8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.250.201.169:443

GET /static/v1/widgets/124887373-widget_css_bundle.css HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.201.169:443

GET /dyn-css/authorization.css?targetBlogID=6222792311730721620&zx=8d0bccab-e3ae-48cf-bdb3-b51b4efc0af7 HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.201.169:443

GET /static/v1/widgets/2403248619-widgets.js HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

151.101.194.137:80

GET /jquery-2.1.1.js HTTP/1.1
Host: code.jquery.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 72985
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
ETag: W/"28feccc0-3c637"
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 15 May 2024 14:21:24 GMT
Age: 2436319
X-Served-By: cache-lga21982-LGA, cache-lcy-eglc8600023-LCY
X-Cache: HIT, HIT
X-Cache-Hits: 15455, 47
X-Timer: S1715782885.532879,VS0,VE0
Vary: Accept-Encoding

8.8.8.8:53

104.68.81.91:80

GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/250/addthis_widget.js
Date: Wed, 15 May 2024 14:21:25 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

104.68.81.91:443

GET /js/250/addthis_widget.js HTTP/2.0
host: s7.addthis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
content-type: text/plain
content-length: 16
server: Oracle API Gateway
strict-transport-security: max-age=31536000
opc-request-id: /29FDDA545D823881F0B41C2B1588E7C3/8E7B0AD92344CA094B42C94977C1BDCD
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
date: Wed, 15 May 2024 14:21:25 GMT
x-distribution: 99
x-host: s7.addthis.com

104.68.81.91:443

GET /js/250/addthis_widget.js HTTP/2.0
host: s7.addthis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
content-type: text/plain
content-length: 16
server: Oracle API Gateway
strict-transport-security: max-age=31536000
opc-request-id: /29FDDA545D823881F0B41C2B1588E7C3/8E7B0AD92344CA094B42C94977C1BDCD
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
date: Wed, 15 May 2024 14:22:17 GMT
x-distribution: 99
x-host: s7.addthis.com

104.68.81.91:443

GET /js/250/addthis_widget.js HTTP/2.0
host: s7.addthis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
content-type: text/plain
content-length: 16
server: Oracle API Gateway
strict-transport-security: max-age=31536000
opc-request-id: /29FDDA545D823881F0B41C2B1588E7C3/8E7B0AD92344CA094B42C94977C1BDCD
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
date: Wed, 15 May 2024 14:23:08 GMT
x-distribution: 99
x-host: s7.addthis.com

216.58.214.170:80

GET /ajax/libs/jqueryui/1.9.2/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 62563
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 05:53:11 GMT
Expires: Sat, 10 May 2025 05:53:11 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 462494
Last-Modified: Fri, 27 Jan 2023 21:54:31 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

13.248.169.48:80

GET /1198561349/relatedimg.js HTTP/1.1
Host: yourjavascript.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 15 May 2024 14:21:26 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.250.75.238:443

GET /js/plusone.js HTTP/2.0
host: apis.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

207.148.248.143:80

GET /wp-content/uploads/2009/08/entrevistaconelvampiro.jpg HTTP/1.1
Host: popdynamite.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 404 Not Found
Date: Wed, 15 May 2024 14:21:21 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.8
Content-Length: 251
Content-Type: text/html; charset=iso-8859-1

96.44.128.98:80

GET /celebs/brad_pitt/images/photo104.jpg HTTP/1.1
Host: icelebz.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 15 May 2024 14:21:26 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 234
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53

142.250.179.97:80

GET /-DME_22Ocj5k/U_jwvZzJS3I/AAAAAAAAAAw/t_5wFfJ_GA4/s1600/Idool.jpg HTTP/1.1
Host: 1.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Idool.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 16201
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:26:14 GMT
Expires: Thu, 16 May 2024 13:26:14 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3312
ETag: "vd"
Content-Type: image/jpeg
Vary: Origin

142.250.179.97:80

GET /-9FCgC3SpZ00/UPMiEedG1VI/AAAAAAAACl0/zLgl3K6_d3I/s1600/arrow_right.gif HTTP/1.1
Host: 1.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="arrow_right.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 62
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:13:19 GMT
Expires: Thu, 16 May 2024 13:13:19 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 4087
ETag: "vb79"
Content-Type: image/gif
Vary: Origin

142.250.179.97:80

GET /-zt3csy2DqGo/U661h1iTakI/AAAAAAAAAFc/v5tUjZIJDHs/s1600/mas-icons.png HTTP/1.1
Host: 1.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="mas-icons.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4650
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:26:36 GMT
Expires: Thu, 16 May 2024 13:26:36 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3310
ETag: "v58"
Content-Type: image/png
Vary: Origin

104.17.145.38:80

GET /content/images/100/originals/100101_diane-kruger-brad-pitt-is-a-pretty-cool-guy.jpg HTTP/1.1
Host: www.accesshollywood.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Date: Wed, 15 May 2024 14:21:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 15 May 2024 15:21:26 GMT
Location: https://www.accesshollywood.com/content/images/100/originals/100101_diane-kruger-brad-pitt-is-a-pretty-cool-guy.jpg
Vary: Accept-Encoding
Set-Cookie: _cfuvid=3RdFhpNZ.OLxXfAnJZH2CROxGjpL7IzELPZ0fu2hygA-1715782886168-0.0.1.1-604800000; path=/; domain=.www.accesshollywood.com; HttpOnly
Server: cloudflare
CF-RAY: 8843c63e681b9550-LHR

96.44.128.98:80

GET /celebs/brad_pitt/images/photo104.jpg HTTP/1.1
Host: icelebz.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 15 May 2024 14:22:18 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 234
Connection: keep-alive

8.8.8.8:53

87.248.114.11:80

GET /eb/ymv/us/img/hv/photo/movie_pix/sundance/sundance_photos/_group_photos/brad_pitt13.jpg HTTP/1.1
Host: l.yimg.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 404 Not Found on Accelerator
Date: Wed, 15 May 2024 14:21:56 GMT
Connection: keep-alive
Server: ATS
Cache-Control: no-store
Content-Type: text/html
Content-Language: en
Content-Length: 4828

104.17.145.38:443

GET /content/images/100/originals/100101_diane-kruger-brad-pitt-is-a-pretty-cool-guy.jpg HTTP/2.0
host: www.accesshollywood.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 404
date: Wed, 15 May 2024 14:21:27 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: MISS
expires: Wed, 15 May 2024 18:21:27 GMT
cache-control: public, max-age=14400
set-cookie: _cfuvid=scDqyfrqdbbxWxRmnn9g.cmWSmKF6diigV.Yfx32.CE-1715782887633-0.0.1.1-604800000; path=/; domain=.www.accesshollywood.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8843c642bf8d949f-LHR
content-encoding: gzip

104.17.145.38:443

GET /content/images/100/originals/100101_diane-kruger-brad-pitt-is-a-pretty-cool-guy.jpg HTTP/2.0
host: www.accesshollywood.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _cfuvid=scDqyfrqdbbxWxRmnn9g.cmWSmKF6diigV.Yfx32.CE-1715782887633-0.0.1.1-604800000

HTTP/2.0 404
date: Wed, 15 May 2024 14:22:18 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: HIT
age: 51
expires: Wed, 15 May 2024 18:22:18 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8843c7838d9e949f-LHR
content-encoding: gzip

104.17.145.38:443

GET /content/images/100/originals/100101_diane-kruger-brad-pitt-is-a-pretty-cool-guy.jpg HTTP/2.0
host: www.accesshollywood.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _cfuvid=scDqyfrqdbbxWxRmnn9g.cmWSmKF6diigV.Yfx32.CE-1715782887633-0.0.1.1-604800000

HTTP/2.0 404
date: Wed, 15 May 2024 14:23:09 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: HIT
age: 102
expires: Wed, 15 May 2024 18:23:09 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8843c8c408d9949f-LHR
content-encoding: gzip

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

172.67.202.7:80

GET /pics/mb/curious_case_of_benjamin_button_arrivals_10_091208/brad_pitt_2210479.jpg HTTP/1.1
Host: www.contactmusic.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Date: Wed, 15 May 2024 14:21:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 15 May 2024 15:21:26 GMT
Location: https://www.contactmusic.com/pics/mb/curious_case_of_benjamin_button_arrivals_10_091208/brad_pitt_2210479.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3XGbW4DH%2Fi7FnJAzX1%2BzFqh2LLWlXmo6bnNG%2F7R4jvZBfRj55FncDyZGs0AnxYAbDfBhhqIKokDibOnQij7QOd%2BmgOpmMwB2jQsash3SjgBiCLJDfRI7qUdLT0RHxnCOWr0UtdHs6g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8843c63f7d2a71b1-LHR
alt-svc: h3=":443"; ma=86400

172.67.137.61:80

GET /images/blog/replicate/EXID26323/images/_celebs_robert_downey_jr_jude_law_in_sherlock_holmes_will_brad_pitt_play_moriarty_in_sequel_imdb.jpg HTTP/1.1
Host: www.examiner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Date: Wed, 15 May 2024 14:21:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 15 May 2024 15:21:26 GMT
Location: https://examiner.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHSVyynCboaDPanNNNlFBUqRIFQWV%2BZJflJinl3aG2zerqoe5D82bhdb4qLsIKTSGc4miqJw40MNx8%2FMwmSh%2FNV2Me2sezJ66vgEuP3cdgqoVD3OWUFcEnrm8NXfZMtRHD3E"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8843c63fbc0a23fc-LHR
alt-svc: h3=":443"; ma=86400

8.8.8.8:53

172.67.202.7:443

GET /pics/mb/curious_case_of_benjamin_button_arrivals_10_091208/brad_pitt_2210479.jpg HTTP/2.0
host: www.contactmusic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:21:26 GMT
content-type: image/jpeg
content-length: 16091
last-modified: Thu, 03 Nov 2016 06:29:08 GMT
etag: W/"581ad934-7839"
server1: 07
cache-control: public, max-age=31536000
x-vcache: MISS
x-cache-host: lb1
x-grace: none
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FjIpUQwlnMQA3jP9C2LL8SXxpPFBaESuyiXKUtTJc69ht5JFuTAV%2BjamKiJybncGi5gsdWbdFZe66Poh5FnUnmy7kNUggihGoOysPC7jRWZNA8JGXAfxLZeWB6Gt9a%2BXy8cwUNHbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8843c642dd929479-LHR
alt-svc: h3=":443"; ma=86400

23.63.101.171:80

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

HTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Wed, 15 May 2024 15:21:26 GMT
Date: Wed, 15 May 2024 14:21:26 GMT
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.250.179.97:80

GET /-tk5hQcNMq6M/T8zPEwjH-RI/AAAAAAAAGm0/t8xkrJitkxg/s1600/batas.gif HTTP/1.1
Host: 4.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="batas.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 35
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:26:15 GMT
Expires: Thu, 16 May 2024 13:26:15 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3311
ETag: "v2965"
Content-Type: image/gif
Vary: Origin

142.250.179.97:80

GET /_J72kqNm6kxI/TQdAOpXs--I/AAAAAAAADm4/57zohnqHK9s/s72-c/66.jpg HTTP/1.1
Host: 4.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="66.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4169
X-XSS-Protection: 0
Date: Wed, 15 May 2024 14:21:21 GMT
Expires: Thu, 16 May 2024 14:21:21 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ve6e"
Content-Type: image/jpeg
Vary: Origin
Age: 6

8.8.8.8:53

172.67.137.61:443

GET / HTTP/2.0
host: examiner.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:21:26 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=31536000, max-age=60
cache-control: max-age=0
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
vary: X-Forwarded-Proto,Accept-Encoding
expires: Wed, 15 May 2024 14:00:56 GMT
last-modified: Wed, 15 May 2024 14:00:58 GMT
cf-cache-status: HIT
age: 530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35ntG6Wa37jkLiGSeb1c6jkNmvM75A7AXLj85jMG%2B6XJ3x1LaaQJSgK3c7wUL8vR3x533dBmRKyqOf73FcNY1vadgkXgLZkQZD%2BmSHJ0SpVT1JZXd6FkVRX7EKv%2FIko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8843c641eea552dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

172.67.137.61:443

GET / HTTP/2.0
host: examiner.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:22:18 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=31536000, max-age=60
cache-control: max-age=0
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
vary: X-Forwarded-Proto,Accept-Encoding
expires: Wed, 15 May 2024 14:00:56 GMT
last-modified: Wed, 15 May 2024 14:00:58 GMT
cf-cache-status: HIT
age: 582
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQ8tiaDaKI%2FWO1wvr5fXdWmw1JqY%2F3l0MsiKBwyei2vqRBX%2BtsYmEPOu89jXQsaqVFxp5%2BSVTQ%2FITLbkdScCM5yKC2aW1ZHe%2BUbJRUxM%2By6aTpddT0rNi8MvXh9e0rM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8843c785ecee52dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

172.67.137.61:443

GET / HTTP/2.0
host: examiner.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:23:09 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=31536000, max-age=60
cache-control: max-age=0
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
vary: X-Forwarded-Proto,Accept-Encoding
expires: Wed, 15 May 2024 14:00:56 GMT
last-modified: Wed, 15 May 2024 14:00:58 GMT
cf-cache-status: HIT
age: 633
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khO2dUZdSxcDdlqw2m8xSeLifRhtAHvD7xcMDft7iVQSkA6h6JgX9eGO2bJH7xylqNAKuu60bXYwMl2KqiA8gURL1wIOFFz0zArTR68aNSn2QtAt1Ua8b16AbJWZh7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8843c8c3089952dc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

13.248.169.48:80

GET /picture-movies/img/brad_pitt_01.jpg HTTP/1.1
Host: www.logoi.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 15 May 2024 14:21:26 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

35.190.80.1:443

OPTIONS /report/v4?s=35ntG6Wa37jkLiGSeb1c6jkNmvM75A7AXLj85jMG%2B6XJ3x1LaaQJSgK3c7wUL8vR3x533dBmRKyqOf73FcNY1vadgkXgLZkQZD%2BmSHJ0SpVT1JZXd6FkVRX7EKv%2FIko%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://examiner.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.179.97:80

GET /_sFVJAoIEj7Q/ShBvGxRF_UI/AAAAAAAAA0U/6yuCtK9QhUg/s72-c/April%2B4th-11th%2B(Disney%2B%2526%2BAZ)%2B281.jpg HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="April 4th-11th (Disney & AZ) 281.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4240
X-XSS-Protection: 0
Date: Wed, 15 May 2024 14:21:22 GMT
Expires: Thu, 16 May 2024 14:21:22 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v345"
Content-Type: image/jpeg
Vary: Origin
Age: 4

142.250.179.97:80

GET /_uUR1DUyvNT4/TGEwsoWVXpI/AAAAAAAAApM/si0JO9bKflY/s72-c/1024x768_Cristiano_Ronaldo114.jpg HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1024x768_Cristiano_Ronaldo114.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2345
X-XSS-Protection: 0
Date: Wed, 15 May 2024 14:21:22 GMT
Expires: Thu, 16 May 2024 14:21:22 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v293"
Content-Type: image/jpeg
Vary: Origin
Age: 4

142.250.179.97:80

GET /_TBcauS9eBC8/S3I4VwpXWXI/AAAAAAAAAA0/LxLLFkjeKKY/s72-c/Megan%2BFox%27s%2BThumb.jpg HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Megan Fox's Thumb.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2654
X-XSS-Protection: 0
Date: Wed, 15 May 2024 14:21:22 GMT
Expires: Thu, 16 May 2024 14:21:22 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vd"
Content-Type: image/jpeg
Vary: Origin
Age: 5

142.250.179.97:80

GET /-4exOr_Q6AZQ/U_jywJHAMKI/AAAAAAAAAA8/mOyb16MU0kg/s728/pikachu%2BIdool.gif HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="pikachu Idool.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4927
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:26:37 GMT
Expires: Thu, 16 May 2024 13:26:37 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3312
ETag: "v10"
Content-Type: image/gif
Vary: Origin

142.250.179.97:80

GET /-4exOr_Q6AZQ/U_jywJHAMKI/AAAAAAAAAA8/mOyb16MU0kg/s728/pikachu%2BIdool.gif HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="pikachu Idool.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4927
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:26:37 GMT
Expires: Thu, 16 May 2024 13:26:37 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3362
ETag: "v10"
Content-Type: image/gif
Vary: Origin

142.250.179.97:80

GET /-4exOr_Q6AZQ/U_jywJHAMKI/AAAAAAAAAA8/mOyb16MU0kg/s728/pikachu%2BIdool.gif HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="pikachu Idool.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4927
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:26:37 GMT
Expires: Thu, 16 May 2024 13:26:37 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3414
ETag: "v10"
Content-Type: image/gif
Vary: Origin

142.250.201.169:443

GET /img/icon18_wrench_allbkg.png HTTP/2.0
host: resources.blogblog.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

142.250.74.225:443

GET /proxy/94YU0cix385sd8L6NFYKU-BuV_r57xFOTgnvOxJmh8URdQYsz-nFmzIZ905JQ7PVeKi3TtVEiMorCXPUu5frgrmTW5PBRgyQ7EEH7DB6KuZ4j0M5IbRnyIucaw HTTP/2.0
host: lh6.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.74.225:443

GET /proxy/JYdh6GpW3fRoGObXogQTF834LmZhEmNyYM0xF7OjjF6X3sQzLRudHQcLGm6xgOm3MzmjWfeoC09R1iQX7vHocAOLSig0cA HTTP/2.0
host: lh6.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.74.225:443

GET /proxy/OZ4KqtZNnQjgp5-z3HJL3IqXvrpYl4PqN702OBN9ZrBtkv4u_y4ef4rrPm5ZDpBKu6ozqIe23nv4 HTTP/2.0
host: lh6.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.74.225:443

GET /proxy/OZ4KqtZNnQjgp5-z3HJL3IqXvrpYl4PqN702OBN9ZrBtkv4u_y4ef4rrPm5ZDpBKu6ozqIe23nv4 HTTP/2.0
host: lh6.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

142.250.74.225:443

GET /proxy/JYdh6GpW3fRoGObXogQTF834LmZhEmNyYM0xF7OjjF6X3sQzLRudHQcLGm6xgOm3MzmjWfeoC09R1iQX7vHocAOLSig0cA HTTP/2.0
host: lh6.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

188.114.96.2:80

GET /nextraimages/jesse-james-movie.jpg HTTP/1.1
Host: www.empiremovies.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Date: Wed, 15 May 2024 14:21:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.empiremovies.com/nextraimages/jesse-james-movie.jpg
Cache-Control: max-age=691200
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9MgDtPKVFegNtvVvWmGpfBSyBjKXpg0t1BNaksIZETdM%2F1%2FDTSQGMoYI6wq%2BJVJG7ndaUlohrxBu93%2B5Bi9LF%2FOJ6qa9OHqDrqsjacP%2BhviXM%2Bd0JwQD6ozHNNXK2QUDElBC0TCpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8843c643b850773b-LHR
alt-svc: h3=":443"; ma=86400

173.194.69.84:443

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D6222792311730721620%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaBjAwMDAwMCIGMDAwMDAwKgZGRkZGRkYyBjAwMDAwMDoGMDAwMDAwQgYwMDAwMDBKBjAwMDAwMFIGRkZGRkZGWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26postID%3D6547893887496441693%26origin%3Dhttp://realmadridvsbarcelonawalpaper.blogspot.com.es/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.JisoxTPHVRs.O/am%253DAAAC/d%253D1/rs%253DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D6222792311730721620%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaBjAwMDAwMCIGMDAwMDAwKgZGRkZGRkYyBjAwMDAwMDoGMDAwMDAwQgYwMDAwMDBKBjAwMDAwMFIGRkZGRkZGWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26postID%3D6547893887496441693%26origin%3Dhttp://realmadridvsbarcelonawalpaper.blogspot.com.es/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.JisoxTPHVRs.O/am%253DAAAC/d%253D1/rs%253DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/m%253D__features__%26bpli%3D1&go=true HTTP/2.0
host: accounts.google.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

173.194.69.84:443

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D6222792311730721620%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaBjAwMDAwMCIGMDAwMDAwKgZGRkZGRkYyBjAwMDAwMDoGMDAwMDAwQgYwMDAwMDBKBjAwMDAwMFIGRkZGRkZGWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26postID%3D6547893887496441693%26origin%3Dhttp://realmadridvsbarcelonawalpaper.blogspot.com.es/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.JisoxTPHVRs.O/am%253DAAAC/d%253D1/rs%253DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D6222792311730721620%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaBjAwMDAwMCIGMDAwMDAwKgZGRkZGRkYyBjAwMDAwMDoGMDAwMDAwQgYwMDAwMDBKBjAwMDAwMFIGRkZGRkZGWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26postID%3D6547893887496441693%26origin%3Dhttp://realmadridvsbarcelonawalpaper.blogspot.com.es/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.JisoxTPHVRs.O/am%253DAAAC/d%253D1/rs%253DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/m%253D__features__%26bpli%3D1&go=true HTTP/2.0
host: accounts.google.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

142.250.179.97:80

GET /_HhrHxf343-Y/S88nDh1i7AI/AAAAAAABMtw/LcYerFrpP7s/s72-c/n34628470358_1655038_5602_atenas.jpg HTTP/1.1
Host: 2.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="n34628470358_1655038_5602_atenas.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4315
X-XSS-Protection: 0
Date: Wed, 15 May 2024 14:21:21 GMT
Expires: Thu, 16 May 2024 14:21:21 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v132dc"
Content-Type: image/jpeg
Vary: Origin
Age: 6

142.250.179.97:80

GET /_iahfAGFVUy0/SbHE4q5QxUI/AAAAAAAAAWc/P-RsO_syPxY/s72-c/Danica%252BSI%252BCobra%252B16.jpg HTTP/1.1
Host: 2.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Danica SI Cobra 16.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3218
X-XSS-Protection: 0
Date: Wed, 15 May 2024 14:21:21 GMT
Expires: Thu, 16 May 2024 14:21:21 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v167"
Content-Type: image/jpeg
Vary: Origin
Age: 6

142.250.179.97:80

GET /-QB-QrnRTSJI/UPMiEYKozJI/AAAAAAAAClw/ieBOFWLIqlM/s1600/arrow_down.gif HTTP/1.1
Host: 2.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="arrow_down.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 56
X-XSS-Protection: 0
Date: Wed, 15 May 2024 13:26:36 GMT
Expires: Thu, 16 May 2024 13:26:36 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3310
ETag: "vb99"
Content-Type: image/gif
Vary: Origin

188.114.96.2:443

GET /nextraimages/jesse-james-movie.jpg HTTP/2.0
host: www.empiremovies.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 301
date: Wed, 15 May 2024 14:21:27 GMT
content-type: text/html; charset=UTF-8
location: https://empiremovies.com
x-powered-by: PHP/7.4.33
x-powered-by: PleskLin
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=691200, must-revalidate
vary: Accept-Encoding
x-cache-status: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4W5GF5eYsc%2BQveMJFz9Hb%2BWE3%2BxrKH5r4%2FljKSPfeFRtTB7A150xiFLmd%2FAmdsOYXuJZ%2B9oVTR7N0%2FzBNsPRMMeYj5kj0c7%2B37tKnCUp0Bc29PGe7WJ8PxqgPmAJkISHMbVhLvk0Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8843c646bc8463d5-LHR
alt-svc: h3=":443"; ma=86400

188.114.96.2:443

GET / HTTP/2.0
host: empiremovies.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:21:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
x-powered-by: PleskLin
last-modified: Tue, 14 May 2024 14:06:24 GMT
cache-control: max-age=0
expires: Wed, 15 May 2024 14:21:28 GMT
vary: Accept-Encoding
x-cache-status: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24MPbyJ7a56mz75H8j1lNCU8cPJFA2JOO9P3O0fQ9PRlfXEvJCGSSuX82lljobG3IMyP2DiJuW35IBZ4%2BosUWDO5Xt3z1CcB4Aa9BOTGA8WrhPYUil6kMCnIjaDYgecWd0qj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8843c64a594863d5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.96.2:443

GET / HTTP/2.0
host: empiremovies.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:22:18 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
x-powered-by: PleskLin
last-modified: Tue, 14 May 2024 14:06:24 GMT
cache-control: max-age=0
expires: Wed, 15 May 2024 14:22:18 GMT
vary: Accept-Encoding
x-cache-status: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RhM1y%2BsshPCu4fSZo8rS3XevTWL%2BWE7eXrkqrPvCR5WCs4AnvdlImiq5XvknkgvuXpHoF0yURDn8G4dJ%2BIztfwy8I3G2O0Bnh%2BUmSTfB4pqmEiWzlNTyTGgZ3dDSR%2BTt70Xm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8843c7839a7963d5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

188.114.96.2:443

GET / HTTP/2.0
host: empiremovies.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:23:09 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
x-powered-by: PleskLin
last-modified: Tue, 14 May 2024 14:06:24 GMT
cache-control: max-age=0
expires: Wed, 15 May 2024 14:23:09 GMT
vary: Accept-Encoding
x-cache-status: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2VY5%2BS6cV%2BewGr8c3obAA1yw11%2FIT6%2BDZFuvDmwPbWp7ubuEjTxs0Ie7bXgozbynyrWs7NAaYy4AzlkSh1Ap64Pm3pm%2BLpLb6I8CQeAQ%2F1vKtnaGSDksSk%2Fg%2FihpTQoQjcnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8843c8c40f7063d5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

104.21.39.86:80

GET /wp-content/uploads/2010/02/snatch.jpg HTTP/1.1
Host: www.moviemobsters.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Date: Wed, 15 May 2024 14:21:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.moviemobsters.com/wp-content/uploads/2010/02/snatch.jpg
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Ud8n7iw8lkG%2F3pjcWZ%2F04b6B6rKSt00HJqvGt9Li7N0ScRNja2afe3oaQI%2BtZNy43uBx16Nn%2FO0A7iLV9mJauP3h9hbTDyaTKQsrIMiJxZP4ZYiOryVy9cfxEe3UEPnrFBFJTPczjU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8843c645ef4b94b7-LHR
alt-svc: h3=":443"; ma=86400

104.21.39.86:443

GET /wp-content/uploads/2010/02/snatch.jpg HTTP/2.0
host: www.moviemobsters.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 301
date: Wed, 15 May 2024 14:21:27 GMT
content-type: text/html; charset=UTF-8
location: https://moviemobsters.com/wp-content/uploads/2010/02/snatch.jpg
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NY%2FiX1hDO0ZE7BtMlVJ2G%2Bd%2F6gK3FcKONM5RIWRZHgq7QNnOjguIMrFgnuaSE6%2B9PttpfRlP5AIJ0rHqQjYs24gbUS5OR4T8dKmpJ2SOa1Aony%2F1wUSVIqGCHz98OLy4ymAw5yJ%2Bopc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8843c6470c9c3691-LHR
alt-svc: h3=":443"; ma=86400

104.21.39.86:443

GET /wp-content/uploads/2010/02/snatch.jpg HTTP/2.0
host: moviemobsters.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Wed, 15 May 2024 14:21:27 GMT
content-type: image/png
cache-control: public, max-age=2592000
etag: "5fa23ea9f65e3a772b747fa0e6234308"
strict-transport-security: max-age=31536000;
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnkezSr4P%2BNzsi3z3KQng2gC%2BmFL%2BFcgyUobSOimta7U5lVsJwYNYvXbdnMW%2FNA6oRIrH05tOZRsLBts92yl6aNz2k1QhaykFCBWexV9lPoQ2WLgK2tqQ9BuSLyCchte0iPHiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8843c6488eb53691-LHR
alt-svc: h3=":443"; ma=86400

8.8.8.8:53

204.79.197.237:443

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3DFDF7CAE0BE6100265AE34AE15E6032; domain=.bing.com; expires=Mon, 09-Jun-2025 14:21:27 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA9E7C15991545E79B62F92E813E5A90 Ref B: LON04EDGE1209 Ref C: 2024-05-15T14:21:27Z
date: Wed, 15 May 2024 14:21:27 GMT

204.79.197.237:443

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3DFDF7CAE0BE6100265AE34AE15E6032; _EDGE_S=SID=013FBDC531B76CC23BDFA94530B16D4C

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=V1oBdST_AB27gYZYhZC58tzw_2_tz9e8_nirR0G2u_Y; domain=.bing.com; expires=Mon, 09-Jun-2025 14:21:30 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7663817372F4809B574660686BA71B1 Ref B: LON04EDGE1209 Ref C: 2024-05-15T14:21:30Z
date: Wed, 15 May 2024 14:21:30 GMT

8.8.8.8:53

8.8.8.8:53

23.62.61.138:443

GET /aes/c.gif?RG=c524645740b140d79ce6096bfcdd5470&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134332Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893 HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3DFDF7CAE0BE6100265AE34AE15E6032

HTTP/2.0 200
cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B798006FB0564C8CA676461C0CAAEC5F Ref B: LON212050701023 Ref C: 2024-05-15T14:21:29Z
content-length: 0
date: Wed, 15 May 2024 14:21:30 GMT
set-cookie: _EDGE_S=SID=013FBDC531B76CC23BDFA94530B16D4C; path=/; httponly; domain=bing.com
set-cookie: MUIDB=3DFDF7CAE0BE6100265AE34AE15E6032; path=/; httponly; expires=Mon, 09-Jun-2025 14:21:30 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.863d3e17.1715782889.11bacbd8

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

13.248.169.48:80

GET /1198561349/relatedimg.js HTTP/1.1
Host: yourjavascript.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 15 May 2024 14:22:18 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive

8.8.8.8:53