travinhngaymoi.blogspot.kr/
142.250.74.161302 Moved Temporarily 181 B URL HTTP/1.1 travinhngaymoi.blogspot.kr/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4661cb5c08fb645a457b951a38f4b55c
90d98e5913595a74dc46fcb7bf26700539dc679b
95f7ff79e18bfd100a6ec8739fb15483e40cfab504d193c4a11dc833ef2008ef
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: travinhngaymoi.blogspot.kr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://travinhngaymoi.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 24 Nov 2022 05:59:10 GMT
Expires: Thu, 24 Nov 2022 05:59:10 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 181
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3772
Expires: Thu, 24 Nov 2022 07:02:02 GMT
Date: Thu, 24 Nov 2022 05:59:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6428
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:10 GMT
Last-Modified: Thu, 24 Nov 2022 04:12:02 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4529
Expires: Thu, 24 Nov 2022 07:14:39 GMT
Date: Thu, 24 Nov 2022 05:59:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 05:18:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2414
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uK8wp0XF9QCvcMsE3O3JbYPWKBYj6yeHIXEXZ1vDcBAJRpzMgZiqk2sv4oOa2a+960HSeQyOusg=
x-amz-request-id: 9AE9KAWD2MC6R9VV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 05:43:17 GMT
age: 953
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:59:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
travinhngaymoi.blogspot.com/
142.250.74.161200 OK 46 kB URL HTTP/1.1 travinhngaymoi.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24589)
Hash c0616f09824e763a777dde5defd80288
69f45dbeeb8070087654f4fd09e9a5bda8844005
b22dbbf9ed351d3764a0b414224ca1c579edfe82d4ab2864fbcf53afef90dc70
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: travinhngaymoi.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 24 Nov 2022 05:59:10 GMT
Date: Thu, 24 Nov 2022 05:59:10 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 21 Nov 2022 12:23:10 GMT
ETag: W/"8f95ae3d9597115c1d42a4750d8b40a1e4bb20ccaeb0480f7e283c4c6fea09fa"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 45917
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 120392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travinhngaymoi.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 travinhngaymoi.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: travinhngaymoi.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 24 Nov 2022 05:59:10 GMT
Expires: Thu, 01 Dec 2022 05:59:10 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 24 Nov 2022 00:53:02 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ajax.googleapis.com/ajax/libs/mootools/1.3.1/mootools-yui-compressed.js
142.250.74.42200 OK 88 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/mootools/1.3.1/mootools-yui-compressed.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (889)
Hash db755e0f865877dd0ae47a55b6039204
fe91b37266d1cdb4b4f51297f69326e271704f35
aefc79031c1cb04fed78f296150c4c60730de2b99b4fde2f0c0682ae86f52849
GET /ajax/libs/mootools/1.3.1/mootools-yui-compressed.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 88496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 21:20:15 GMT
expires: Wed, 22 Nov 2023 21:20:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 117535
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 223027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/1.1 www.blogger.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 162
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 14:42:30 GMT
Expires: Tue, 29 Nov 2022 14:42:30 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 21 Nov 2022 19:52:12 GMT
Content-Type: image/gif
Age: 141400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://travinhngaymoi.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116325
date: Thu, 24 Nov 2022 05:59:11 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Thu, 24 Nov 2022 04:22:55 GMT
Expires: Thu, 24 Nov 2022 06:22:55 GMT
Cache-Control: public, max-age=7200
Age: 5776
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fyeuphache&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=30
157.240.200.35301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fyeuphache&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=30
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fyeuphache&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=30 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fyeuphache&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=30
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 24 Nov 2022 05:59:11 GMT
Connection: keep-alive
Content-Length: 0
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123308 Permanent Redirect 4.4 kB URL HTTP/1.1 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type gzip compressed data, from Unix\012- data
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/250/addthis_widget.js
Date: Thu, 24 Nov 2022 05:59:10 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
nangngucnoisoiodaudep.files.wordpress.com/2015/08/dat-tui-nguc-giot-nuoc-gia-bao-nhieu-tien-tai-sai-gon.jpg?w=736
192.0.72.22200 OK 21 kB URL HTTP/2 nangngucnoisoiodaudep.files.wordpress.com/2015/08/dat-tui-nguc-giot-nuoc-gia-bao-nhieu-tien-tai-sai-gon.jpg?w=736
IP 192.0.72.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5633f65a3567643a56fac308d42dcc6e
1c50cf43f3a2aeca5dbfc7d1c2ea110a39a6ab41
04dd8042e6d7493a835419d0ee8d048e550e9fd4a5c44532c7810e85b83cb455
GET /2015/08/dat-tui-nguc-giot-nuoc-gia-bao-nhieu-tien-tai-sai-gon.jpg?w=736 HTTP/1.1
Host: nangngucnoisoiodaudep.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:59:11 GMT
content-type: image/webp
content-length: 21268
last-modified: Mon, 17 Aug 2015 04:29:13 GMT
expires: Thu, 22 Dec 2022 19:06:29 GMT
x-orig-src: 0_imageresize
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://nangngucnoisoiodaudep.wordpress.com
vary: Accept, Origin
x-nc: MISS arn 22 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 3018
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 186f5295f578dc81663537fd23a898a8
212cd5caaa9d44817996854d067e7a4eae843a56
01a37259454aef3bf6436eeac239313c9bb17f58337ad0070c7784f154069e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-UyHxN661gNw/Th6JPvcAy-I/AAAAAAAACUE/XQdkDFnYRqc/s000/date.png
142.250.74.161200 OK 641 B URL HTTP/1.1 3.bp.blogspot.com/-UyHxN661gNw/Th6JPvcAy-I/AAAAAAAACUE/XQdkDFnYRqc/s000/date.png
IP 142.250.74.161:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash e0bbc640485317fcb28443af42aceb57
a4e54082f2fdfae2bf4e6bed20f8a697760e8885
1c015d9812b5fb20146bcd98b65379e01d24bf32f75b59bef53efec1516b0b7a
GET /-UyHxN661gNw/Th6JPvcAy-I/AAAAAAAACUE/XQdkDFnYRqc/s000/date.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v941"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="date.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 641
X-XSS-Protection: 0
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 24 Nov 2022 05:59:11 GMT
expires: Thu, 24 Nov 2022 05:59:11 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nangngucnoisoiodaudep.files.wordpress.com/2015/08/hien-nay-nen-dat-tui-nang-nguc-noi-soi-loai-nao-tot-nhat.jpg?w=736
192.0.72.22200 OK 110 kB URL HTTP/2 nangngucnoisoiodaudep.files.wordpress.com/2015/08/hien-nay-nen-dat-tui-nang-nguc-noi-soi-loai-nao-tot-nhat.jpg?w=736
IP 192.0.72.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 110 kB (110494 bytes)
Hash 4521dd3ec10475efc1b62d61e0eb5166
d29f2839088a8cea63f273233351a46206eec7ea
31557cce69cc336901e257a36a35aeafe5cb1bdcaee400c7463b0ca1c30efa7f
GET /2015/08/hien-nay-nen-dat-tui-nang-nguc-noi-soi-loai-nao-tot-nhat.jpg?w=736 HTTP/1.1
Host: nangngucnoisoiodaudep.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:59:11 GMT
content-type: image/webp
content-length: 110494
last-modified: Mon, 17 Aug 2015 04:51:48 GMT
expires: Fri, 23 Dec 2022 01:48:04 GMT
x-orig-src: 0_imageresize
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://nangngucnoisoiodaudep.wordpress.com
vary: Accept, Origin
x-nc: MISS arn 22 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
1.bp.blogspot.com/-4j8UeSsW4Ek/Th6JKASf3KI/AAAAAAAACTk/HhHLx6bvylQ/s000/rss.png
142.250.74.161200 OK 2.1 kB URL HTTP/1.1 1.bp.blogspot.com/-4j8UeSsW4Ek/Th6JKASf3KI/AAAAAAAACTk/HhHLx6bvylQ/s000/rss.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7357ca0a8337f4c4502ea5e17f948202
834a0e62f8c3237f8bc93a4eaa7565e91fca9cec
ac4adc358f1ca0726173a53ca7b8de34eae8c1bd1908575d998e2e10c214c6c6
GET /-4j8UeSsW4Ek/Th6JKASf3KI/AAAAAAAACTk/HhHLx6bvylQ/s000/rss.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rss.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2074
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:03 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v939"
Content-Type: image/png
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-UFjrKJN9wEI/Th6JTCY71rI/AAAAAAAACUo/ezqo_5rOqcQ/s000/favorites.png
142.250.74.161200 OK 2.2 kB URL HTTP/1.1 4.bp.blogspot.com/-UFjrKJN9wEI/Th6JTCY71rI/AAAAAAAACUo/ezqo_5rOqcQ/s000/favorites.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b3e0c489a47159d3a251dcb1ed5638dd
d6e46c060019bc4517407bdc99875990b6a8db03
b51893d311ce829dacffdb62d7fa7a64aba83928f33ca2b77398845c3495cf37
GET /-UFjrKJN9wEI/Th6JTCY71rI/AAAAAAAACUo/ezqo_5rOqcQ/s000/favorites.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="favorites.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2186
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:03 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v94a"
Content-Type: image/png
Age: 0
2.bp.blogspot.com/-IvTHME3NQCw/Th6JTz-y9LI/AAAAAAAACUs/1W4IT3ytuf4/s000/more.png
142.250.74.161200 OK 1.7 kB URL HTTP/1.1 2.bp.blogspot.com/-IvTHME3NQCw/Th6JTz-y9LI/AAAAAAAACUs/1W4IT3ytuf4/s000/more.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c1a152b0c68e169a6ec0652a5785226
c380e54e1c826345c9afdbd675fe0df49a95b4f9
afb8d9e4a7618e0452e40ea9435a3cfaf09826a9ac19dfdc7d238188ccc31ace
GET /-IvTHME3NQCw/Th6JTz-y9LI/AAAAAAAACUs/1W4IT3ytuf4/s000/more.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v94b"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="more.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 1702
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=119193
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 15:05:44 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
3.bp.blogspot.com/-eqsnTJGmTQs/Th6JROHvUdI/AAAAAAAACUU/oRrlpKxd50s/s000/twitter.png
142.250.74.161200 OK 2.2 kB URL HTTP/1.1 3.bp.blogspot.com/-eqsnTJGmTQs/Th6JROHvUdI/AAAAAAAACUU/oRrlpKxd50s/s000/twitter.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash dec38fa8b5499c06db10f57958f65d16
638e60b7f5a478bfb5af6b11a4597829065d1878
855572fd9a44d1353d02b27d744a0cb3c7a99377fe51036f7716fe2dbeb9e7f7
GET /-eqsnTJGmTQs/Th6JROHvUdI/AAAAAAAACUU/oRrlpKxd50s/s000/twitter.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="twitter.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2200
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:03 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v945"
Content-Type: image/png
Age: 0
2.bp.blogspot.com/-ia-2qcplHqY/Th6JRVaasdI/AAAAAAAACUY/qOZCDamv3Wk/s000/delicious.png
142.250.74.161200 OK 2.1 kB URL HTTP/1.1 2.bp.blogspot.com/-ia-2qcplHqY/Th6JRVaasdI/AAAAAAAACUY/qOZCDamv3Wk/s000/delicious.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 80b94a8ea1fa2ab62470ab2ecf43033b
3fb74a4144c6dd8d1156b8c9d34a01869d827cc1
be4bdd8e482c11523241eef5b0ef9c379c78a3e8df066cb03c2bc0bfb90b934a
GET /-ia-2qcplHqY/Th6JRVaasdI/AAAAAAAACUY/qOZCDamv3Wk/s000/delicious.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v946"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="delicious.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 2058
X-XSS-Protection: 0
3.bp.blogspot.com/--snle1soBPw/Th6JSe4IDCI/AAAAAAAACUg/Zv3t2ZKsWfE/s000/digg.png
142.250.74.161200 OK 2.4 kB URL HTTP/1.1 3.bp.blogspot.com/--snle1soBPw/Th6JSe4IDCI/AAAAAAAACUg/Zv3t2ZKsWfE/s000/digg.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e342d4515639b4dd2811b2a45d2be92
e7d3e6c6d17d8956c8378425dea10be3f4391a95
8a9491155e3b1faf66014ad3b618bfa1a22a928fdcbc5e3fb3ebfc516af76880
GET /--snle1soBPw/Th6JSe4IDCI/AAAAAAAACUg/Zv3t2ZKsWfE/s000/digg.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="digg.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2383
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:03 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v948"
Content-Type: image/png
Age: 0
1.bp.blogspot.com/-ZllVMUGmtMs/Th6JQGQh1BI/AAAAAAAACUI/dhCpre3pkDg/s000/user.png
142.250.74.161200 OK 834 B URL HTTP/1.1 1.bp.blogspot.com/-ZllVMUGmtMs/Th6JQGQh1BI/AAAAAAAACUI/dhCpre3pkDg/s000/user.png
IP 142.250.74.161:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c1d790d51b1e3880becf06359bb325c7
53e2f32af5c700198dd31ce3fd92af82fc65f4f3
16a8adf656f785ffff0229e8cfeb311d0122e7e8350a2af88307485adaa75960
GET /-ZllVMUGmtMs/Th6JQGQh1BI/AAAAAAAACUI/dhCpre3pkDg/s000/user.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="user.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 834
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:02 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v942"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-Ev0PQZ6dT5g/Th6JK6sr0lI/AAAAAAAACTo/HNNs_8A2jI4/s000/twitter.png
142.250.74.161200 OK 2.1 kB URL HTTP/1.1 4.bp.blogspot.com/-Ev0PQZ6dT5g/Th6JK6sr0lI/AAAAAAAACTo/HNNs_8A2jI4/s000/twitter.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 793bc3d6df8c330f28f1e6b6ad2de452
922b5f3ffd328f2697398f43aa6a1c6d320fd88a
4049626e5ea425050a82f50d7ca134fd3e3280ec65e343bbaef89458143ad1f1
GET /-Ev0PQZ6dT5g/Th6JK6sr0lI/AAAAAAAACTo/HNNs_8A2jI4/s000/twitter.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v93a"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="twitter.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 2094
X-XSS-Protection: 0
3.bp.blogspot.com/-JLdHOb-RsZI/Th6JSuavgRI/AAAAAAAACUk/dPNAhyew7kE/s000/stumbleupon.png
142.250.74.161200 OK 2.4 kB URL HTTP/1.1 3.bp.blogspot.com/-JLdHOb-RsZI/Th6JSuavgRI/AAAAAAAACUk/dPNAhyew7kE/s000/stumbleupon.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash bbd81c0bf45e80f070d02d043cc44455
24239535232466734b5023d4255144f81969a86f
ddbd60df6ab3cb39c82a8c48680b433d2b4d17a086ac33cffd4bc18579ee22fe
GET /-JLdHOb-RsZI/Th6JSuavgRI/AAAAAAAACUk/dPNAhyew7kE/s000/stumbleupon.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v949"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="stumbleupon.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 2379
X-XSS-Protection: 0
1.bp.blogspot.com/-jw0nkYWWh9c/Th6JRpl5Y-I/AAAAAAAACUc/VIBzbDbJ32M/s000/facebook.png
142.250.74.161200 OK 2.3 kB URL HTTP/1.1 1.bp.blogspot.com/-jw0nkYWWh9c/Th6JRpl5Y-I/AAAAAAAACUc/VIBzbDbJ32M/s000/facebook.png
IP 142.250.74.161:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 36fe2e292f83b53b140926d400c26011
df33e0f34ef018385ed430c0839e6c8f2f32624d
59ba64c43422cb4527d11182cfc5bc78252affcfde7b8458bf9cbfbb1c594e0a
GET /-jw0nkYWWh9c/Th6JRpl5Y-I/AAAAAAAACUc/VIBzbDbJ32M/s000/facebook.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="facebook.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2269
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:03 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v947"
Content-Type: image/png
Age: 0
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fyeuphache&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=30
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fyeuphache&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=30
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fyeuphache&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=30 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://travinhngaymoi.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: kV/tF0EzB9ER6AzENLDEkCgSOnAUPeRL8qdI93IOyj0DioKF698IWGHzzbuqn+OGeRY6P5AYES6SpMkqJyyfbQ==
content-length: 0
date: Thu, 24 Nov 2022 05:59:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
2.bp.blogspot.com/-UsxkgBpl0W4/UGv4hXWXbPI/AAAAAAAAOuM/rOeOdaZQ3vY/s1600/logotravinh.png
142.250.74.161200 OK 27 kB URL HTTP/1.1 2.bp.blogspot.com/-UsxkgBpl0W4/UGv4hXWXbPI/AAAAAAAAOuM/rOeOdaZQ3vY/s1600/logotravinh.png
IP 142.250.74.161:0
File type PNG image data, 400 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 81cb8f01fb3129d8f109b1cb64518cbc
ddfa492c08b8a49758d7eff37d60d93f6578b5fc
831c644aa818739eec5fa3af381f49e8c931d67ed1c14f92b8c62028ac6fa826
GET /-UsxkgBpl0W4/UGv4hXWXbPI/AAAAAAAAOuM/rOeOdaZQ3vY/s1600/logotravinh.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3ae3"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="logotravinh.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 27197
X-XSS-Protection: 0
2.bp.blogspot.com/-_bJZkmHQSjo/Th6JQYVJaOI/AAAAAAAACUM/aTwI2TJ0ScE/s000/comments.png
142.250.74.161200 OK 510 B URL HTTP/1.1 2.bp.blogspot.com/-_bJZkmHQSjo/Th6JQYVJaOI/AAAAAAAACUM/aTwI2TJ0ScE/s000/comments.png
IP 142.250.74.161:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash cc9ae188835cfedeea7f9b5ce50420d5
03cb07dcb96b79844473ae413a6c0ce560157898
4e7fc1d2c016fba279f062e78a9421e8dff333ea8740e89da5eba139a1fbba22
GET /-_bJZkmHQSjo/Th6JQYVJaOI/AAAAAAAACUM/aTwI2TJ0ScE/s000/comments.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="comments.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 510
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Fri, 18 Nov 2022 08:18:07 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v943"
Content-Type: image/png
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4152
Cache-Control: max-age=101814
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:16:05 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=119193
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 15:05:44 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
travinhngaymoi.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata
142.250.74.161200 OK 18 kB URL HTTP/1.1 travinhngaymoi.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (55803)
Hash 363f2b504d8e97984ddd263c17c2e3ed
6fd848ac9e96c0406aa784a7dd55a4de60d87f4e
c2319529242da5771f77e88a81163d7aeec6b4866cb7020268d7c4ca3752b199
GET /feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata HTTP/1.1
Host: travinhngaymoi.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Cookie: _ga=GA1.3.1585623793.1669269551; _gid=GA1.3.642096442.1669269551; _gat=1; HstCfa2270820=1669269550930; HstCla2270820=1669269550930; HstCmu2270820=1669269550930; HstPn2270820=1; HstPt2270820=1; HstCnv2270820=1; HstCns2270820=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"43981eb2fd66cb26402dbbc1f5e7e40ade97db67b7cfe29ba42b94e2fadae5a9"
Date: Thu, 24 Nov 2022 05:59:11 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 24 Nov 2022 05:59:12 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Mon, 21 Nov 2022 12:23:10 GMT
Content-Encoding: gzip
Content-Length: 17590
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-XyAYfaFJa0E/Th6JIRbJu8I/AAAAAAAACTU/CCLYarysmUI/s000/nav-bg.png
142.250.74.161200 OK 254 B URL HTTP/1.1 4.bp.blogspot.com/-XyAYfaFJa0E/Th6JIRbJu8I/AAAAAAAACTU/CCLYarysmUI/s000/nav-bg.png
IP 142.250.74.161:0
File type PNG image data, 2 x 46, 8-bit/color RGB, non-interlaced\012- data
Hash 24e0c8c8abe818a962ed174914648d53
9af41be583cd9a4d36f0d4e5f2b81e80ac81398f
b0758838fae0389acc30105662f07c8599ef466cb090297daa296ae2c549d2cc
GET /-XyAYfaFJa0E/Th6JIRbJu8I/AAAAAAAACTU/CCLYarysmUI/s000/nav-bg.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="nav-bg.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 254
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:02 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v935"
Content-Type: image/png
Age: 0
1.bp.blogspot.com/-rj7ES9KgI6w/Th6JIOwjoRI/AAAAAAAACTQ/1vSR0DlCmMI/s000/pagenav-hover.png
142.250.74.161200 OK 207 B URL HTTP/1.1 1.bp.blogspot.com/-rj7ES9KgI6w/Th6JIOwjoRI/AAAAAAAACTQ/1vSR0DlCmMI/s000/pagenav-hover.png
IP 142.250.74.161:0
File type PNG image data, 2 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6bfe12142f031e3424a70ad9cbee511b
fc25b8d4f75a3bad0ea15b603afd0613750ee58b
d0a2b44c469bc84121bec89bcd4accd4eec35947574f1c0edec377a66bf60327
GET /-rj7ES9KgI6w/Th6JIOwjoRI/AAAAAAAACTQ/1vSR0DlCmMI/s000/pagenav-hover.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="pagenav-hover.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 207
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:02 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v934"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-6gzk15HLa8E/Th6JD7yS1TI/AAAAAAAACSs/DKBRiYYpb2k/s000/search-bg.png
142.250.74.161200 OK 230 B URL HTTP/1.1 4.bp.blogspot.com/-6gzk15HLa8E/Th6JD7yS1TI/AAAAAAAACSs/DKBRiYYpb2k/s000/search-bg.png
IP 142.250.74.161:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 2b4b77400df160b48e9fcdcb70f09b42
e1804611d1427a7a6fb3cb05fd30932243503830
5e26978a6fa93bc66c723069cc407be0403a102ac503511dccf93a5d79e00cdb
GET /-6gzk15HLa8E/Th6JD7yS1TI/AAAAAAAACSs/DKBRiYYpb2k/s000/search-bg.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v92b"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="search-bg.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 230
X-XSS-Protection: 0
1.bp.blogspot.com/-8uELdOispkU/Th6JLGy4-4I/AAAAAAAACTs/p0GXZIM9ric/s000/search.gif
142.250.74.161200 OK 571 B URL HTTP/1.1 1.bp.blogspot.com/-8uELdOispkU/Th6JLGy4-4I/AAAAAAAACTs/p0GXZIM9ric/s000/search.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 25 x 30\012- data
Hash e162bb95e215ac4d45f36cb25f73c4af
a7e25cb2c4b0353fd67829818a501a5b521a69db
124d09922854db613557241001a9e1f222657301db05c638b7a8a8b1c42d4979
GET /-8uELdOispkU/Th6JLGy4-4I/AAAAAAAACTs/p0GXZIM9ric/s000/search.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "ve3f"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="search.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 571
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 08:04:05 GMT
Expires: Wed, 07 Dec 2022 08:04:05 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 78906
3.bp.blogspot.com/-k-wWcTVO3UA/Th6JCOrSdnI/AAAAAAAACSc/1IKLnAxiAKQ/s000/container-bg.png
142.250.74.161200 OK 237 B URL HTTP/1.1 3.bp.blogspot.com/-k-wWcTVO3UA/Th6JCOrSdnI/AAAAAAAACSc/1IKLnAxiAKQ/s000/container-bg.png
IP 142.250.74.161:0
File type PNG image data, 2 x 245, 8-bit/color RGB, non-interlaced\012- data
Hash aca8dac64b68e2a677d8e239d173749e
4f79d0b8efb551e455d7ffd3cff7b9a906994347
388bf3eaee3725e383248fe24ccbb9ecc49f50b1af5c4326be9bce388e92b43c
GET /-k-wWcTVO3UA/Th6JCOrSdnI/AAAAAAAACSc/1IKLnAxiAKQ/s000/container-bg.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v927"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="container-bg.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 237
X-XSS-Protection: 0
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oihvXJJbZv+oJKFtyMRQ1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S1AAqDNolD6sha233UpwAtrvLNM=
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 24 Nov 2022 05:59:11 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
3.bp.blogspot.com/-3VBVZYRoTr0/Th6JJtXbvKI/AAAAAAAACTg/_3gi5D19tmY/s000/nav-separator.png
142.250.74.161200 OK 205 B URL HTTP/1.1 3.bp.blogspot.com/-3VBVZYRoTr0/Th6JJtXbvKI/AAAAAAAACTg/_3gi5D19tmY/s000/nav-separator.png
IP 142.250.74.161:0
File type PNG image data, 2 x 46, 8-bit/color RGB, non-interlaced\012- data
Hash 9c9c46e756e52443070dd1765f4b2fa1
bbf93ecf938cb6ded0bbe62851bfd4f75af27207
08f8a54a040be2d5bdc86e36889053db52621aa51557a3eaa4667e61cc66c31f
GET /-3VBVZYRoTr0/Th6JJtXbvKI/AAAAAAAACTg/_3gi5D19tmY/s000/nav-separator.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="nav-separator.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 205
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:02 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v938"
Content-Type: image/png
Age: 0
3.bp.blogspot.com/-8Q2-KTGlLJg/Th6JCl2M92I/AAAAAAAACSg/ONxramkkyq0/s000/contentwrap.png
142.250.74.161200 OK 209 B URL HTTP/1.1 3.bp.blogspot.com/-8Q2-KTGlLJg/Th6JCl2M92I/AAAAAAAACSg/ONxramkkyq0/s000/contentwrap.png
IP 142.250.74.161:0
File type PNG image data, 320 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 74fbf3cf91d0dd97a33575be9b7514ea
fa262ed59677a2b6461c35a08b207994ca968e65
a452f5daa68acd7dd3bc2c597021d34b7e5aab1da3e4509b7f4eaccc998972fd
GET /-8Q2-KTGlLJg/Th6JCl2M92I/AAAAAAAACSg/ONxramkkyq0/s000/contentwrap.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="contentwrap.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 209
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:11 GMT
Expires: Wed, 23 Nov 2022 09:21:02 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v928"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-dD0s1bBPjls/Th6JDHvJOJI/AAAAAAAACSk/jtQAPpLi_Vc/s000/sidebar_tab.png
142.250.74.161200 OK 258 B URL HTTP/1.1 4.bp.blogspot.com/-dD0s1bBPjls/Th6JDHvJOJI/AAAAAAAACSk/jtQAPpLi_Vc/s000/sidebar_tab.png
IP 142.250.74.161:0
File type PNG image data, 7 x 5, 8-bit/color RGB, non-interlaced\012- data
Hash e35ab2c65d6fc02eb6c67aa04e85e868
5bb34ebcc4cf1ee285080f1122b3d0028f596580
d2c9a173b1b195ba2bb8ddfc07e809cc31d22c35870f016366e92c1fc774ccbb
GET /-dD0s1bBPjls/Th6JDHvJOJI/AAAAAAAACSk/jtQAPpLi_Vc/s000/sidebar_tab.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sidebar_tab.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 258
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 05:59:12 GMT
Expires: Wed, 23 Nov 2022 09:21:03 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v929"
Content-Type: image/png
Age: 0
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=58252
date: Thu, 24 Nov 2022 05:59:12 GMT
X-Firefox-Spdy: h2
connect.facebook.net/vi_VN/all.js
157.240.200.14200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/vi_VN/all.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash d56976d8ddb6e2089434c4111bea3f92
1454e0f14591f5a4cd0d23623ca4b0df3cde278a
344c17fd752a8264ff42b9ce3d589c77aee37c7ac7dc86cd3dfd28e14ad13f9b
GET /vi_VN/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 62c99155f5dd3d795fc98609d69d508d
ETag: "a2daecbbeabfd6e17b83641548cdecdf"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Thu, 24 Nov 2022 06:10:35 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: 1Wl22N224giUNMQRG+o/kg==
X-FB-Debug: PikKj455yVPWZQNHYWvYYwpMBw88ia96LRLELVlCtyeThhKenI3WTBukcQ04OPlOzlZpIUOR7ntU57ryUFV/8A==
X-FB-TRIP-ID: 1679558926
Date: Thu, 24 Nov 2022 05:59:12 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1687
m.addthis.com/live/red_lojson/300lo.json?si=637f082fb38d298d&bkl=0&bl=1&pdt=746&sid=637f082fb38d298d&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=travinhngaymoi.blogspot.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=tra%20vinh%20ngay%20moi%2Ctin%20tuc%20tra%20vinh%2Ctra%20vinh&colc=1669269551445&jsl=0&uvs=637f082f7adbe5c5000&skipb=1&callback=addthis.cbs.jsonp__376807896226369450
23.38.200.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=637f082fb38d298d&bkl=0&bl=1&pdt=746&sid=637f082fb38d298d&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=travinhngaymoi.blogspot.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=tra%20vinh%20ngay%20moi%2Ctin%20tuc%20tra%20vinh%2Ctra%20vinh&colc=1669269551445&jsl=0&uvs=637f082f7adbe5c5000&skipb=1&callback=addthis.cbs.jsonp__376807896226369450
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 8183bc734843736ec088a3461d378d84
065570858e1ee5520a5e7a236e10856529144072
331d475c1ee35c3bd83933d823d9408ebdb4a8afa867f2f4c2531a6dc4912cf5
GET /live/red_lojson/300lo.json?si=637f082fb38d298d&bkl=0&bl=1&pdt=746&sid=637f082fb38d298d&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=travinhngaymoi.blogspot.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=tra%20vinh%20ngay%20moi%2Ctin%20tuc%20tra%20vinh%2Ctra%20vinh&colc=1669269551445&jsl=0&uvs=637f082f7adbe5c5000&skipb=1&callback=addthis.cbs.jsonp__376807896226369450 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 24 Nov 2022 05:59:12 GMT
X-Firefox-Spdy: h2
connect.facebook.net/vi_VN/all.js?hash=14dae72a706ab05761805f466886f003
157.240.200.14200 OK 87 kB URL HTTP/2 connect.facebook.net/vi_VN/all.js?hash=14dae72a706ab05761805f466886f003
IP 157.240.200.14:0
File type ASCII text, with very long lines (18734)
Hash e360ade770807bf478bc12409d1be19a
a051aa9a62c7066efa29eb6247af99f2eef062d2
bb9aea2d035f63b83dd98ca769931a170f8fcfe541aaefb71ff90e920166ca07
GET /vi_VN/all.js?hash=14dae72a706ab05761805f466886f003 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://travinhngaymoi.blogspot.com
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 5977eb5ffb664de26c25700cf214dd9b
etag: "f4683839275b77c1df7b1821ba46be1c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Nov 2023 05:52:49 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 42Ct53CAe/R4vBJAnRvhmg==
x-fb-debug: 4pDVgkHowr3GA2L2oSZDL6e5LWApxYiVduPQlugYzKIj0wfqB2pcDoII/9jUaBOreCJPD+JMB7ykDcHD2Pcgcw==
priority: u=3,i
content-length: 86865
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:59:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b39d09bbca8e6027fb3862c8fd58d8cc
e71733bd444dc689b70f0eaf9f0af8d97bca28ea
8ffeb1845732ab60f2d14627d633c85950edcdcfd071ef6d50511b9c5c89b859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FFEB1845732AB60F2D14627D633C85950EDCDCFD071EF6D50511B9C5C89B859"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13121
Expires: Thu, 24 Nov 2022 09:37:53 GMT
Date: Thu, 24 Nov 2022 05:59:12 GMT
Connection: keep-alive
travinhngaymoi.blogspot.com/YOUR-FAVICON-URL
142.250.74.161404 Not Found 28 kB URL HTTP/1.1 travinhngaymoi.blogspot.com/YOUR-FAVICON-URL
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24589)
Hash 6aa43ee921504e8ff28dbfc9f874c330
29333ea8f1ddb4d9cfa8ceb82566c5fc70fcfabc
4dfc19bcb35791be9608a03f3c7a07eea87978870157e8d1dc760925f67575e7
Analyzer Verdict Alert fortinet Malware
GET /YOUR-FAVICON-URL HTTP/1.1
Host: travinhngaymoi.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Cookie: _ga=GA1.3.1585623793.1669269551; _gid=GA1.3.642096442.1669269551; _gat=1; HstCfa2270820=1669269550930; HstCla2270820=1669269550930; HstCmu2270820=1669269550930; HstPn2270820=1; HstPt2270820=1; HstCnv2270820=1; HstCns2270820=1; __atuvc=1%7C47; __atuvs=637f082f7adbe5c5000
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 24 Nov 2022 05:59:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 28151
Server: GSE
s4.histats.com/stats/2270820.php?2270820&@f16&@g1&@h1&@i1&@j1669269550930&@k0&@l1&@mTr%C3%A0%20Vinh%20Ng%C3%A0y%20M%E1%BB%9Bi%2C%20travinh%2C%20tr%C3%A0%20vinh%2C%20tin%20tuc%20tra%20vinh%2C%20tintuctravinh%2C%20tin%20tuc%2Ctintuc&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-57863091&@b3:1669269551&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Ftravinhngaymoi.blogspot.com%2F&@w
192.99.8.27200 OK 101 B URL HTTP/1.1 s4.histats.com/stats/2270820.php?2270820&@f16&@g1&@h1&@i1&@j1669269550930&@k0&@l1&@mTr%C3%A0%20Vinh%20Ng%C3%A0y%20M%E1%BB%9Bi%2C%20travinh%2C%20tr%C3%A0%20vinh%2C%20tin%20tuc%20tra%20vinh%2C%20tintuctravinh%2C%20tin%20tuc%2Ctintuc&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-57863091&@b3:1669269551&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Ftravinhngaymoi.blogspot.com%2F&@w
IP 192.99.8.27:0
File type ASCII text, with no line terminators
Hash 079cd2c9247620333a332d1ad41e483f
5df0e5b2bb42712a71c863e9f9db01150f0891c9
c4e58373e946140ca64e7506d1d8404f96cbe36d9a5382a1325dcc233f6dd148
GET /stats/2270820.php?2270820&@f16&@g1&@h1&@i1&@j1669269550930&@k0&@l1&@mTr%C3%A0%20Vinh%20Ng%C3%A0y%20M%E1%BB%9Bi%2C%20travinh%2C%20tr%C3%A0%20vinh%2C%20tin%20tuc%20tra%20vinh%2C%20tintuctravinh%2C%20tin%20tuc%2Ctintuc&@n0&@o1000&@q0&@r0&@s10&@ten-US&@u1280&@b1:-57863091&@b3:1669269551&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Ftravinhngaymoi.blogspot.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:59:12 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 101
Connection: close
s10.histats.com/counters/cc_10.js
46.105.201.240200 OK 7.6 kB URL HTTP/2 s10.histats.com/counters/cc_10.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (17833), with no line terminators
Hash 1d9460c984f25ea64e208b9ea21c492a
ec720873c6e352f435a40e0a6d11c878e451faa5
05a939636a8285b28ee6dce67902e97a148fa19288bc882cee6eb98ae74f1414
GET /counters/cc_10.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:50:25 GMT
etag: "-21747805"
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
x-request-id: 841909378
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7570
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19862)
Hash beecb04bdb30feee11a21b326f733dd6
a8fbf0406a8016edd6d5541232ddb5261273ef48
9ffffe50c350f7f9e8997d2881520f3279386f607cb41aa14a3aadb2d1ce1ef8
GET /rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 18:25:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZzQfObLOJH5pehB3nxKKTQ==
x-fb-debug: xXc3tB6KW2GlKJu1jGtCJl1gxVhj5AQ85x7wZ7SmqXL5xeWj0x3cQ1IVai2V73sS60cXq/nCIPlGg6/Y4DvsgA==
priority: u=3,i
content-length: 3399
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:59:12 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3310
Expires: Thu, 24 Nov 2022 06:54:23 GMT
Date: Thu, 24 Nov 2022 05:59:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3310
Expires: Thu, 24 Nov 2022 06:54:23 GMT
Date: Thu, 24 Nov 2022 05:59:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3310
Expires: Thu, 24 Nov 2022 06:54:23 GMT
Date: Thu, 24 Nov 2022 05:59:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3310
Expires: Thu, 24 Nov 2022 06:54:23 GMT
Date: Thu, 24 Nov 2022 05:59:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3310
Expires: Thu, 24 Nov 2022 06:54:23 GMT
Date: Thu, 24 Nov 2022 05:59:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kkI9Vh2vZeJPwz2JVL5MErsBBwk8-2Jo49yc0sFqv5pxIyBi6azFIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
age: 28910
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 29527
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:19 GMT
age: 28914
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc118bae963b381ce5450890130ecf15
9355a16a81b11e024dd2c5c0024aba1121fff925
cb5bc2cc49e05c133434eeb725690b3e32a0d3c6b75074582f941eee3bf7e1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9828
x-amzn-requestid: bf2f8429-416d-40d4-a237-7593ee26c27a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEv0KHywIAMFvtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e934d-349e1dcc595b1be906a83577;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bQcpPUgu6eN6PQeLMGWwBlf01iHj77_aXHjKmh8SH7HsWlUX6kipDg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
age: 28910
etag: "9355a16a81b11e024dd2c5c0024aba1121fff925"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 28519
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1404c6b865808ea73ca5b2062fefecc0
c66fd3a955cd81ab93474fb1aabc4c19d5775bcc
0a92ca52eff8baa4ba43bdb29008c59bcd37c55e78ac657de25819e980ea8e96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 215b9f9b-4941-4c13-a1d4-6fdc5b453fad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtEkIIAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-27081b9e0dc1de6522299e4e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xr183esurgfu-4jjQtCS5s_np_CtltrPx48zpq-NMwZbcGnAwTxtkg==
via: 1.1 68914922a694954838e87fc9b0aa10fe.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:52:56 GMT
age: 29177
etag: "c66fd3a955cd81ab93474fb1aabc4c19d5775bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i0.wp.com/chuyennangnguc.net/wp-content/uploads/2015/07/gia-tien-nang-nguc-hien-nay-la-bao-nhieu-1.jpg
192.0.77.2400 Bad Request 0 B URL HTTP/2 i0.wp.com/chuyennangnguc.net/wp-content/uploads/2015/07/gia-tien-nang-nguc-hien-nay-la-bao-nhieu-1.jpg
IP 192.0.77.2:0
GET /chuyennangnguc.net/wp-content/uploads/2015/07/gia-tien-nang-nguc-hien-nay-la-bao-nhieu-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Thu, 24 Nov 2022 05:59:11 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 3
X-Firefox-Spdy: h2
i0.wp.com/chuyennangnguc.net/wp-content/uploads/2015/07/gia-tien-nang-nguc-hien-nay-la-bao-nhieu-1.jpg
192.0.77.2400 Bad Request 0 B URL HTTP/2 i0.wp.com/chuyennangnguc.net/wp-content/uploads/2015/07/gia-tien-nang-nguc-hien-nay-la-bao-nhieu-1.jpg
IP 192.0.77.2:0
GET /chuyennangnguc.net/wp-content/uploads/2015/07/gia-tien-nang-nguc-hien-nay-la-bao-nhieu-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Thu, 24 Nov 2022 05:59:11 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 3
X-Firefox-Spdy: h2
3.bp.blogspot.com/-TAdAWREOzCM/Th6JBm6MRPI/AAAAAAAACSU/JiEd4HQeh5s/s000/background.jpg
142.250.74.161200 OK 0 B URL HTTP/1.1 3.bp.blogspot.com/-TAdAWREOzCM/Th6JBm6MRPI/AAAAAAAACSU/JiEd4HQeh5s/s000/background.jpg
IP 142.250.74.161:0
GET /-TAdAWREOzCM/Th6JBm6MRPI/AAAAAAAACSU/JiEd4HQeh5s/s000/background.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travinhngaymoi.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v925"
Expires: Fri, 25 Nov 2022 05:59:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="background.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 24 Nov 2022 05:59:11 GMT
Server: fife
Content-Length: 140157
X-XSS-Protection: 0