7%25D9%2584%25D9%258A%25D9%2588%25D9%2585%25D9%258A%25D8%25A9.jpg
200 OK 11 kB URL GET HTTP/2 1.bp.blogspot.com/-RiEEzLzqNFs/X7FN9Z2U44I/AAAAAAAAAHs/RxkfakWS6iMTWpKEnuYJMnPOHfyANZY5QCK4BGAYYCw/s798/hayati%2Balyawmiya%2B%25D8%25AD%25D9%258A%25D8%25A7%25D8%25AA%25D9%258A%2B%25D8%25A7%25D9%2584%25D9%258A%25D9%2588%25D9%2585%25D9%258A%25D8%25A9.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 264x126, components 3\012- data
Hash 2759f726812d3f813c8326e2e08ee54c
17a78b781c33a2b8331245661c44389899a8bb30
c6a7c6e107dfbdbbd43b112d9e8307b64b0131c78eae786020d9fd13794d001d
GET /-RiEEzLzqNFs/X7FN9Z2U44I/AAAAAAAAAHs/RxkfakWS6iMTWpKEnuYJMnPOHfyANZY5QCK4BGAYYCw/s798/hayati%2Balyawmiya%2B%25D8%25AD%25D9%258A%25D8%25A7%25D8%25AA%25D9%258A%2B%25D8%25A7%25D9%2584%25D9%258A%25D9%2588%25D9%2585%25D9%258A%25D8%25A9.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v7c"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hayati alyawmiya _____ _______.jpg";filename*=UTF-8''hayati%20alyawmiya%20%D8%AD%D9%8A%D8%A7%D8%AA%D9%8A%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%D9%8A%D8%A9.jpg
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 11200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET code.jquery.com/jquery-1.7.2.min.js
200 OK 34 kB URL GET HTTP/2 code.jquery.com/jquery-1.7.2.min.js
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash b8d64d0bc142b3f670cc0611b0aebcae
abcd2ba13348f178b17141b445bc99f1917d47af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
GET /jquery-1.7.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-17278"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 23 Nov 2023 15:44:24 GMT
age: 5952063
x-served-by: cache-lga21955-LGA, cache-bma1682-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 8002
x-timer: S1700754265.612797,VS0,VE0
vary: Accept-Encoding
content-length: 33626
X-Firefox-Spdy: h2
GET www.fontstatic.com/fonts/sky/sky.woff
200 OK 72 kB URL GET HTTP/3 www.fontstatic.com/fonts/sky/sky.woff
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectfontstatic.com
FingerprintF1:BA:85:F1:4A:E7:75:3E:27:68:ED:79:20:9A:14:F6:A6:E8:BE:B3
ValiditySat, 11 Nov 2023 10:49:55 GMT - Fri, 09 Feb 2024 10:49:54 GMT
File type Web Open Font Format, TrueType, length 71524, version 1.0\012- data
Hash 07898378387f618cd444c82f36fc89a5
8ad881a9004c8258a23c5bde2526da64d1d4e698
1a6f4f68fdea10f9ae1d3c1d858fb2dc4e361528290d4c3a9a3404db3f6afbef
GET /fonts/sky/sky.woff HTTP/1.1
Host: www.fontstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://www.fontstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: application/font-woff
content-length: 71524
last-modified: Thu, 18 Jul 2019 17:50:00 GMT
etag: "5d30b148-11764"
access-control-allow-origin: *
x-proxy-cache: MISS
cache-control: max-age=432000
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNf7rX95H1kbvpKjn%2BZSfrnTcjutKZwKHsg5Iu9iZKTwoilfXoKrOwJtKDWtCsmzdWEfP0YfaVZ%2FRp9vTURh5Qt%2FBVXlWLTl%2F%2BmdeSyhSwoJVJZOJ2SkHDJtOigI5dJ66kVoxK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82aa888abf69569c-OSL
alt-svc: h3=":443"; ma=86400
GET 1.bp.blogspot.com/-DVQPjclz9dY/X5gnP2hB2RI/AAAAAAAAAGk/52pJtNMF5ckoDB6CfydpfM4JcqthdVmcACLcBGAsYHQ/s300/un%2Bnamed.jpg
200 OK 18 kB URL GET HTTP/2 1.bp.blogspot.com/-DVQPjclz9dY/X5gnP2hB2RI/AAAAAAAAAGk/52pJtNMF5ckoDB6CfydpfM4JcqthdVmcACLcBGAsYHQ/s300/un%2Bnamed.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, description=care for sensuality woman hands, software=Google], baseline, precision 8, 300x200, components 3\012- data
Hash e230d8396f45cecb185173854abf44c7
89f0e1ea05a3c37c1290bc7e25b25c02c36b1078
cb5349f2b950d0cb6e4d420ef5d4f388d130e2d58a26378f6f71acc0a1f40e1a
GET /-DVQPjclz9dY/X5gnP2hB2RI/AAAAAAAAAGk/52pJtNMF5ckoDB6CfydpfM4JcqthdVmcACLcBGAsYHQ/s300/un%2Bnamed.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6a"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="un named.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 17594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET 1.bp.blogspot.com/-LUmevcUcAZA/X5BNp7T_M6I/AAAAAAAAAFw/HwDBZILXtd8FGVaoX-7M7K_T6NwoNfaHgCLcBGAsYHQ/s300/Eczema%2Bhayatialyawmiya.jpg
200 OK 36 kB URL GET HTTP/3 1.bp.blogspot.com/-LUmevcUcAZA/X5BNp7T_M6I/AAAAAAAAAFw/HwDBZILXtd8FGVaoX-7M7K_T6NwoNfaHgCLcBGAsYHQ/s300/Eczema%2Bhayatialyawmiya.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x259, components 3\012- data
Hash 76f5d3cc4e4a13f3f353e079dbecc897
4d63fee290273e7a1275fd279be0a72aa0205585
15f802cb3a003f2bd36359955fbf81be9e918233061ebbb3a6daaa91a0eb7fbb
GET /-LUmevcUcAZA/X5BNp7T_M6I/AAAAAAAAAFw/HwDBZILXtd8FGVaoX-7M7K_T6NwoNfaHgCLcBGAsYHQ/s300/Eczema%2Bhayatialyawmiya.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5d"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Eczema hayatialyawmiya.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 35824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET 1.bp.blogspot.com/-KWuMuezMnbE/X5Pfj27bf4I/AAAAAAAAAGM/OkwDrmzTQDgX3LCDXnfKIj5nneX4gWMNQCLcBGAsYHQ/s300/vitiligo%2Bpourrait%2Bet%2Btraitement.jpg
200 OK 28 kB URL GET HTTP/3 1.bp.blogspot.com/-KWuMuezMnbE/X5Pfj27bf4I/AAAAAAAAAGM/OkwDrmzTQDgX3LCDXnfKIj5nneX4gWMNQCLcBGAsYHQ/s300/vitiligo%2Bpourrait%2Bet%2Btraitement.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x171, components 3\012- data
Hash 579ffd39c24865556c1fcc8cdf7e3224
621c0a6ce814eb798b981a12679e372e7ae352f4
86b54ad37b85569caa019ec43e6c8b0374205e3e7aac4e477ae7b55cc73a1c66
GET /-KWuMuezMnbE/X5Pfj27bf4I/AAAAAAAAAGM/OkwDrmzTQDgX3LCDXnfKIj5nneX4gWMNQCLcBGAsYHQ/s300/vitiligo%2Bpourrait%2Bet%2Btraitement.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v64"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="vitiligo pourrait et traitement.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 27900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET 1.bp.blogspot.com/-eJI0jvzKZqM/X5aaT8ohB-I/AAAAAAAAAGY/Kj-usv1OSKQqzsnxgs3sfvAutBsxjTXkQCLcBGAsYHQ/s300/koskos%2Bmarocain%2B.jpg
200 OK 57 kB URL GET HTTP/2 1.bp.blogspot.com/-eJI0jvzKZqM/X5aaT8ohB-I/AAAAAAAAAGY/Kj-usv1OSKQqzsnxgs3sfvAutBsxjTXkQCLcBGAsYHQ/s300/koskos%2Bmarocain%2B.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 298x300, components 3\012- data
Hash 74593ce261a87e1f945c273daf754396
7129f573cc1b1389a9af62e19de260fd179d26cf
99b239daa1cf0c9d27e487a3df1f18f34657afa9fee92b577b2eb385480b9a36
GET /-eJI0jvzKZqM/X5aaT8ohB-I/AAAAAAAAAGY/Kj-usv1OSKQqzsnxgs3sfvAutBsxjTXkQCLcBGAsYHQ/s300/koskos%2Bmarocain%2B.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v67"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="koskos marocain .jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 56860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET 1.bp.blogspot.com/-1yPH6qihID0/X5G_UMnnjzI/AAAAAAAAAGA/X7MdnPxU91oHXRTCye8dCcOdrbE1yyefgCLcBGAsYHQ/s300/kika%2Bchocolat%2B.jpg
200 OK 48 kB URL GET HTTP/3 1.bp.blogspot.com/-1yPH6qihID0/X5G_UMnnjzI/AAAAAAAAAGA/X7MdnPxU91oHXRTCye8dCcOdrbE1yyefgCLcBGAsYHQ/s300/kika%2Bchocolat%2B.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x255, components 3\012- data
Hash 43ef2839fbec10c3f6ab0fde3f2fb807
541ced11426db338932b1ef397dca509a21dfa63
2072277777be363cd63d957d663694c18bbf191c17bf9ba93b35c697868d1f84
GET /-1yPH6qihID0/X5G_UMnnjzI/AAAAAAAAAGA/X7MdnPxU91oHXRTCye8dCcOdrbE1yyefgCLcBGAsYHQ/s300/kika%2Bchocolat%2B.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v61"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kika chocolat .jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 48042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET uprimp.com/trk/?51380d28c7a12a6668c2367789765a42
200 OK 43 B URL GET HTTP/2 uprimp.com/trk/?51380d28c7a12a6668c2367789765a42
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /trk/?51380d28c7a12a6668c2367789765a42 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Cookie: used_ad2969584=1; total_impressions=1; cpa_673873=728x90_415634931_0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 23 Nov 2023 15:44:24 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
GET network.eonads.com/adserver/www/delivery/asyncjs.php
200 OK 5.8 kB URL GET HTTP/2 network.eonads.com/adserver/www/delivery/asyncjs.php
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type ASCII text, with CRLF line terminators
Hash 6cf6bfd8fe9e6cc15c631147ebe95a2d
c08ecb88645e83cfb49923dc6afbe55a65d154cb
9c8ef0b58afde9430dae903e53e99733e630f39c0d50e5a4cd11db601fcbe15f
GET /adserver/www/delivery/asyncjs.php HTTP/1.1
Host: network.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: text/javascript;charset=UTF-8
expire: Thu, 23 Nov 2023 16:44:24 GMT
cache-control: private, max-age=3600
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAGEO=2%7CNO%7CEU%7C%7CLorenskog%7C1470%7C59.9381%7C10.9551%7C500%7CEurope%2FOslo%7C%7C30%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; secure; SameSite=none
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNbM3cgJUM76lUx4wzAMapFdGslFxVXErLhR7x7C6DQ7vcd%2F12IMjQDJNF2N%2FkmrDjupb6KdgsN%2FDtE5ts3%2FkMWZwGLaoHzf6yEzzvXbm7M1fyVLsU4ghHcdS9umk7v%2FHR7qaF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88850f72568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 1.bp.blogspot.com/-Rdjl1qV1EUU/X41Fqy9CNfI/AAAAAAAAAFQ/hIVFCZ6ZPPkhlxfe7oUGGJOoNFB2pP_zQCLcBGAsYHQ/s300/M%25C3%25A9lasma%2Bhayati%2Balyawmiya.jpg
200 OK 25 kB URL GET HTTP/3 1.bp.blogspot.com/-Rdjl1qV1EUU/X41Fqy9CNfI/AAAAAAAAAFQ/hIVFCZ6ZPPkhlxfe7oUGGJOoNFB2pP_zQCLcBGAsYHQ/s300/M%25C3%25A9lasma%2Bhayati%2Balyawmiya.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 238x300, components 3\012- data
Hash 5abc37e49fd5ea978149cbe0d8819a6a
34da41353011b02924584c9a8f47ed5d7863b58d
301dbbd0dada5317f0de02d024b635cffdd5c54d7924e07f55b8726ef8bac6b7
GET /-Rdjl1qV1EUU/X41Fqy9CNfI/AAAAAAAAAFQ/hIVFCZ6ZPPkhlxfe7oUGGJOoNFB2pP_zQCLcBGAsYHQ/s300/M%25C3%25A9lasma%2Bhayati%2Balyawmiya.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v55"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="M_lasma hayati alyawmiya.jpg";filename*=UTF-8''M%C3%A9lasma%20hayati%20alyawmiya.jpg
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 25006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s72-c/masque%20bavette.webp
200 OK 4.3 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s72-c/masque%20bavette.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 97c8d73978806cf2996f65067d2b450f
84ea252d0e3c5f18c115def4e34109e30366cddb
700bb90e105fc1c11f3f39816cac2c3e9eeab577904a0413d8ae5971dcebc638
GET /img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s72-c/masque%20bavette.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve2"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="masque bavette.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 4282
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s300/masque%20bavette.webp
200 OK 9.8 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s300/masque%20bavette.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 176x99, components 3\012- data
Hash 97c21a7caa94feca1f42a51b4afcde15
2aece69458f47c7a3065a28cd74bdd7fae925e41
1da1e2e964d082e8fe4c24a45752ef8d053075b39d8176299e77a168ce55d1a9
GET /img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s300/masque%20bavette.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve2"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="masque bavette.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 9787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET woafoame.net/4/5705957
403 Forbidden 7 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectwoafoame.net
FingerprintE3:2F:7A:22:82:C1:58:3E:ED:8E:C3:CB:C7:B7:63:74:00:74:85:61
ValidityMon, 11 Sep 2023 05:16:15 GMT - Sun, 10 Dec 2023 05:16:14 GMT
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /4/5705957 HTTP/1.1
Host: woafoame.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: text/plain; charset=utf-8
content-length: 7
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s300/cancer-de-peau.webp
200 OK 7.7 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s300/cancer-de-peau.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 176x99, components 3\012- data
Hash f86acd4d1a7f55a75408e377af4e6c5f
fd812aeece0f467fac131045f260433347dfa943
d0102116842b9ab9d3f3ce34ab514811a9ba53dd5298979c3ee43ddcb6745d17
GET /img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s300/cancer-de-peau.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "vdd"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cancer-de-peau.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 7705
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s72-c/cancer-de-peau.webp
200 OK 3.1 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s72-c/cancer-de-peau.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a74e76da16cae83bada2fb1e2af99504
d9437f9acd1d93ed00e79135532214af4052ed01
715149edd2b3095d6400c823caf02172d1150f678b9467e572429d38dc98ed63
GET /img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s72-c/cancer-de-peau.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "vdd"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cancer-de-peau.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 3135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s72-c/bicarbonate-de-soude-hayati-alyawmiya%20.webp
200 OK 3.8 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s72-c/bicarbonate-de-soude-hayati-alyawmiya%20.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 698b11670bc58bbb5ee8376588053654
66d59fb7af964fab366085b1f2959431d3804b67
6e44dc164a67d78d08ef42d79494f4047e9cd3e0c9403b38b3c8705a74d48e60
GET /img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s72-c/bicarbonate-de-soude-hayati-alyawmiya%20.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve8"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bicarbonate-de-soude-hayati-alyawmiya .jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 3754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s16000/cancer-de-peau.webp
200 OK 6.9 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s16000/cancer-de-peau.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 176x99, components 3\012- data
Hash 69614497e40e6ed5f60f0cbd1ca422ee
6ab5f8e1ddd9cb940d5715902acaaa0db9ef14fe
a3b989f93dd339a22ade7b2d294ee6e32655440fa26fb14eb608d8f8db24097f
GET /img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s16000/cancer-de-peau.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "vdd"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cancer-de-peau.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 6865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s300/bicarbonate-de-soude-hayati-alyawmiya%20.webp
200 OK 8.5 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s300/bicarbonate-de-soude-hayati-alyawmiya%20.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 176x100, components 3\012- data
Hash 035ebdb5264d4b3c32969a659d2ed714
c03a1e70133aaf5fa9dd35f6bb19d64d8ad2e115
7579429ce247f0ba334501b8c679e7e70a804c73693a62c813c75ba65bf48913
GET /img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s300/bicarbonate-de-soude-hayati-alyawmiya%20.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve8"
expires: Fri, 24 Nov 2023 15:44:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bicarbonate-de-soude-hayati-alyawmiya .jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:25 GMT
server: fife
content-length: 8506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 23:43:03 GMT
expires: Tue, 19 Nov 2024 23:43:03 GMT
cache-control: public, max-age=31536000
age: 230482
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET respectfulpleaabsolve.com/891bd40e5d3244391ce95100ac1b86fb/invoke.js
403 Forbidden 0 B URL GET HTTP/1.1 respectfulpleaabsolve.com/891bd40e5d3244391ce95100ac1b86fb/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectrespectfulpleaabsolve.com
Fingerprint8D:4F:C6:56:ED:3E:7D:03:C2:13:F0:0C:33:55:BC:C3:F7:27:56:6F
ValiditySun, 29 Oct 2023 07:36:54 GMT - Sat, 27 Jan 2024 07:36:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /891bd40e5d3244391ce95100ac1b86fb/invoke.js HTTP/1.1
Host: respectfulpleaabsolve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Thu, 23 Nov 2023 15:44:25 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
GET uwoaptee.com/zone?pub=0&zone_id=4773408&is_mobile=false&domain=hayatialyawmiya.blogspot.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
200 OK 911 B URL GET HTTP/2 uwoaptee.com/zone?pub=0&zone_id=4773408&is_mobile=false&domain=hayatialyawmiya.blogspot.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
File type JSON data\012- , ASCII text, with very long lines (910)
Hash b2075d64e6078554a85307455227cfd8
2386ca9b51c98b31d3189c4a5637351a79047a8b
27fc7979baa7b807402bcd2012df8267f2bd2fb2b3c40e1b22c53c8e4041855b
GET /zone?pub=0&zone_id=4773408&is_mobile=false&domain=hayatialyawmiya.blogspot.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: application/json; charset=utf-8
content-length: 911
x-trace-id: f180628ccb56e0481067e220e5805c0d
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
GET maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
200 OK 57 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: font/woff2
content-length: 56780
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:19
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5f71a0c76e6a21742cccb33458eda75e
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82aa88920aec5687-OSL
alt-svc: h3=":443"; ma=86400
GET my.rtmark.net/gid.js?userId=36ec6547686e43ed87323b0b327624a3
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=36ec6547686e43ed87323b0b327624a3
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type JSON data\012- , ASCII text
Hash 88c1add5e6b1328d5d22e017a16520ee
1aebbf0574142a47935667f1fd73be493cc19084
e608368b51d63cdcfd71ef0c222af697a7f93c13177afb67d77da5b665aba889
GET /gid.js?userId=36ec6547686e43ed87323b0b327624a3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=36ec6547686e43ed87323b0b327624a3; expires=Fri, 22 Nov 2024 15:44:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET uwoaptee.com/pfe/current/tag.min.js?z=4773408
200 OK 5.8 kB URL GET HTTP/2 uwoaptee.com/pfe/current/tag.min.js?z=4773408
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 0aaad1554b9004627eacb24bf4b417eb
00a74d6895f70c3b92cd44bef2cb53d9d5b0008a
da3b9b5563ea4edd255792f9eca3c5a832dcc8a6dd3dc044bc8bd101d89bf42c
GET /pfe/current/tag.min.js?z=4773408 HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 13:59:39 GMT
etag: W/"655e094b-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
GET cameesse.net/1?z=4030715
404 Not Found 7 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT
File type ASCII text, with no line terminators
Hash 3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /1?z=4030715 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: bbf4247154c116835ed9489456d064df
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Fri, 22 Nov 2024 15:44:26 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET vooculok.com/400/4751071
200 OK 33 kB IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectvooculok.com
Fingerprint06:82:A2:A7:A0:5A:19:BE:22:4B:9C:7C:10:4D:81:24:49:42:3F:B7
ValiditySat, 16 Sep 2023 05:07:42 GMT - Fri, 15 Dec 2023 05:07:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b66d73a732bc2bd83430c3f1cfef839
79f5bcfaee1b340f4b3ebbc76d1b79de336b36b1
9433e49c9ff75f35f52502196262e394b710fbab53cf5fd43b2d42434c5d7b77
GET /400/4751071 HTTP/1.1
Host: vooculok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: application/javascript
x-trace-id: 95e6d66cf245e5a7640329d44904a782
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=1d1cbc3e082547c7afcc51ad6dae143a; expires=Fri, 22 Nov 2024 15:44:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET ibrapush.com/zone?pub=0&zone_id=4030716&is_mobile=false&domain=hayatialyawmiya.blogspot.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
200 OK 880 B URL GET HTTP/2 ibrapush.com/zone?pub=0&zone_id=4030716&is_mobile=false&domain=hayatialyawmiya.blogspot.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectibrapush.com
FingerprintAC:F6:AB:6F:AB:34:17:90:49:79:7B:7C:FD:CE:24:5B:02:33:E5:E2
ValidityFri, 10 Nov 2023 10:01:20 GMT - Thu, 08 Feb 2024 10:01:19 GMT
File type JSON data\012- , ASCII text, with very long lines (879)
Hash c1e73f8a5d3debc5c2586939bc4540e7
4a332474f6275d21719a10ed83aec8af61616ea4
20d46abb3edb06e1384e98ab82dc4aef9aa62931b9b8230100409913b375ea85
GET /zone?pub=0&zone_id=4030716&is_mobile=false&domain=hayatialyawmiya.blogspot.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 611c47d157a7a95bacf4ae875f6d9193
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
GET 1.bp.blogspot.com/-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s220/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg
200 OK 9.6 kB URL GET HTTP/3 1.bp.blogspot.com/-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s220/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 191x146, components 3\012- data
Hash 64b3b3652460b1d705038302376914a6
5f503513978180fc80654bb1b2e5e5711f485062
90fed0866a1f1af0c9a638115e3ce606f412a506ca399e8e7e0e7709adb65348
GET /-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s220/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5a"
expires: Fri, 24 Nov 2023 15:44:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="soin des cheveux hayati alyawmiya.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:26 GMT
server: fife
content-length: 9618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL POST HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1356
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 23 Nov 2023 15:44:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://hayatialyawmiya.blogspot.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
GET uprimp.com/trk/?3b9986180e33f353ec46789a47d2bb7c
200 OK 43 B URL GET HTTP/2 uprimp.com/trk/?3b9986180e33f353ec46789a47d2bb7c
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /trk/?3b9986180e33f353ec46789a47d2bb7c HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Cookie: used_ad2969584=1; total_impressions=2; cpa_673873=160x600_415634931_5; used_ad2938102=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 23 Nov 2023 15:44:26 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s220/cancer-de-peau.webp
200 OK 7.7 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s220/cancer-de-peau.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 176x99, components 3\012- data
Hash f86acd4d1a7f55a75408e377af4e6c5f
fd812aeece0f467fac131045f260433347dfa943
d0102116842b9ab9d3f3ce34ab514811a9ba53dd5298979c3ee43ddcb6745d17
GET /img/b/R29vZ2xl/AVvXsEjSmH2c8w_e11X0mSi662zrk2gDRn0Il6T3hMcCECBVlVEKWfVTtmtmg4HUI2QhTJmkdVXiq2Fh1ATglU8Fn4qwTO6xxvN90IxZ6bNUSMU0RYIzyDp1ptdZAG6J5GojSHdkLcT8T9CBHaV7NNDX5C8D6F6cT_2GP-wDCaHG_mzCh6mPz5ogG9f1xV2_NwM/s220/cancer-de-peau.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "vdd"
expires: Fri, 24 Nov 2023 15:44:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cancer-de-peau.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:26 GMT
server: fife
content-length: 7705
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=jQuery11130530690088759337_1700754268419&_=1700754268420
200 OK 10 kB URL GET HTTP/3 hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=jQuery11130530690088759337_1700754268419&_=1700754268420
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type Unicode text, UTF-8 text, with very long lines (52933)
Hash d76bec671aeadb2c8eaf7ef413d1e1b7
33b800d401f9a0e6b0c752d5b559ad9036dec52f
f5a5791c75eb5e3b8dbd7b1e929a6e16973a1fed6ed05ff2cb442f9d1349800a
GET /feeds/posts/summary?alt=json-in-script&callback=jQuery11130530690088759337_1700754268419&_=1700754268420 HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"9922b230401b849298c6b15c8f84cc0e966f37bf411aa5e32b143c55fa80fc1a"
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Thu, 23 Nov 2023 15:44:27 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
content-encoding: gzip
content-length: 10442
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=jQuery11130530690088759337_1700754268421&_=1700754268422
200 OK 10 kB URL GET HTTP/3 hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=jQuery11130530690088759337_1700754268421&_=1700754268422
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type Unicode text, UTF-8 text, with very long lines (52933)
Hash 0d7f34efeca410075f52cb35f3cf8614
15938cccd17a6f31231b217992923fdeaf650129
74e70dc6c62613a33b8192f109631e2b62148f0ce5897f9e4cf848094e1b78b4
GET /feeds/posts/summary?alt=json-in-script&callback=jQuery11130530690088759337_1700754268421&_=1700754268422 HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"9922b230401b849298c6b15c8f84cc0e966f37bf411aa5e32b143c55fa80fc1a"
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Thu, 23 Nov 2023 15:44:27 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
content-encoding: gzip
content-length: 10442
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET hayatialyawmiya.blogspot.com/?callback=jQuery11130530690088759337_1700754268423&_=1700754268424
200 OK 58 kB URL GET HTTP/3 hayatialyawmiya.blogspot.com/?callback=jQuery11130530690088759337_1700754268423&_=1700754268424
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1148)
Hash 8d2bf6a5c916a98136816ecfb98641a3
3d5313ede1bd3f82a6b5e8af30b66fa6d3fcdf40
8988d41bcad26b08d24af12042a3da894c77c2b802a499c3a611f62206e6c28f
GET /?callback=jQuery11130530690088759337_1700754268423&_=1700754268424 HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:26 GMT
date: Thu, 23 Nov 2023 15:44:26 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
etag: W/"2ef8bca76c55b21d2c0709ae80ff1772c16451a3749ab4b6b86efb9a44b3b132"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 58111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
200 OK 28 kB URL GET HTTP/2 uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/banner_show.php?section=General&pub=241468&format=160x600&ga=g&slider=a3a29ee2fe0801e13ed79846bf41be0b
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
Hash bd872de39d5fa8e83d5bd4cf46f231cb
e8cbf29888406b3dfeb4d3448fc9e3cefedff042
0b39ade0ed7bc49b1bc45d133e9af1cf16e286e2ad492cea0e832200d5a4aec5
GET /show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw== HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/banner_show.php?section=General&pub=241468&format=160x600&ga=g&slider=a3a29ee2fe0801e13ed79846bf41be0b
Cookie: used_ad2969584=1; total_impressions=2; cpa_673873=160x600_415634931_5; used_ad2938102=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:26 GMT
last-modified: Thu, 23 Nov 2023 15:44:26 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s220/bicarbonate-de-soude-hayati-alyawmiya%20.webp
200 OK 8.5 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s220/bicarbonate-de-soude-hayati-alyawmiya%20.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 176x100, components 3\012- data
Hash 035ebdb5264d4b3c32969a659d2ed714
c03a1e70133aaf5fa9dd35f6bb19d64d8ad2e115
7579429ce247f0ba334501b8c679e7e70a804c73693a62c813c75ba65bf48913
GET /img/b/R29vZ2xl/AVvXsEjgiUKF_qC3nRZvb2luk9l3ab6Brl02eaCLY7S_CgjCtnSEMLGCLvcmmm1BzUoczd8usul8TgicA-oh1pC3Zv1I6kDLvnkSqekXINxBt8hXsq3v2FjyoQxXqn6fYa-1Bsavzfm0GUjyjD1HYdlywRcrmtSArWLqKa7W_O23ZXkOB7JznQMYWQM7jcO6s18/s220/bicarbonate-de-soude-hayati-alyawmiya%20.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve8"
expires: Fri, 24 Nov 2023 15:44:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bicarbonate-de-soude-hayati-alyawmiya .jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:26 GMT
server: fife
content-length: 8506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s220/masque%20bavette.webp
200 OK 9.8 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s220/masque%20bavette.webp
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 176x99, components 3\012- data
Hash 97c21a7caa94feca1f42a51b4afcde15
2aece69458f47c7a3065a28cd74bdd7fae925e41
1da1e2e964d082e8fe4c24a45752ef8d053075b39d8176299e77a168ce55d1a9
GET /img/b/R29vZ2xl/AVvXsEhJ4ttBuZ3OCy4Xrc3xmj7XT2b__9cbSvZi83tOgyrAymChLEFw-B74fcVqbx_B59biVzRmrVtFciQ_5yt1aecRGbyeJcxcQcibbcRQH31yLl4dwXV1n8t7Tvi1JeSCn88v3iJ01PyEZ5icEHtO_0ai5HYaqYMJ2-sibfd2klZlKzttYzrnb_Tb5B9J60w/s220/masque%20bavette.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve2"
expires: Fri, 24 Nov 2023 15:44:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="masque bavette.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:27 GMT
server: fife
content-length: 9787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET ylx-i.advertica-cdn2.com/aff/pub_le6kgi.png?1480419362
34 kB URL GET ylx-i.advertica-cdn2.com/aff/pub_le6kgi.png?1480419362
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectylx-i.advertica-cdn2.com
Fingerprint7C:93:9D:F8:EE:CE:92:76:58:F1:1E:7A:3B:AE:C8:96:A7:4D:CD:71
ValiditySat, 14 Oct 2023 09:35:22 GMT - Fri, 12 Jan 2024 09:35:21 GMT
File type PNG image data, 160 x 600, 8-bit colormap, non-interlaced\012- data
Hash 9e1f3ccb4e70053bf41b11f7051e2893
3cb8a137d9eb9f4edff1e074aaea8f91ad6fb423
c0b786773b8199074400ae53a7d18d0af81359e240a51e69c9e97482e7281b76
GET /aff/pub_le6kgi.png?1480419362 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2016 11:36:02 GMT
etag: W/"583d6822-8610"
expires: Sat, 23 Dec 2023 15:44:26 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
GET pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
200 OK 12 kB URL GET HTTP/3 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type JSON data\012- , ASCII text, with very long lines (16146), with no line terminators
Hash 41c0e8abde8491fea463e6215af32663
87794d4fc9768a8a79d8401220e7528834e88986
a5c1b327f297599d66621eb4c2c190f321589ced1524f2c19f307b706ee4c669
GET /getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 23 Nov 2023 15:44:27 GMT
server: cafe
content-length: 12180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET network.eonads.com/app/ads_images/1642073327.jpg
200 OK 19 kB URL GET HTTP/3 network.eonads.com/app/ads_images/1642073327.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type JPEG image data, progressive, precision 8, 320x240, components 3\012- data
Hash 0096b89e0141a5ee956cf235b1037635
8bea254a7100597e76c431a43e8060bec41e5952
7e291a3840847a461b92e74e444a89af66a2d68b3834f12b8b9337a32e0806b4
GET /app/ads_images/1642073327.jpg HTTP/1.1
Host: network.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAGEO=2%7CNO%7CEU%7C%7CLorenskog%7C1470%7C59.9381%7C10.9551%7C500%7CEurope%2FOslo%7C%7C30%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=7e4e48eb76a4295bdac069475754d00a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: image/jpeg
content-length: 18739
last-modified: Fri, 08 Apr 2022 17:19:02 GMT
etag: "4933-5dc27ca7672d7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5819
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLJiMEw4Pc45j%2BbEnzQZeYz85R5og7PPkp8CsFV0XYMR2P7DXsuUj7QTnKj%2BhNl1G7cbEsGqzWRmS99K%2FmIrfgp6j9kMToWvLFQDbSyZ1%2BxRNpEQegFzxbDCC%2FonKj8BTeCYqfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82aa88992b70b500-OSL
alt-svc: h3=":443"; ma=86400
GET uprimp.com/banner_show.php?section=General&pub=241468&format=160x600&ga=g&slider=a3a29ee2fe0801e13ed79846bf41be0b
200 OK 1.4 kB URL GET HTTP/2 uprimp.com/banner_show.php?section=General&pub=241468&format=160x600&ga=g&slider=a3a29ee2fe0801e13ed79846bf41be0b
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1412)
Hash 7d89148e949ec840805dfc8dfe4f39ea
9804eb27c9a36c23f86022fecadcaae351760a83
3155cd4e5a7fe23b400e7fcee626bca421d9cac0c53d97790ec38e415ef510c4
GET /banner_show.php?section=General&pub=241468&format=160x600&ga=g&slider=a3a29ee2fe0801e13ed79846bf41be0b HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: used_ad2969584=1; total_impressions=1; cpa_673873=728x90_415634931_0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:26 GMT
last-modified: Thu, 23 Nov 2023 15:44:26 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2938102=1; expires=Fri, 24-Nov-2023 05:00:00 GMT; Max-Age=47734; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None
total_impressions=2; expires=Fri, 24-Nov-2023 05:00:00 GMT; Max-Age=47734; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None
cpa_673873=160x600_415634931_5; expires=Sat, 23-Dec-2023 15:44:26 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None
X-Firefox-Spdy: h2
GET vooculok.com/500/4751071?excludes=&oaid=j5mi845083qq530254907s6l9yhxx181&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1
200 OK 978 B URL GET HTTP/2 vooculok.com/500/4751071?excludes=&oaid=j5mi845083qq530254907s6l9yhxx181&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectvooculok.com
Fingerprint06:82:A2:A7:A0:5A:19:BE:22:4B:9C:7C:10:4D:81:24:49:42:3F:B7
ValiditySat, 16 Sep 2023 05:07:42 GMT - Fri, 15 Dec 2023 05:07:41 GMT
File type JSON data\012- , ASCII text, with very long lines (978), with no line terminators
Hash e2b33700eddff8b2ef94aaa39657312d
f22294dba53236d5ef8d421e7fe09b40ac6c3191
a669bd395d1bdd560767df8f9fa363178372447f67b03e396e3bb50629eacc89
GET /500/4751071?excludes=&oaid=j5mi845083qq530254907s6l9yhxx181&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1 HTTP/1.1
Host: vooculok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAID=1d1cbc3e082547c7afcc51ad6dae143a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/javascript
content-length: 978
x-trace-id: 931a30916ca69a6b7b24a104b5488bb3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=j5mi845083qq530254907s6l9yhxx181; expires=Fri, 22 Nov 2024 15:44:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET network.eonads.com/adserver/www/delivery/asyncjs.php
200 OK 5.9 kB URL GET HTTP/2 network.eonads.com/adserver/www/delivery/asyncjs.php
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type ASCII text, with CRLF line terminators
Hash 6cf6bfd8fe9e6cc15c631147ebe95a2d
c08ecb88645e83cfb49923dc6afbe55a65d154cb
9c8ef0b58afde9430dae903e53e99733e630f39c0d50e5a4cd11db601fcbe15f
GET /adserver/www/delivery/asyncjs.php HTTP/1.1
Host: network.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAGEO=2%7CNO%7CEU%7C%7CLorenskog%7C1470%7C59.9381%7C10.9551%7C500%7CEurope%2FOslo%7C%7C30%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/javascript;charset=UTF-8
expire: Thu, 23 Nov 2023 16:44:26 GMT
cache-control: private, max-age=3600
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLtcirlw0nZfU4zEUDX1az1t8%2F1m7x1w8nXGQ6g9kZhk7HdAAAoT%2BiUWeTIVO1h5ltsFSrP%2BwuaSuLaW6CvhiNRCWsZsvKrYvelPZJH0vKHcsc8ToQfCESUk%2B4cNzCaEOSrCTu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88915d7eb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET network.eonads.com/adserver/www/delivery/asyncspc.php?zones=21936&prefix=eonads-0-&hash=897623fd7b123eee3c6d7c5ff7f4985d&referer=&loc=https://hayatialyawmiya.blogspot.com/OAID=meta=
200 OK 7.2 kB URL GET HTTP/3 network.eonads.com/adserver/www/delivery/asyncspc.php?zones=21936&prefix=eonads-0-&hash=897623fd7b123eee3c6d7c5ff7f4985d&referer=&loc=https://hayatialyawmiya.blogspot.com/OAID=meta=
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type JSON data\012- , ASCII text, with very long lines (1845), with no line terminators
Hash fa09ae7800fd52cdb2ee33afae7c65c0
3f7435aa65fff50387e97cb873c19edc5ba5898d
5aff5e2b7f6830450d2155eab3a927fd55e17c8c4838bbbebbccd781970ef247
GET /adserver/www/delivery/asyncspc.php?zones=21936&prefix=eonads-0-&hash=897623fd7b123eee3c6d7c5ff7f4985d&referer=&loc=https://hayatialyawmiya.blogspot.com/OAID=meta= HTTP/1.1
Host: network.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAGEO=2%7CNO%7CEU%7C%7CLorenskog%7C1470%7C59.9381%7C10.9551%7C500%7CEurope%2FOslo%7C%7C30%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: application/json
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=7e4e48eb76a4295bdac069475754d00a; expires=Fri, 22-Nov-2024 15:44:26 GMT; Max-Age=31536000; path=/; secure; SameSite=none
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNpxI64i8P65zFJQjq5ypno2KBShOMS9ic6CAqoAXjg8Ginu6JzPTnV7Uo1yBPLEItuXctfZRp4kMAah0Q%2FAioL15N7tdZhY9d7BS5aAzpccb4vAujJV5cZDt6DVLfjjuqLTaYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88951c7ab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST uwoaptee.com/custom
200 OK 0 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
GET my.rtmark.net/gid.js?pub=0&userId=20fe8e5f14794d0ab2c313c73020d410&zoneId=4773408&checkDuplicate=true&ymid=&var=
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?pub=0&userId=20fe8e5f14794d0ab2c313c73020d410&zoneId=4773408&checkDuplicate=true&ymid=&var=
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type JSON data\012- , ASCII text
Hash 88c1add5e6b1328d5d22e017a16520ee
1aebbf0574142a47935667f1fd73be493cc19084
e608368b51d63cdcfd71ef0c222af697a7f93c13177afb67d77da5b665aba889
GET /gid.js?pub=0&userId=20fe8e5f14794d0ab2c313c73020d410&zoneId=4773408&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Cookie: ID=36ec6547686e43ed87323b0b327624a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=36ec6547686e43ed87323b0b327624a3; expires=Fri, 22 Nov 2024 15:44:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL GET HTTP/3 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash 1d3d22df067f5219073f9c0fabb74fdd
d5c226022639323d93946df3571404116041e588
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 14:48:57 GMT
expires: Fri, 22 Nov 2024 14:48:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 3330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST uwoaptee.com/custom
200 OK 0 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
POST uwoaptee.com/custom
200 OK 39 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Content-Type: application/json
Content-Length: 389
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d698668bf5227e96464fca7c20589a4b
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
POST uwoaptee.com/custom
200 OK 39 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Content-Type: application/json
Content-Length: 768
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8e52266e79f189dfea110b336084999d
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
POST amunfezanttor.com/event
200 OK 0 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
GET www.fontstatic.com/f=jazeera-light
200 OK 6.5 kB URL GET HTTP/2 www.fontstatic.com/f=jazeera-light
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectfontstatic.com
FingerprintF1:BA:85:F1:4A:E7:75:3E:27:68:ED:79:20:9A:14:F6:A6:E8:BE:B3
ValiditySat, 11 Nov 2023 10:49:55 GMT - Fri, 09 Feb 2024 10:49:54 GMT
File type Unicode text, UTF-8 text, with no line terminators
Hash 0aaf5978c25da75688d78469c422e44f
a1e53e383f77e892a74d049104ee4f7bea3bec30
7673c5af8e6c718882b4c7f3448f301c6dd5f6455b9a27727c107876315e808b
GET /f=jazeera-light HTTP/1.1
Host: www.fontstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:23 GMT
content-type: text/css; charset=UTF-8
pragma: no-cache
x-cache: MISS
x-proxy-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XerYUkx3pOBoQiVV2ef1dEbTpQjpRFFzrbr%2F%2FBBeZG%2FM6PNzftS3pZmgbTQgpHvpPAZPhNoO4rbotEq5iHC7JSTUjh1avRBESsrQwJrgtBethnNEBAdghjw7Xfm0g14Q2%2F708M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa8884aeca5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
15 kB URL pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (38861)
Hash 4c0f9dcb1e49b3b2b0754da004114330
eed6c052d4165a9f6bc4f4161ecd6a7d6e022746
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
GET /bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15296
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 14:49:01 GMT
expires: Fri, 22 Nov 2024 14:49:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 3326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST amunfezanttor.com/event
200 OK 0 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
POST amunfezanttor.com/event
200 OK 94 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
File type JSON data\012- , ASCII text
Hash 222f8b0b8c808be08d9c393d51b1c2d4
7a9150be252009bc6a6b75ccbf726eeaf93f99a9
8c1e2d0e0a83cb42dc477d031a5f0640b77f7759597ab9515a9329b2e0944f7c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Content-Type: application/json
Content-Length: 513
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
POST amunfezanttor.com/event
200 OK 94 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
File type JSON data\012- , ASCII text
Hash e00a1640f388945c5385adb47fab3627
62abf1f568b9fa9504fed23f15848ce1a5bb422b
d1757d45fbd4b668862d1a10ebf1550f28b0a87a9e33ea2c31c4e25cc285311f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Content-Type: application/json
Content-Length: 513
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
POST amunfezanttor.com/event
200 OK 0 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
GET static.cdnativepush.com/contents/s/d7/6a/4c/0ac206c678a3bd2466b4e28d4c/0306982963500.png
200 OK 9.4 kB URL GET HTTP/2 static.cdnativepush.com/contents/s/d7/6a/4c/0ac206c678a3bd2466b4e28d4c/0306982963500.png
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectcdnativepush.com
FingerprintA7:31:D7:D2:72:39:F2:36:EB:F2:8D:4D:54:F6:6B:CF:DC:26:BD:F9
ValidityMon, 02 Oct 2023 05:07:06 GMT - Sun, 31 Dec 2023 05:07:05 GMT
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash d76a4c0ac206c678a3bd2466b4e28d4c
d05cdca386f63e63ec29246b0da3a75eccfe88b7
690eb62ca043c991ddfda07c229c8759b3beaa76300c8f017a6ec08dc2390069
GET /contents/s/d7/6a/4c/0ac206c678a3bd2466b4e28d4c/0306982963500.png HTTP/1.1
Host: static.cdnativepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: image/png
content-length: 9440
last-modified: Mon, 11 Sep 2023 11:07:35 GMT
vary: Accept-Encoding
etag: "64fef4f7-24e0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
POST amunfezanttor.com/event
200 OK 94 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT
File type JSON data\012- , ASCII text
Hash 476ce138608f2df07bf8949aee6aafad
15fb1402f3b36e160fad45032bd69803b4146678
8560eed3372deb76a2a55d01494d65e0839cd26d7c243d73e5ea527a83623dd2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Content-Type: application/json
Content-Length: 513
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
POST uwoaptee.com/custom
200 OK 39 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Content-Type: application/json
Content-Length: 390
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: dc30136e9e063f1319d02941f914876d
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
0 B URL tpc.googlesyndication.com/generate_204?wQDSww
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?wQDSww HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:44:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&max-results=10&callback=jQuery11130530690088759337_1700754268421&_=1700754268426
200 OK 6.3 kB URL GET HTTP/3 hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&max-results=10&callback=jQuery11130530690088759337_1700754268421&_=1700754268426
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type Unicode text, UTF-8 text, with very long lines (26509)
Hash 45e57e6f471c6998b1a07fc985755e0f
b94b03fe0b644f10d2dbe124e96323cfae149970
6f6d5b281ba3283f7e937bcb0a3e3bb169ddaa9b8a3db8698dbcb0f8e4fd5cf2
GET /feeds/posts/summary?alt=json-in-script&max-results=10&callback=jQuery11130530690088759337_1700754268421&_=1700754268426 HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
content-encoding: gzip
etag: W/"31d970b40f11f2816b282a102609daf0dfcaa423e4e6ef6cf86ca4b9ef4c0689"
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
expires: Thu, 23 Nov 2023 15:44:28 GMT
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
content-length: 6337
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3630416829836811&rc=
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3630416829836811&rc=
IP
Requested by https://www.google.com/recaptcha/api2/aframe
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3630416829836811&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:27 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL GET HTTP/3 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint4A:89:9B:E5:F1:54:0E:2D:0A:8E:40:A8:27:DF:2E:6B:7F:74:51:90
ValidityMon, 23 Oct 2023 11:17:52 GMT - Mon, 15 Jan 2024 11:17:51 GMT
File type ASCII text, with very long lines (30596)
Hash e3f09df1bc175f411d1ec3dfb5afb17b
3994ec3efe3c2447e7bbfdd97bb7e190dd1658f9
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analytics.eonads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:21:59 GMT
expires: Fri, 15 Nov 2024 23:21:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Nov 2023 13:54:43 GMT
content-type: text/css
vary: Accept-Encoding
age: 577349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.blogger.com/static/v1/widgets/1897193141-widgets.js
200 OK 59 kB URL GET HTTP/3 www.blogger.com/static/v1/widgets/1897193141-widgets.js
IP
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint4A:89:9B:E5:F1:54:0E:2D:0A:8E:40:A8:27:DF:2E:6B:7F:74:51:90
ValidityMon, 23 Oct 2023 11:17:52 GMT - Mon, 15 Jan 2024 11:17:51 GMT
File type ASCII text, with very long lines (2258)
Hash a7702af194f7ed03dbf459c22f803db7
d5d4027fe53fb98160fd97a9d65d28395bc3a42b
72b56d06cc3995965996f7d90fd241e0a6fa1952474ddf2ded661ac20153c94b
GET /static/v1/widgets/1897193141-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analytics.eonads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 59218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 02:14:02 GMT
expires: Tue, 19 Nov 2024 02:14:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Nov 2023 00:54:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 307826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET hayatialyawmiya.blogspot.com/favicon.ico
200 OK 412 B URL GET HTTP/3 hayatialyawmiya.blogspot.com/favicon.ico
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:28 GMT
date: Thu, 23 Nov 2023 15:44:28 GMT
cache-control: private, max-age=86400
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
etag: W/"2ef8bca76c55b21d2c0709ae80ff1772c16451a3749ab4b6b86efb9a44b3b132"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.googletagmanager.com/gtm.js?id=GTM-WPZVPCW
200 OK 52 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WPZVPCW
IP
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (2213)
Hash 2b1a374720230d0fed939e3167a064a5
c3c9c34ff321f493d2178dfdaa66a2502469f5ad
ebf20b6b00d75bfec640e23f3ac90a8e60ee8c457d4902ad9fe6506c1c182b70
GET /gtm.js?id=GTM-WPZVPCW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analytics.eonads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Nov 2023 15:44:28 GMT
expires: Thu, 23 Nov 2023 15:44:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Nov 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3630416829836811&bg=!kJOlk9zNAAZxrfrxUa07ADQBe5WfOM1Y9P6wPPwDjQFkNaPlSYnxKd3G_Leoxna_r4tbcqy2_Qg6hNNmeTqVSsbVf4kdAgAAAWtSAAAAC2gBB5kCibUo9hX8gqRbaeCPZZJR9VwslE5E0sq2yNxTv-8pS1Km2r9-cMZDSem0dcCHTGfbzwUMcinB-53JGGcB5w8EfmQmX2plcjUpSfP7B1JgY0IFpr34IM2trp9ddF6gIQ_ufYkxxSe4JmmodPj0KvDqtwHgz-zXp6ycLdOkBsiapN_6Mh4Rc4LRdKGMKEQZh2FVlInWALL-w12jtnsmmP9Ue9UErl203-MrYX3XmxwucA4U-ZQQcUlipD_b-hrlCsGwtGndsu1uWtMOKq0vi_9ZCNF0Z5uSaOWk-oCNbrn4VcKO-ONGGskz7IE7Tk6i-01m0HdFZauEjh2BiOOoRUa5heMYyh0Q8xslG0P5GZXCfRTpcgZmuPXH4vvMlkzHPoPmeI2YS8USXyN1Nk9LU9Ev7DgJrauPy7f7Y_nfdjLJH2jwCO0b-Mvhst5BoyBj-TYoMPlGkW232o5LCx5IEy4G-q-arpr2hDfUWjeX-S84lCNWXTWgwGYUPE93EE2ciyjA0MBdbvBJjkXD0k9jgEMrToAp7iZvTxuVgYBez84P0XiCZwQaMp5h7prWZMxpkJ70kPmi8ZmMOcTAAiDEUsIv5HUNTvE_SM5wzjz9e492-TT0bxb83iNo8erBltxC9F3lCfJKvuG_N2TyL9fiX7B4i5oE44_ppJtl9N7Ms4GTSqv0GajZRtcSkvdiW0zBtvVg403EDO7r3ImtBKde4Q3heZtmgevtvRW2lBKOB3GCdV9D_uDp6q-AJ3bkCIO4aZlGfbHkSGXADI3ZbPzmiSX1xZvAeuuNBW60aK4WAvL1sDRN5XEEMq9r4GuBSpPA9dCgV_EAsdXFhMiUSMETDtoePpIF9PGHqUf9sNw
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3630416829836811&bg=!kJOlk9zNAAZxrfrxUa07ADQBe5WfOM1Y9P6wPPwDjQFkNaPlSYnxKd3G_Leoxna_r4tbcqy2_Qg6hNNmeTqVSsbVf4kdAgAAAWtSAAAAC2gBB5kCibUo9hX8gqRbaeCPZZJR9VwslE5E0sq2yNxTv-8pS1Km2r9-cMZDSem0dcCHTGfbzwUMcinB-53JGGcB5w8EfmQmX2plcjUpSfP7B1JgY0IFpr34IM2trp9ddF6gIQ_ufYkxxSe4JmmodPj0KvDqtwHgz-zXp6ycLdOkBsiapN_6Mh4Rc4LRdKGMKEQZh2FVlInWALL-w12jtnsmmP9Ue9UErl203-MrYX3XmxwucA4U-ZQQcUlipD_b-hrlCsGwtGndsu1uWtMOKq0vi_9ZCNF0Z5uSaOWk-oCNbrn4VcKO-ONGGskz7IE7Tk6i-01m0HdFZauEjh2BiOOoRUa5heMYyh0Q8xslG0P5GZXCfRTpcgZmuPXH4vvMlkzHPoPmeI2YS8USXyN1Nk9LU9Ev7DgJrauPy7f7Y_nfdjLJH2jwCO0b-Mvhst5BoyBj-TYoMPlGkW232o5LCx5IEy4G-q-arpr2hDfUWjeX-S84lCNWXTWgwGYUPE93EE2ciyjA0MBdbvBJjkXD0k9jgEMrToAp7iZvTxuVgYBez84P0XiCZwQaMp5h7prWZMxpkJ70kPmi8ZmMOcTAAiDEUsIv5HUNTvE_SM5wzjz9e492-TT0bxb83iNo8erBltxC9F3lCfJKvuG_N2TyL9fiX7B4i5oE44_ppJtl9N7Ms4GTSqv0GajZRtcSkvdiW0zBtvVg403EDO7r3ImtBKde4Q3heZtmgevtvRW2lBKOB3GCdV9D_uDp6q-AJ3bkCIO4aZlGfbHkSGXADI3ZbPzmiSX1xZvAeuuNBW60aK4WAvL1sDRN5XEEMq9r4GuBSpPA9dCgV_EAsdXFhMiUSMETDtoePpIF9PGHqUf9sNw
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3630416829836811&bg=!kJOlk9zNAAZxrfrxUa07ADQBe5WfOM1Y9P6wPPwDjQFkNaPlSYnxKd3G_Leoxna_r4tbcqy2_Qg6hNNmeTqVSsbVf4kdAgAAAWtSAAAAC2gBB5kCibUo9hX8gqRbaeCPZZJR9VwslE5E0sq2yNxTv-8pS1Km2r9-cMZDSem0dcCHTGfbzwUMcinB-53JGGcB5w8EfmQmX2plcjUpSfP7B1JgY0IFpr34IM2trp9ddF6gIQ_ufYkxxSe4JmmodPj0KvDqtwHgz-zXp6ycLdOkBsiapN_6Mh4Rc4LRdKGMKEQZh2FVlInWALL-w12jtnsmmP9Ue9UErl203-MrYX3XmxwucA4U-ZQQcUlipD_b-hrlCsGwtGndsu1uWtMOKq0vi_9ZCNF0Z5uSaOWk-oCNbrn4VcKO-ONGGskz7IE7Tk6i-01m0HdFZauEjh2BiOOoRUa5heMYyh0Q8xslG0P5GZXCfRTpcgZmuPXH4vvMlkzHPoPmeI2YS8USXyN1Nk9LU9Ev7DgJrauPy7f7Y_nfdjLJH2jwCO0b-Mvhst5BoyBj-TYoMPlGkW232o5LCx5IEy4G-q-arpr2hDfUWjeX-S84lCNWXTWgwGYUPE93EE2ciyjA0MBdbvBJjkXD0k9jgEMrToAp7iZvTxuVgYBez84P0XiCZwQaMp5h7prWZMxpkJ70kPmi8ZmMOcTAAiDEUsIv5HUNTvE_SM5wzjz9e492-TT0bxb83iNo8erBltxC9F3lCfJKvuG_N2TyL9fiX7B4i5oE44_ppJtl9N7Ms4GTSqv0GajZRtcSkvdiW0zBtvVg403EDO7r3ImtBKde4Q3heZtmgevtvRW2lBKOB3GCdV9D_uDp6q-AJ3bkCIO4aZlGfbHkSGXADI3ZbPzmiSX1xZvAeuuNBW60aK4WAvL1sDRN5XEEMq9r4GuBSpPA9dCgV_EAsdXFhMiUSMETDtoePpIF9PGHqUf9sNw HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET l2.io/ip.js?var=myip
200 OK 22 B IP
ASN #29152 Decknet S.a.r.l.
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerLet's Encrypt
Subjectl2.io
Fingerprint65:49:ED:2D:E9:35:D9:26:3D:70:87:2B:4F:20:FF:14:56:55:52:B4
ValidityTue, 17 Oct 2023 07:33:55 GMT - Mon, 15 Jan 2024 07:33:54 GMT
File type ASCII text, with no line terminators
Hash ac056f7786b31c1e0d77a31fad3e1a3a
c58ecd9e2d7b6005f154a99dc806aeee0d2e00d0
1290ae86892ba16dc3aa48a441612b875d0e319ac67ba15b1905d25173902d3e
GET /ip.js?var=myip HTTP/1.1
Host: l2.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analytics.eonads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Nov 2023 15:44:32 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 22
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET vooculok.com/impression/tVFJxvySr21mnfRxWFgH4rS1ZlvQ_4EgiJX1_MOjba5mwCOe-HBFRhfTs65CM7r063bSYRDs2GVLcSUASXroNd_ReTv3WEzrJWjdjQ3vYa5yfvHr3P64A0KDBXQ_3XWsw86Ij5Bp6Z-isDOMtfLxBaO-RUdjxDPOD31fkjIGH3HpVJVwzfW2_W0vWNnyxu0FNgUs7Wk6I5pBvHnegSF6Z33tE0eNQWeDP0ZiKeE_1UeL5sZ8NzI3MQ==?_z=4751071&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1
200 OK 43 B URL GET HTTP/2 vooculok.com/impression/tVFJxvySr21mnfRxWFgH4rS1ZlvQ_4EgiJX1_MOjba5mwCOe-HBFRhfTs65CM7r063bSYRDs2GVLcSUASXroNd_ReTv3WEzrJWjdjQ3vYa5yfvHr3P64A0KDBXQ_3XWsw86Ij5Bp6Z-isDOMtfLxBaO-RUdjxDPOD31fkjIGH3HpVJVwzfW2_W0vWNnyxu0FNgUs7Wk6I5pBvHnegSF6Z33tE0eNQWeDP0ZiKeE_1UeL5sZ8NzI3MQ==?_z=4751071&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectvooculok.com
Fingerprint06:82:A2:A7:A0:5A:19:BE:22:4B:9C:7C:10:4D:81:24:49:42:3F:B7
ValiditySat, 16 Sep 2023 05:07:42 GMT - Fri, 15 Dec 2023 05:07:41 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/tVFJxvySr21mnfRxWFgH4rS1ZlvQ_4EgiJX1_MOjba5mwCOe-HBFRhfTs65CM7r063bSYRDs2GVLcSUASXroNd_ReTv3WEzrJWjdjQ3vYa5yfvHr3P64A0KDBXQ_3XWsw86Ij5Bp6Z-isDOMtfLxBaO-RUdjxDPOD31fkjIGH3HpVJVwzfW2_W0vWNnyxu0FNgUs7Wk6I5pBvHnegSF6Z33tE0eNQWeDP0ZiKeE_1UeL5sZ8NzI3MQ==?_z=4751071&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1 HTTP/1.1
Host: vooculok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAID=j5mi845083qq530254907s6l9yhxx181
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:35 GMT
content-type: image/gif
content-length: 43
x-trace-id: 3938065c48f9a947d942fd7b15c31b6b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET www.eonads.com/app/scripts/js_fingerprint.js
200 OK 10 kB URL GET HTTP/3 www.eonads.com/app/scripts/js_fingerprint.js
IP
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type ASCII text, with very long lines (6243)
Hash 4bd9de112b8c74793f620b7d87278eb3
706e5de817d576856ae8e0bb696bca7dfca6fb9f
a3168c7b5805a75972ed4ab3ffa0af736b65beea33d1d15650f7145b9df6bfdb
GET /app/scripts/js_fingerprint.js HTTP/1.1
Host: www.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analytics.eonads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=57010
etag: W/"deb2-5b65c66953189-gzip"
last-modified: Sun, 13 Dec 2020 18:07:37 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npPgNyBVHdx86oJSKgkkmKsFo%2BbRx7z9i%2FvkCK3kDfw%2BJ8OTy2MtmSZ9F%2FsdyomPD%2FWkzP72XEtOrcbEt%2FM5PO4Z1Rf4EpCdVcB0yYAM%2BD%2FPuwsZ4nGWfb6vYYck4KA9Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa889f8f36b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET vooculok.com/500/4751071?excludes=2595293&oaid=36ec6547686e43ed87323b0b327624a3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1
200 OK 843 B URL GET HTTP/2 vooculok.com/500/4751071?excludes=2595293&oaid=36ec6547686e43ed87323b0b327624a3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectvooculok.com
Fingerprint06:82:A2:A7:A0:5A:19:BE:22:4B:9C:7C:10:4D:81:24:49:42:3F:B7
ValiditySat, 16 Sep 2023 05:07:42 GMT - Fri, 15 Dec 2023 05:07:41 GMT
File type JSON data\012- , ASCII text, with very long lines (843), with no line terminators
Hash c7a4f0053354086342584cebd47b5aea
475b57afad39fc686d4e078ce5cb0ffc3070f4be
d3b49e675b05453b8044099789495b884c526007eb12ebd165e4edb968dbcdfb
GET /500/4751071?excludes=2595293&oaid=36ec6547686e43ed87323b0b327624a3&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1 HTTP/1.1
Host: vooculok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAID=j5mi845083qq530254907s6l9yhxx181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:36 GMT
content-type: application/javascript
content-length: 843
x-trace-id: 4a0ea0ed55db69b5c743e8933169f996
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=36ec6547686e43ed87323b0b327624a3; expires=Fri, 22 Nov 2024 15:44:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET static.cdnativepush.com/contents/s/2d/9f/82/5a476f6e5dfe446ac9e2bd5e66/01175668881299.png
200 OK 7.2 kB URL GET HTTP/2 static.cdnativepush.com/contents/s/2d/9f/82/5a476f6e5dfe446ac9e2bd5e66/01175668881299.png
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectcdnativepush.com
FingerprintA7:31:D7:D2:72:39:F2:36:EB:F2:8D:4D:54:F6:6B:CF:DC:26:BD:F9
ValidityMon, 02 Oct 2023 05:07:06 GMT - Sun, 31 Dec 2023 05:07:05 GMT
File type PNG image data, 127 x 127, 8-bit colormap, non-interlaced\012- data
Hash 2d9f825a476f6e5dfe446ac9e2bd5e66
6150f0668c1fe0a3a00cd167424a431ee245c0f5
44ceab968085eb2734140a4e79a1e40b4211e079a92bedf0bfabdc1daa65692f
GET /contents/s/2d/9f/82/5a476f6e5dfe446ac9e2bd5e66/01175668881299.png HTTP/1.1
Host: static.cdnativepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:36 GMT
content-type: image/png
content-length: 7182
last-modified: Thu, 15 Oct 2020 15:01:19 GMT
vary: Accept-Encoding
etag: "5f88643f-1c0e"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
GET static.cdnativepush.com/contents/s/d7/6a/4c/0ac206c678a3bd2466b4e28d4c/0306982963500.png
200 OK 9.4 kB URL GET HTTP/2 static.cdnativepush.com/contents/s/d7/6a/4c/0ac206c678a3bd2466b4e28d4c/0306982963500.png
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectcdnativepush.com
FingerprintA7:31:D7:D2:72:39:F2:36:EB:F2:8D:4D:54:F6:6B:CF:DC:26:BD:F9
ValidityMon, 02 Oct 2023 05:07:06 GMT - Sun, 31 Dec 2023 05:07:05 GMT
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash d76a4c0ac206c678a3bd2466b4e28d4c
d05cdca386f63e63ec29246b0da3a75eccfe88b7
690eb62ca043c991ddfda07c229c8759b3beaa76300c8f017a6ec08dc2390069
GET /contents/s/d7/6a/4c/0ac206c678a3bd2466b4e28d4c/0306982963500.png HTTP/1.1
Host: static.cdnativepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:36 GMT
content-type: image/png
content-length: 9440
last-modified: Mon, 11 Sep 2023 11:07:35 GMT
vary: Accept-Encoding
etag: "64fef4f7-24e0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
43 B URL vooculok.com/impression/8RVZeo0Bp52AvTl8Fm1lMOrus6Wz27694UvlgrTwms55M2PIpahxAqdv2hIRtzKwiQsWd457Ss6eGPH8scEsT8tfhdbAUTNmq8kBHxJXfUGS_03gjVmKQAp0J8bhTikz6Ctus-PvUzvPM1bPylZMRfuDoStFqFe1iDuBe4CSGVUUARr5hRzu4yV3cC0P8xdklrw9agEPfYwKKc7SeAxAJnqVbPPq0umbQwjY2JZg4-Q=?_z=4751071&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1
IP
Certificate IssuerLet's Encrypt
Subjectvooculok.com
Fingerprint06:82:A2:A7:A0:5A:19:BE:22:4B:9C:7C:10:4D:81:24:49:42:3F:B7
ValiditySat, 16 Sep 2023 05:07:42 GMT - Fri, 15 Dec 2023 05:07:41 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/8RVZeo0Bp52AvTl8Fm1lMOrus6Wz27694UvlgrTwms55M2PIpahxAqdv2hIRtzKwiQsWd457Ss6eGPH8scEsT8tfhdbAUTNmq8kBHxJXfUGS_03gjVmKQAp0J8bhTikz6Ctus-PvUzvPM1bPylZMRfuDoStFqFe1iDuBe4CSGVUUARr5hRzu4yV3cC0P8xdklrw9agEPfYwKKc7SeAxAJnqVbPPq0umbQwjY2JZg4-Q=?_z=4751071&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=10&pl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.310.1 HTTP/1.1
Host: vooculok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAID=36ec6547686e43ed87323b0b327624a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:38 GMT
content-type: image/gif
content-length: 43
x-trace-id: 363dd573f3eac62737d9c86eebd25a43
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET static.cdnativepush.com/contents/s/2d/9f/82/5a476f6e5dfe446ac9e2bd5e66/01175668881299.png
200 OK 7.2 kB URL GET HTTP/2 static.cdnativepush.com/contents/s/2d/9f/82/5a476f6e5dfe446ac9e2bd5e66/01175668881299.png
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectcdnativepush.com
FingerprintA7:31:D7:D2:72:39:F2:36:EB:F2:8D:4D:54:F6:6B:CF:DC:26:BD:F9
ValidityMon, 02 Oct 2023 05:07:06 GMT - Sun, 31 Dec 2023 05:07:05 GMT
File type PNG image data, 127 x 127, 8-bit colormap, non-interlaced\012- data
Hash 2d9f825a476f6e5dfe446ac9e2bd5e66
6150f0668c1fe0a3a00cd167424a431ee245c0f5
44ceab968085eb2734140a4e79a1e40b4211e079a92bedf0bfabdc1daa65692f
GET /contents/s/2d/9f/82/5a476f6e5dfe446ac9e2bd5e66/01175668881299.png HTTP/1.1
Host: static.cdnativepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:39 GMT
content-type: image/png
content-length: 7182
last-modified: Thu, 15 Oct 2020 15:01:19 GMT
vary: Accept-Encoding
etag: "5f88643f-1c0e"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
GET ibrapush.com/pfe/current/tag.min.js?z=4030716
200 OK 13 kB URL GET HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=4030716
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectibrapush.com
FingerprintAC:F6:AB:6F:AB:34:17:90:49:79:7B:7C:FD:CE:24:5B:02:33:E5:E2
ValidityFri, 10 Nov 2023 10:01:20 GMT - Thu, 08 Feb 2024 10:01:19 GMT
File type C source, ASCII text, with very long lines (13300), with no line terminators
Hash 258578af3c107ccb907f73c3a2f4c25f
7a192edea829968fb7f57f2a2fc4cb5b612598be
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75
GET /pfe/current/tag.min.js?z=4030716 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 13:59:39 GMT
etag: W/"655e094b-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.fontstatic.com/f=sky
200 OK 203 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectfontstatic.com
FingerprintF1:BA:85:F1:4A:E7:75:3E:27:68:ED:79:20:9A:14:F6:A6:E8:BE:B3
ValiditySat, 11 Nov 2023 10:49:55 GMT - Fri, 09 Feb 2024 10:49:54 GMT
File type Unicode text, UTF-8 text, with no line terminators
Hash 1394b00f4cd3c2741f400c85fc9065a6
3b2537722e706f6408bd4786e206453c2b555878
a0eda4cec4632f9fb08418ba565380acae7551a8939f1250f119f47d48cf959c
GET /f=sky HTTP/1.1
Host: www.fontstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:23 GMT
content-type: text/css; charset=UTF-8
pragma: no-cache
x-cache: MISS
x-proxy-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAU4mXtTvNkyRo%2BiJ5hJFHhzRcB2RUePNz%2BPBQEzV1SQH3ud2TzJeJdCKbZJveriI2Qb29dToPpFwDUic3cLXRE9uRD23xiRoOBy7aYePZ04wXQ1MpiAYtx0n8rymXFKliSTXC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88849ec35691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tpc.googlesyndication.com/sodar/sodar2.js
200 OK 17 kB URL GET HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
FingerprintB3:EB:42:1C:FE:75:21:B0:DB:48:DA:47:9F:CE:BF:3C:AC:A4:34:3C
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1321)
Hash 2cc87e9764aebcbbf36ff2061e6a2793
b4f2ffdf4c695aa79f0e63651c18a88729c2407b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 23 Nov 2023 15:44:27 GMT
expires: Thu, 23 Nov 2023 15:44:27 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET uprimp.com/bnr.php?section=General&pub=241468&format=160x600&ga=g
200 OK 430 B URL GET HTTP/2 uprimp.com/bnr.php?section=General&pub=241468&format=160x600&ga=g
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type ASCII text, with very long lines (448), with no line terminators
Hash 75bba880b614a68e0e7dba1c60418a6e
aa4d2e6bec9dbf4c71fe119a5f2a652e9f7ea3fc
91f748fb7207b15b759555c9a303781e229af4e766e7bc34c7f6e792837a33e8
GET /bnr.php?section=General&pub=241468&format=160x600&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: application/javascript
expires: Thu, 23 Nov 2023 15:44:24 GMT
last-modified: Thu, 23 Nov 2023 15:44:24 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Roboto&display=swap
200 OK 2.3 kB URL GET HTTP/3 fonts.googleapis.com/css2?family=Roboto&display=swap
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2319), with no line terminators
Hash a923b98baca4b55a4d2a4f806222686b
767d3e48a33b662bdb12e0f498fd2510a59a7db4
e927b86850ae1f8b6c9ab3722b76d1f1f72f224d0a3523b04ca29df0e7aee222
GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Nov 2023 15:44:24 GMT
date: Thu, 23 Nov 2023 15:44:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET analytics.eonads.com/js/cookienotice.js
200 OK 6.5 kB URL GET HTTP/3 analytics.eonads.com/js/cookienotice.js
IP
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type ASCII text, with very long lines (6697), with no line terminators
Hash 58fae8c90b64305d219093c844ee9dea
f47708279a9fd6051380766656d03b4dbf450262
8e6cc498f85167b53b3e1b0937d0764b7c2753214e2365570481b750638a6f64
GET /js/cookienotice.js HTTP/1.1
Host: analytics.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:28 GMT
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options: nosniff
x-xss-protection: 0
expires: Wed, 29 Nov 2023 08:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 21 Nov 2023 23:57:10 GMT
vary: Accept-Encoding
age: 42812
cf-cache-status: HIT
server: cloudflare
cf-ray: 82aa889f5f07b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET gishejuy.com/400/4030714
403 Forbidden 0 B IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /400/4030714 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/plain; charset=utf-8
content-length: 22
x-trace-id: 65df08a471693bdaa72ad44843ac37e2
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
timing-allow-origin: *
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
GET uprimp.com/bnr_xload.php?section=General&pub=241468&format=160x600&ga=g&xt=170075426421064&xtt=9487514
200 OK 1.1 kB URL GET HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=241468&format=160x600&ga=g&xt=170075426421064&xtt=9487514
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1109), with no line terminators
Hash 4c62797548f97ae6306cb028de95f854
0122643dc76043afe76b19d96b2e5e52067339bd
bcc4a5d12027b9f464ec8acf4ec6b9887a4cd6a24de5851982d31d82eaa1faf2
GET /bnr_xload.php?section=General&pub=241468&format=160x600&ga=g&xt=170075426421064&xtt=9487514 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: used_ad2969584=1; total_impressions=1; cpa_673873=728x90_415634931_0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:25 GMT
last-modified: Thu, 23 Nov 2023 15:44:25 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
GET my.rtmark.net/gid.js?userId=j5mi845083qq530254907s6l9yhxx181
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=j5mi845083qq530254907s6l9yhxx181
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e47e244b0ca937cbc9478d69d9fffc00
001d88aec468b4f21ddff88aab4ebfbce72878f2
ede51532a712997fc9eae84bfb9c73fb1aff1684897a48c02a52c0ae317959e0
GET /gid.js?userId=j5mi845083qq530254907s6l9yhxx181 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: ID=36ec6547686e43ed87323b0b327624a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=36ec6547686e43ed87323b0b327624a3; expires=Fri, 22 Nov 2024 15:44:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET ipmeta.io/plugin.js
200 OK 5.9 kB IP
Requested by https://analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
Certificate IssuerGoogle Trust Services LLC
Subjectipmeta.io
FingerprintC2:EF:8E:C6:45:41:9A:63:F9:57:AE:C7:43:0F:DA:BF:89:AE:A9:48
ValidityThu, 05 Oct 2023 13:38:35 GMT - Wed, 03 Jan 2024 13:38:34 GMT
File type ASCII text, with very long lines (5941), with no line terminators
Hash ddf4e28a08c9917259b4eb3e8101d56f
8656367f0c9a6ff82c39399162e3c4496ad64c50
f45af585b06f32cec1e2aea4cedae3bc5e9e3cb0fd4699da2d428bc89d7c6439
GET /plugin.js HTTP/1.1
Host: ipmeta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analytics.eonads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 23 Jun 2023 12:15:51 GMT
vary: Accept-Encoding
etag: W/"64958cf7-1707"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 31064
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shH1iLJiQN4c8RUikej9yPeHyFQp%2B620dNMlAt3pksz9moRSOZWwI8LD2Fn5DGMHgOGJwBGQ%2BEivQGd6hl5CjOayJMdCEBGyMpYWjG7KTeLZPNfFNYBJOwfZxqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa889fcb36b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET qoca.site/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCGjrijACACkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_55284&adApiR=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
200 OK 1.2 kB URL GET HTTP/2 qoca.site/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCGjrijACACkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_55284&adApiR=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectqoca.site
Fingerprint26:10:5F:3B:B0:8C:23:20:58:76:CE:D3:B5:D1:DB:AD:D3:58:D6:05
ValiditySun, 24 Sep 2023 10:11:56 GMT - Sat, 23 Dec 2023 10:11:55 GMT
File type ASCII text, with very long lines (1200), with no line terminators
Hash 71d9fa0ac26b638d07671897bc1e6482
6e94dc60e642c840df3ddd7b5a5b442968cd605e
735d36453b3b63a942263203619a85d0919ba28c387b1e3096cd39369c4e5ba2
GET /87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCGjrijACACkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_55284&adApiR=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2 HTTP/1.1
Host: qoca.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Cookie: used_ad2969584=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: application/javascript;charset=utf-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
GET ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365
0 B URL GET ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365
IP
Requested by https://uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectylx-i.advertica-cdn2.com
Fingerprint7C:93:9D:F8:EE:CE:92:76:58:F1:1E:7A:3B:AE:C8:96:A7:4D:CD:71
ValiditySat, 14 Oct 2023 09:35:22 GMT - Fri, 12 Jan 2024 09:35:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff/pub_upk7x1.png?1480419365 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2016 11:36:05 GMT
etag: W/"583d6825-5642"
expires: Sat, 23 Dec 2023 15:44:25 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
GET ylx-aff.advertica-cdn.com/pub_ibn6df.png
0 B URL GET ylx-aff.advertica-cdn.com/pub_ibn6df.png
IP
Requested by https://uprimp.com/bnr_xload.php?section=General&pub=241468&format=160x600&ga=g&xt=170075426421064&xtt=9487514
Certificate IssuerLet's Encrypt
Subjectylx-aff.advertica-cdn.com
FingerprintEE:5C:FF:53:FD:BE:0D:2E:D7:BE:E4:33:C7:C0:14:E3:94:F2:11:4D
ValidityFri, 06 Oct 2023 20:54:53 GMT - Thu, 04 Jan 2024 20:54:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pub_ibn6df.png HTTP/1.1
Host: ylx-aff.advertica-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2016 11:36:02 GMT
etag: W/"583d6822-d20b"
expires: Sat, 23 Dec 2023 15:44:26 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
GET qoca.site/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCGjrijACACkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_55284&adApiR=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1714380288358&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
200 OK 83 kB URL GET HTTP/2 qoca.site/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCGjrijACACkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_55284&adApiR=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1714380288358&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectqoca.site
Fingerprint26:10:5F:3B:B0:8C:23:20:58:76:CE:D3:B5:D1:DB:AD:D3:58:D6:05
ValiditySun, 24 Sep 2023 10:11:56 GMT - Sat, 23 Dec 2023 10:11:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash 5137fd9cbe23b63f5a023adcdd154a9a
d8845d506e27f19ee03c8968c479f6501f654acb
07b1c9aaabb118983b89a95eefdb6dc7341a79e5cb4bfd5d65246f92a44b1a0e
GET /87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCGjrijACACkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_55284&adApiR=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1714380288358&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0= HTTP/1.1
Host: qoca.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Cookie: used_ad2969584=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/html; charset=utf-8
set-cookie: total_impressions=2; expires=Fri, 24 Nov 2023 04:59:59 GMT; Max-Age=47733; secure; SameSite=None
used_ad2938102=1; expires=Fri, 24 Nov 2023 04:59:59 GMT; Max-Age=47733; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
GET iclickcdn.com/tag.min.js
200 OK 81 kB IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint69:5A:9D:95:E5:36:A5:18:E0:04:11:44:FA:AD:14:94:26:BD:9D:39
ValiditySat, 12 Aug 2023 00:00:00 GMT - Sun, 11 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash eb9c9dc8a65f1be429c1cfb6f8abcc9e
18a1c9d83552f65a34b439f6660d3d7c052a4328
f47596cacf5473851f4caa3fb498f52087f762a0dc8cc0effbe93bd30f461b81
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 3f613d3fda8fd60c7dfbc868719fc5a2
cache-control: max-age=86400
last-modified: Tue, 21 Nov 2023 19:19:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 24 Nov 2023 02:55:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 46131
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPzOOuQoG%2F69w34vfRG5pnKJLl14e1daC2EoTf%2FhKBZ2c8RVk43SNoXjbL4UZnDQjpwn4w9Jye8BmQ%2BKp8DnWt3bgmH8Ffc1xEgmJeemcuTXpqTZjbDvqwEMFD4%2FYIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82aa888c3d0ab4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
GET cdn.qoca.site/generic/9478_590601-728h90.png
0 B URL GET cdn.qoca.site/generic/9478_590601-728h90.png
IP
Requested by https://qoca.site/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_87769&adApiR=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2001216291633&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Certificate IssuerLet's Encrypt
Subjectcdn.qoca.site
Fingerprint3D:39:A2:92:6F:0D:7C:3C:DF:7E:7D:61:03:26:80:A1:16:AD:BF:9E
ValidityFri, 06 Oct 2023 20:27:34 GMT - Thu, 04 Jan 2024 20:27:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generic/9478_590601-728h90.png HTTP/1.1
Host: cdn.qoca.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qoca.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: image/png
last-modified: Sat, 18 Feb 2023 14:12:49 GMT
vary: Accept-Encoding
etag: W/"63f0dce1-5e16"
expires: Sat, 23 Dec 2023 15:44:26 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.google.com/recaptcha/api2/aframe
200 OK 829 B URL GET HTTP/2 www.google.com/recaptcha/api2/aframe
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (853), with no line terminators
Hash 40757165ca3a330dd9293a67fdb8b3fd
a6ec28e637c398574b6083ccbee045943db7afac
9e432f759e64a43242cfb7169a205ca4fae8c15e0100b2c73fdba2c9da2453f6
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 23 Nov 2023 15:44:27 GMT
date: Thu, 23 Nov 2023 15:44:27 GMT
cache-control: private, max-age=300
content-security-policy: script-src 'nonce-p7BkNgrSv9bpbXiGKyAzGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
200 OK 1.6 kB URL GET HTTP/2 uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/bnr_xload.php?section=General&pub=241468&format=728x90&ga=g&xt=170075426471048&xtt=4446274
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1695), with no line terminators
Hash 16d64ec1a2a01acd8b54b2774df0cdef
d63d9ca6cfdd1710c2f01310e40496b1616a9f63
afc5f577007576081d92649e9c68b61449dae549624109680efdddaf3ae3404a
GET /show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw== HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=241468&format=728x90&ga=g&xt=170075426471048&xtt=4446274
Cookie: used_ad2969584=1; total_impressions=1; cpa_673873=728x90_415634931_0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:24 GMT
last-modified: Thu, 23 Nov 2023 15:44:24 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
GET ibrapush.com/pfe/current/universal.min.js?v=3.1.471
200 OK 88 kB URL GET HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.471
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectibrapush.com
FingerprintAC:F6:AB:6F:AB:34:17:90:49:79:7B:7C:FD:CE:24:5B:02:33:E5:E2
ValidityFri, 10 Nov 2023 10:01:20 GMT - Thu, 08 Feb 2024 10:01:19 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42
GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 13:59:39 GMT
etag: W/"655e094b-1572c"
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
GET ylx-i.advertica-cdn2.com/but_close.png?1360094895
0 B URL GET ylx-i.advertica-cdn2.com/but_close.png?1360094895
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectylx-i.advertica-cdn2.com
Fingerprint7C:93:9D:F8:EE:CE:92:76:58:F1:1E:7A:3B:AE:C8:96:A7:4D:CD:71
ValiditySat, 14 Oct 2023 09:35:22 GMT - Fri, 12 Jan 2024 09:35:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /but_close.png?1360094895 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: image/png
last-modified: Tue, 05 Feb 2013 20:08:15 GMT
etag: W/"511166af-298"
expires: Sat, 23 Dec 2023 15:44:26 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
GET uwoaptee.com/pfe/current/defaultSkin.min.js
200 OK 57 kB URL GET HTTP/2 uwoaptee.com/pfe/current/defaultSkin.min.js
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 13:59:39 GMT
etag: W/"655e094b-df63"
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
GET phaipaun.net/5/4030717/?oo=1&js_build=iclick-v1.631.3-auto
200 OK 2.9 kB URL GET HTTP/2 phaipaun.net/5/4030717/?oo=1&js_build=iclick-v1.631.3-auto
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectphaipaun.net
FingerprintA3:02:21:44:1B:44:A2:B5:30:2D:71:FC:F3:93:CA:86:5F:F0:8B:46
ValidityTue, 21 Nov 2023 12:03:42 GMT - Mon, 19 Feb 2024 12:03:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3128), with no line terminators
Hash 1de6a317281aa2d2b4f3cf433bebd851
ef7ce4d9bde4009fd3c67561bc34553adca3f2b9
fee44149fdbb909d6af95f3be00b3bf895c7dc0c87f0678b1cecf583ee5e7320
GET /5/4030717/?oo=1&js_build=iclick-v1.631.3-auto HTTP/1.1
Host: phaipaun.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: application/json
x-trace-id: 50febac1d6ddb49304fafaac9e53c760
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=36ec6547686e43ed87323b0b327624a3; expires=Fri, 22 Nov 2024 15:44:25 GMT; path=/; secure; SameSite=None
oaidts=1700754265; expires=Fri, 22 Nov 2024 15:44:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
GET ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
0 B URL GET ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
IP
Requested by https://uprimp.com/show.php?u77151700754266=true&ad=673873&f=160x600&a=781385&cri=0&s=NmI1MGJlMDQ4N2JmMGNjODFmZjVlNTllZWUwNDhiYTA=&u=241468&si=415634931&di=48296923&ci=16&h=3b9986180e33f353ec46789a47d2bb7c&cc=NO&slider=a3a29ee2fe0801e13ed79846bf41be0b&https=1&useAf=loaded_string_617723b505f4ef77a6ce5d943baa68253e290_2938102_1700754266.4339_62333&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectylx-i.advertica-cdn2.com
Fingerprint7C:93:9D:F8:EE:CE:92:76:58:F1:1E:7A:3B:AE:C8:96:A7:4D:CD:71
ValiditySat, 14 Oct 2023 09:35:22 GMT - Fri, 12 Jan 2024 09:35:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logo_n_small.png?1480628810 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: image/png
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
etag: W/"58409a4a-631"
expires: Sat, 23 Dec 2023 15:44:26 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
GET network.eonads.com/adserver/www/delivery/lg.php?bannerid=825&campaignid=152&zoneid=21936&loc=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&cb=f28826ec9d
200 OK 43 B URL GET HTTP/3 network.eonads.com/adserver/www/delivery/lg.php?bannerid=825&campaignid=152&zoneid=21936&loc=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&cb=f28826ec9d
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /adserver/www/delivery/lg.php?bannerid=825&campaignid=152&zoneid=21936&loc=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&cb=f28826ec9d HTTP/1.1
Host: network.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: OAGEO=2%7CNO%7CEU%7C%7CLorenskog%7C1470%7C59.9381%7C10.9551%7C500%7CEurope%2FOslo%7C%7C30%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=7e4e48eb76a4295bdac069475754d00a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: image/gif
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=7e4e48eb76a4295bdac069475754d00a; expires=Fri, 22-Nov-2024 15:44:27 GMT; Max-Age=31536000; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Fl4fSv7RT5a01yGvBHSeiUrJUw%2BdBiaRBFF6Hpqx1r%2FbCshw9S6JAQJ8oQGHKXqzBwMqjqDJR5xpDIhIqyXfwNhlM6hlUCYkFroB1lsgMOWcxQ4vkH0xad3NdO1a3YNDxLUe%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88993b8eb500-OSL
alt-svc: h3=":443"; ma=86400
GET hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&max-results=10&callback=jQuery11130530690088759337_1700754268419&_=1700754268425
200 OK 31 kB URL GET HTTP/3 hayatialyawmiya.blogspot.com/feeds/posts/summary?alt=json-in-script&max-results=10&callback=jQuery11130530690088759337_1700754268419&_=1700754268425
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feeds/posts/summary?alt=json-in-script&max-results=10&callback=jQuery11130530690088759337_1700754268419&_=1700754268425 HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"31d970b40f11f2816b282a102609daf0dfcaa423e4e6ef6cf86ca4b9ef4c0689"
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Thu, 23 Nov 2023 15:44:28 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
content-encoding: gzip
content-length: 6337
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET qoca.site/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_87769&adApiR=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
200 OK 1.2 kB URL GET HTTP/2 qoca.site/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_87769&adApiR=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectqoca.site
Fingerprint26:10:5F:3B:B0:8C:23:20:58:76:CE:D3:B5:D1:DB:AD:D3:58:D6:05
ValiditySun, 24 Sep 2023 10:11:56 GMT - Sat, 23 Dec 2023 10:11:55 GMT
File type ASCII text, with very long lines (1195), with no line terminators
Hash 2a5dca7a3868781c4f9c38e0d4e67230
38d352ca384f2641fbe50e8e3d35ee95fdfc7686
604d84200ea1c5983c2f4603cf890fe9ed25bac83cbea59d04e35d63c57ae9e1
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_87769&adApiR=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2 HTTP/1.1
Host: qoca.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: application/javascript;charset=utf-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
GET hayatialyawmiya.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=totalcountdata
200 OK 5.5 kB URL GET HTTP/3 hayatialyawmiya.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=totalcountdata
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type Unicode text, UTF-8 text, with very long lines (5313), with no line terminators
Hash e4cffcb7fe92ecd03ced509ceb788727
339535083dec08007229eb24966e4eaabbabbb81
d8fb6ca45743e9f41f7760341899079eba09591d658d5eaa642b1915013bb52d
GET /feeds/posts/summary?max-results=1&alt=json-in-script&callback=totalcountdata HTTP/1.1
Host: hayatialyawmiya.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"ce5f161aea99d6d308cd63c51fae142b4f52e6768953c18b7885a5c474584a46"
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Thu, 23 Nov 2023 15:44:27 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 18:31:50 GMT
content-encoding: gzip
content-length: 2001
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET uwoaptee.com/pfe/current/universal.min.js?v=3.1.471
200 OK 88 kB URL GET HTTP/2 uwoaptee.com/pfe/current/universal.min.js?v=3.1.471
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectuwoaptee.com
Fingerprint7D:49:40:9C:4E:0D:B4:CC:BE:F8:D0:E4:27:22:9A:28:D0:CA:2B:0A
ValidityThu, 14 Sep 2023 05:30:41 GMT - Wed, 13 Dec 2023 05:30:40 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42
GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hayatialyawmiya.blogspot.com/
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 13:59:39 GMT
etag: W/"655e094b-1572c"
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
GET fonts.googleapis.com/earlyaccess/alefhebrew.css
200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/earlyaccess/alefhebrew.css
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1100), with no line terminators
Hash 5e7bb03850331adafa7e6f7756b81572
3b70346b9b0a85401ae670af88a6a733b70e2dca
8c59bab633331e8181a2ae30af6a2ed8576a2b6c53482d84f430ca33b037c8af
GET /earlyaccess/alefhebrew.css HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:44:23 GMT
date: Thu, 23 Nov 2023 15:44:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET uprimp.com/bnr.php?section=General&pub=241468&format=728x90&ga=g
200 OK 427 B URL GET HTTP/2 uprimp.com/bnr.php?section=General&pub=241468&format=728x90&ga=g
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type ASCII text, with very long lines (445), with no line terminators
Hash b6a499dea05ce061bfd1fad62d81b2d7
49c8961a297af51cb8af7379ae76b06b601f18df
4998655e2a05e67e002c4d3ef5aba2593d36a83a77e474a3ba554b9aa188c6fa
GET /bnr.php?section=General&pub=241468&format=728x90&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: application/javascript
expires: Thu, 23 Nov 2023 15:44:24 GMT
last-modified: Thu, 23 Nov 2023 15:44:24 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
GET uprimp.com/bnr_xload.php?section=General&pub=241468&format=728x90&ga=g&xt=170075426471048&xtt=4446274
200 OK 1.3 kB URL GET HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=241468&format=728x90&ga=g&xt=170075426471048&xtt=4446274
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectbanners.uprimp.com
FingerprintE3:F8:EF:19:02:9A:5A:80:88:66:89:8F:56:EC:DF:E3:FC:59:50:71
ValiditySun, 01 Oct 2023 03:36:12 GMT - Sat, 30 Dec 2023 03:36:11 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1354), with no line terminators
Hash 4dddce571ed61bb8d335e17645fc6896
881e9d50f442d673ca711a94924d656cb10cdfef
84c0f74122c43e20834e6ddbd86636c19ede64d8a5d17ae8b5fde66a834000d0
GET /bnr_xload.php?section=General&pub=241468&format=728x90&ga=g&xt=170075426471048&xtt=4446274 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:24 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 23 Nov 2023 15:44:24 GMT
last-modified: Thu, 23 Nov 2023 15:44:24 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2969584=1; expires=Fri, 24-Nov-2023 05:00:00 GMT; Max-Age=47736; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Fri, 24-Nov-2023 05:00:00 GMT; Max-Age=47736; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None
cpa_673873=728x90_415634931_0; expires=Sat, 23-Dec-2023 15:44:24 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None
X-Firefox-Spdy: h2
GET 1.bp.blogspot.com/-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s300/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg
200 OK 9.6 kB URL GET HTTP/3 1.bp.blogspot.com/-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s300/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 191x146, components 3\012- data
Hash 64b3b3652460b1d705038302376914a6
5f503513978180fc80654bb1b2e5e5711f485062
90fed0866a1f1af0c9a638115e3ce606f412a506ca399e8e7e0e7709adb65348
GET /-Vyzf4JmGf7M/X4210jP5OdI/AAAAAAAAAFk/TtBefuKqAOo-HSD9AkpXValXqu3mJLaTQCLcBGAsYHQ/s300/soin%2Bdes%2Bcheveux%2Bhayati%2Balyawmiya.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5a"
expires: Fri, 24 Nov 2023 15:44:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="soin des cheveux hayati alyawmiya.jpg"
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:44:24 GMT
server: fife
content-length: 9618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET my.rtmark.net/gid.js?userId=j5mi845083qq530254907s6l9yhxx181
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=j5mi845083qq530254907s6l9yhxx181
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e47e244b0ca937cbc9478d69d9fffc00
001d88aec468b4f21ddff88aab4ebfbce72878f2
ede51532a712997fc9eae84bfb9c73fb1aff1684897a48c02a52c0ae317959e0
GET /gid.js?userId=j5mi845083qq530254907s6l9yhxx181 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hayatialyawmiya.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Cookie: ID=36ec6547686e43ed87323b0b327624a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hayatialyawmiya.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=36ec6547686e43ed87323b0b327624a3; expires=Fri, 22 Nov 2024 15:44:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
0 B URL GET ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
IP
Requested by https://uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectylx-i.advertica-cdn2.com
Fingerprint7C:93:9D:F8:EE:CE:92:76:58:F1:1E:7A:3B:AE:C8:96:A7:4D:CD:71
ValiditySat, 14 Oct 2023 09:35:22 GMT - Fri, 12 Jan 2024 09:35:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logo_n_small.png?1480628810 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: image/png
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
etag: W/"58409a4a-631"
expires: Sat, 23 Dec 2023 15:44:25 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
GET qoca.site/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_87769&adApiR=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2001216291633&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
200 OK 659 B URL GET HTTP/2 qoca.site/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_87769&adApiR=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2001216291633&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
IP
ASN #201702 skHosting.eu s.r.o.
Requested by https://uprimp.com/show.php?u61281700754264=true&ad=673873&f=728x90&a=625611&cri=0&s=MmI4OTdiMDg2ZGExNmNhNDUxNjU1YjZiMjAwMzc1ZGQ=&u=241468&si=415634931&di=48296923&ci=16&h=51380d28c7a12a6668c2367789765a42&cc=NO&https=1&useAf=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&ar=aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==
Certificate IssuerLet's Encrypt
Subjectqoca.site
Fingerprint26:10:5F:3B:B0:8C:23:20:58:76:CE:D3:B5:D1:DB:AD:D3:58:D6:05
ValiditySun, 24 Sep 2023 10:11:56 GMT - Sat, 23 Dec 2023 10:11:55 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (669), with no line terminators
Hash 6d2f619f7611507ea13cdd0d4b790d5b
3bdd1c564d6ed7f83dc0fadbf5f3bb08ce87c80d
fb68f5e657871f8043c5cd96a2b8f42643886dd1f959a7e22c0e2c56c2307b6c
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCprAdipkirCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_87769&adApiR=loaded_string_202543b505f4ef77a6ce5d943baa68253e290_2969584_1700754264.4892_22094&refferer=3399823443_aHR0cHM6Ly9oYXlhdGlhbHlhd21peWEuYmxvZ3Nwb3QuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2001216291633&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0= HTTP/1.1
Host: qoca.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uprimp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: text/html; charset=utf-8
set-cookie: total_impressions=1; expires=Fri, 24 Nov 2023 04:59:59 GMT; Max-Age=47734; secure; SameSite=None
used_ad2969584=1; expires=Fri, 24 Nov 2023 04:59:59 GMT; Max-Age=47734; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
GET tzegilo.com/stattag.js
200 OK 19 kB IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A
ValidityThu, 05 Oct 2023 17:59:18 GMT - Wed, 03 Jan 2024 17:59:17 GMT
File type ASCII text, with very long lines (18369)
Hash 89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:25 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FucOrERcbotPvOVkUef2EKsJkJ1JlqMOBuLbrJyiJ7nuNlZPmWaC%2BNW7ZJ1ZRmknoOrhHhHoYftb066mdbJr2FM6wPUZt%2B1gz6na%2FgsBQaasrXjEvA6pOh141AoigQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82aa88916aeb0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
200 OK 9.1 kB URL GET HTTP/3 analytics.eonads.com/?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerLet's Encrypt
Subjecteonads.com
Fingerprint59:12:B0:B2:4E:6D:01:85:06:84:5A:BB:32:15:40:FF:9C:F3:62:B3
ValidityMon, 30 Oct 2023 12:45:31 GMT - Sun, 28 Jan 2024 12:45:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9290), with no line terminators
Hash d2c6e4b4f1d28e0d411f96eb8284bafb
4ecafb86a929e573c639df78e6ec9a2e9244e73b
da09dbf1f909c0c30a20fa61ad620be023093d29a3800231b2e6daed01cb1580
GET /?zoneid=21936&bannerid=825&pageurl=https%3A%2F%2Fhayatialyawmiya.blogspot.com%2FOAID%3Dmeta%3D&referer=&OAID=7e4e48eb76a4295bdac069475754d00a HTTP/1.1
Host: analytics.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 23 Nov 2023 15:44:27 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: noindex, nofollow
expires: Thu, 23 Nov 2023 15:44:27 GMT
cache-control: private, max-age=0
last-modified: Tue, 14 Dec 2021 09:36:52 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2B0wXkUhV5ejPCm9mqUSz9TnOCL%2BASauJOJYDIswloHrl3ZRRqPwtfNHojoZYHxJnSifsTaD4%2FBrkOlHZORUAomv%2B2dGpvLoprz4f%2B0mw9WrcmpP18ACNr34fH074CF7BfNMkhxGuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aa88992b6bb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
200 OK 24 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP
Requested by https://hayatialyawmiya.blogspot.com/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (23577)
Hash 04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hayatialyawmiya.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 23 Nov 2023 15:44:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 36768
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82aa8884ff7b5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
172.217.21.161
185.66.200.127
188.114.97.1
104.21.28.204
139.45.197.245
195.80.159.133
0.0.0.0