r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Mon, 12 Sep 2022 10:25:53 GMT
Date: Mon, 12 Sep 2022 09:49:52 GMT
Connection: keep-alive
sharondenton.blogspot.com/2022/02/moldes-de-letras-grandes-y-bonitas-para.html
301 Moved Permanently 217 B URL HTTP/1.1 sharondenton.blogspot.com/2022/02/moldes-de-letras-grandes-y-bonitas-para.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b7711fdb7e6ef33c6a509916b2de7453
75acb9cf63db8b10995d8011625ef11e997bae2d
9e838736a20a51e8358e5d6e3c52c0d8f613940d958ff8f26ef3908cb7fbee3c
GET /2022/02/moldes-de-letras-grandes-y-bonitas-para.html HTTP/1.1
Host: sharondenton.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://sharondenton.blogspot.com/2022/02/moldes-de-letras-grandes-y-bonitas-para.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 12 Sep 2022 09:49:52 GMT
Expires: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 217
Server: GSE
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 08:58:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5RY_37821YKKzBvqZrLGeXAyiGSz5d3y2Slek7KwPC5FrwD4dUQ8rA==
Age: 3101
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DSw8b5SLNSnDKMgwOtWMdqTVCyX9uklfxm74zVESK0uO_LO2hO4UFA==
age: 9160
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7178a43ba987078296946a97fa2fa609
a43fc4248914b2aa86d6148bfb11fdfc3ef1b759
2844d3e684d0474156afffb8f06e99f0f5b37dd8c7234137c2a3891f4dfb587e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:49:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 08:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 09:45:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2puknRoXaHdKxXw9VXa8MRSO4RrhyPs42og6U0EnvPTuqGLV-lnu_A==
Age: 3225
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7178a43ba987078296946a97fa2fa609
a43fc4248914b2aa86d6148bfb11fdfc3ef1b759
2844d3e684d0474156afffb8f06e99f0f5b37dd8c7234137c2a3891f4dfb587e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Last-Modified: Mon, 12 Sep 2022 08:31:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
sharondenton.blogspot.com/2022/02/moldes-de-letras-grandes-y-bonitas-para.html
200 OK 70 kB URL HTTP/2 sharondenton.blogspot.com/2022/02/moldes-de-letras-grandes-y-bonitas-para.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (54890)
Hash 87ee579d44fe8243ed3ea08a9f4f23c7
ed363534d534fd7327b031e8faa21712126b1936
4248cff6959ea372ac30451fac5b3a0aba799dc6e458cca1191281226f89f990
GET /2022/02/moldes-de-letras-grandes-y-bonitas-para.html HTTP/1.1
Host: sharondenton.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 12 Sep 2022 09:49:52 GMT
date: Mon, 12 Sep 2022 09:49:52 GMT
cache-control: private, max-age=0
last-modified: Sat, 03 Sep 2022 22:11:29 GMT
etag: W/"a3cc927bbda2c019cce74ac8e119f6cb990e8e1d6c02a7f3ca176eaa1572b48e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 69548
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5b134f2125f2430cece17a69bb4a2711
f9ccd650a51a65fdb5472fccb8d936dde79fe93a
8e0c0e4fb61c38c1330cd65f4daa2218fd9184ac04c767098b973ecbd5f83700
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/1.bp.blogspot.com/--9OVmPjsqXk/T2MPbM4n2UI/AAAAAAAAeuw/btz_g4sDMQk/s400/dibujosdebanerasparaimprimir4.jpg
302 Found 138 B URL HTTP/2 i0.wp.com/1.bp.blogspot.com/--9OVmPjsqXk/T2MPbM4n2UI/AAAAAAAAeuw/btz_g4sDMQk/s400/dibujosdebanerasparaimprimir4.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /1.bp.blogspot.com/--9OVmPjsqXk/T2MPbM4n2UI/AAAAAAAAeuw/btz_g4sDMQk/s400/dibujosdebanerasparaimprimir4.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 12 Sep 2022 09:49:52 GMT
content-type: text/html
content-length: 138
location: https://1.bp.blogspot.com/--9OVmPjsqXk/T2MPbM4n2UI/AAAAAAAAeuw/btz_g4sDMQk/s400/dibujosdebanerasparaimprimir4.jpg
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/3.bp.blogspot.com/-cgsgrTppkQw/Timl8-dRMOI/AAAAAAAASho/mwPzKh0fAfU/s1600/imagenesfarodemarparaimprimir.jpg
302 Found 138 B URL HTTP/2 i0.wp.com/3.bp.blogspot.com/-cgsgrTppkQw/Timl8-dRMOI/AAAAAAAASho/mwPzKh0fAfU/s1600/imagenesfarodemarparaimprimir.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /3.bp.blogspot.com/-cgsgrTppkQw/Timl8-dRMOI/AAAAAAAASho/mwPzKh0fAfU/s1600/imagenesfarodemarparaimprimir.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 12 Sep 2022 09:49:52 GMT
content-type: text/html
content-length: 138
location: https://3.bp.blogspot.com/-cgsgrTppkQw/Timl8-dRMOI/AAAAAAAASho/mwPzKh0fAfU/s1600/imagenesfarodemarparaimprimir.jpg
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/736x/19/54/0c/19540c55958e6fc6e9cfe6223b6606c7.jpg
302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/736x/19/54/0c/19540c55958e6fc6e9cfe6223b6606c7.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/736x/19/54/0c/19540c55958e6fc6e9cfe6223b6606c7.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 12 Sep 2022 09:49:52 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/736x/19/54/0c/19540c55958e6fc6e9cfe6223b6606c7.jpg
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/2.bp.blogspot.com/-WVevjgPCji4/VFYx7oukdAI/AAAAAAABG5I/2SLzb1LiOLY/s1600/paisajes-de-navidad-para-imprimir3.png
302 Found 138 B URL HTTP/2 i1.wp.com/2.bp.blogspot.com/-WVevjgPCji4/VFYx7oukdAI/AAAAAAABG5I/2SLzb1LiOLY/s1600/paisajes-de-navidad-para-imprimir3.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2.bp.blogspot.com/-WVevjgPCji4/VFYx7oukdAI/AAAAAAABG5I/2SLzb1LiOLY/s1600/paisajes-de-navidad-para-imprimir3.png HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 12 Sep 2022 09:49:52 GMT
content-type: text/html
content-length: 138
location: https://2.bp.blogspot.com/-WVevjgPCji4/VFYx7oukdAI/AAAAAAABG5I/2SLzb1LiOLY/s1600/paisajes-de-navidad-para-imprimir3.png
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 14:54:37 GMT
expires: Sat, 09 Sep 2023 14:54:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 15:01:24 GMT
content-type: text/javascript
age: 240915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5b134f2125f2430cece17a69bb4a2711
f9ccd650a51a65fdb5472fccb8d936dde79fe93a
8e0c0e4fb61c38c1330cd65f4daa2218fd9184ac04c767098b973ecbd5f83700
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
80ekasari.github.io/dj/yoi.js
200 OK 4.3 kB URL HTTP/2 80ekasari.github.io/dj/yoi.js
IP
File type HTML document, ASCII text, with very long lines (5998)
Hash 10bce7db1c4621385e277783e461a799
c165b906239312cdb183d4d201c63da8152d56c9
0b600c6ca13a023c9e64179987e1f7e10fc0e4be851549da76ca55873ae22380
GET /dj/yoi.js HTTP/1.1
Host: 80ekasari.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Fri, 26 Nov 2021 13:58:32 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"61a0e808-3412"
expires: Mon, 12 Sep 2022 05:09:09 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: EE7E:8452:14AE5A:15E825:631EBC9D
accept-ranges: bytes
date: Mon, 12 Sep 2022 09:49:52 GMT
via: 1.1 varnish
age: 382
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662976193.938427,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 7230494b78973cb69c3fbc04cd367c0f51396ad6
content-length: 4301
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3753684042-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3753684042-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 9310029f33929201831992bd74c13953
092fc9b60b0fcc7e24b80eb89f40178e91effb98
ed0ad17efb3c922e7bc8feffa0a5718d2ad226c44f2bb183b6ad163684f3b982
GET /static/v1/widgets/3753684042-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57039
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 01:53:39 GMT
expires: Fri, 08 Sep 2023 01:53:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 22:51:39 GMT
content-type: text/javascript
age: 374173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/736x/d8/29/a8/d829a82dfb64c91ec527225e21958d6a.jpg
302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/736x/d8/29/a8/d829a82dfb64c91ec527225e21958d6a.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/736x/d8/29/a8/d829a82dfb64c91ec527225e21958d6a.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 12 Sep 2022 09:49:52 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/736x/d8/29/a8/d829a82dfb64c91ec527225e21958d6a.jpg
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharondenton.blogspot.com
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 01:19:34 GMT
expires: Sun, 10 Sep 2023 01:19:34 GMT
cache-control: public, max-age=31536000
age: 203418
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12200, version 1.0\012- data
Hash 455200cb007fe1212c668721d827c691
cfac52972c0f5bf3ea1152fe02ed3093c2217350
4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharondenton.blogspot.com
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:46:33 GMT
expires: Wed, 06 Sep 2023 17:46:33 GMT
cache-control: public, max-age=31536000
age: 489799
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7d0638db85def1a70c776e0dca26e2c0
1c738feb0ef9f19b58a91bd1755d5d053b839d9e
42163eda874ff11e6cec5c737926990d42cfb120bd0432c03741cece24bb4bbb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12048, version 1.0\012- data
Hash 188b397610a9a71bd931a3bd04ee2197
663ff7cc0f76309727a89e306bd8f6659f1ecdb9
d072872a98e4b9813b4596891cc5387a3213b3cd90f573a3f06ec49ade27a2af
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharondenton.blogspot.com
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 04:30:58 GMT
expires: Sun, 10 Sep 2023 04:30:58 GMT
cache-control: public, max-age=31536000
age: 191935
last-modified: Wed, 24 Jul 2019 01:19:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharondenton.blogspot.com
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 06:03:06 GMT
expires: Wed, 06 Sep 2023 06:03:06 GMT
cache-control: public, max-age=31536000
age: 532007
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5b134f2125f2430cece17a69bb4a2711
f9ccd650a51a65fdb5472fccb8d936dde79fe93a
8e0c0e4fb61c38c1330cd65f4daa2218fd9184ac04c767098b973ecbd5f83700
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/plusone.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Mon, 12 Sep 2022 09:49:53 GMT
expires: Mon, 12 Sep 2022 09:49:53 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a362ed935f69c0db"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.J2dklZSY9js.es5.O/am=4gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP0bb6Pra-Sis1TeuHq6czWdn5vA0g/m=_b,_tp,_r
200 OK 63 kB URL HTTP/2 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.J2dklZSY9js.es5.O/am=4gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP0bb6Pra-Sis1TeuHq6czWdn5vA0g/m=_b,_tp,_r
IP
File type ASCII text, with very long lines (563)
Hash 363d6a51a7fb86bf8039342b10be79c6
db8933922b7aba64a22ccf6c7e4002fd7559b069
f65cf8cda17b55b3e72da7bdab35f8985758adf64503ab11608f75dae7e1c371
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.J2dklZSY9js.es5.O/am=4gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP0bb6Pra-Sis1TeuHq6czWdn5vA0g/m=_b,_tp,_r HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 62996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 04:04:40 GMT
expires: Tue, 12 Sep 2023 04:04:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 11 Sep 2022 08:08:58 GMT
content-type: text/javascript; charset=UTF-8
age: 20713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=4771231211637548505&zx=1c4ca370-6f37-4063-814b-ef0a7d3351ce
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=4771231211637548505&zx=1c4ca370-6f37-4063-814b-ef0a7d3351ce
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=4771231211637548505&zx=1c4ca370-6f37-4063-814b-ef0a7d3351ce HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 12 Sep 2022 09:49:53 GMT
last-modified: Mon, 12 Sep 2022 09:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Sun, 11 Sep 2022 20:48:27 GMT
expires: Sun, 25 Sep 2022 20:48:27 GMT
cache-control: public, max-age=1209600
age: 46886
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mwkwySiu7Snk44QJGg5a7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hZ1kpE/+gJkpzmwRQ3idtD4JKWQ=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 670 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 24fb827545f0df82ba9ce873507284b7
9b19dbdd1f7e262643f5c8937bd71b8b4bbf51e9
8c9289a263ad355d61c55a414ea621a8019e6355e2532825d03d39e0e59292b0
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 12 Sep 2022 09:49:53 GMT
date: Mon, 12 Sep 2022 09:49:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 670
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9ed7401dda70b56e29c7fe566f7dac27
921925088cf933b3a870276c9a22acf38f578624
d43a4a1e46cc0f637a95824dac6e85e138bd0f83941695cceac08544e508055c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D43A4A1E46CC0F637A95824DAC6E85E138BD0F83941695CCEAC08544E508055C"
Last-Modified: Sat, 10 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8696
Expires: Mon, 12 Sep 2022 12:14:49 GMT
Date: Mon, 12 Sep 2022 09:49:53 GMT
Connection: keep-alive
i1.wp.com/atividadespedagogicas.net/wp-content/uploads/2017/04/moldes-letras-u-e-v-1024x666-1024x666.jpg
200 OK 12 kB URL HTTP/2 i1.wp.com/atividadespedagogicas.net/wp-content/uploads/2017/04/moldes-letras-u-e-v-1024x666-1024x666.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x666, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e77f869e5202c8e78f2d40757a9af25
06b239ada96aa7212b111c3b107c930c174da7a4
52aa5b6da7ed087473c97c14a7922cc95d421715a5a01a32f12cc585d1a1e416
GET /atividadespedagogicas.net/wp-content/uploads/2017/04/moldes-letras-u-e-v-1024x666-1024x666.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:49:53 GMT
content-type: image/webp
content-length: 12354
last-modified: Mon, 12 Sep 2022 09:49:53 GMT
expires: Wed, 11 Sep 2024 21:49:53 GMT
cache-control: public, max-age=63115200
link: <http://atividadespedagogicas.net/wp-content/uploads/2017/04/moldes-letras-u-e-v-1024x666-1024x666.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "62ce0051e1481412"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 12 Sep 2022 09:49:53 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+892; expires=Wed, 11-Sep-2024 09:49:53 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 12 Sep 2022 09:49:53 GMT
cache-control: private
X-Firefox-Spdy: h2
accompanycollapse.com/bc8d59f796233b632b8846bc72a15192/invoke.js
200 OK 9.8 kB URL HTTP/1.1 accompanycollapse.com/bc8d59f796233b632b8846bc72a15192/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (27000), with no line terminators
Hash d7cf33e43848dcd66c3b6c52bf735c47
7a464305f482600b50c61be33627b26947729cad
2e6e56a5fbf4d8ca3ec693eb643c892acf439d6b6b17db60b230ad9a7242465f
GET /bc8d59f796233b632b8846bc72a15192/invoke.js HTTP/1.1
Host: accompanycollapse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 09:49:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e058b9001597d47ac695911263d301f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2974
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 12 Sep 2022 09:49:53 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+167; expires=Wed, 11-Sep-2024 09:49:53 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 12 Sep 2022 09:49:53 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3e80e25cd2f62776337af6df560b95fd
588d000c658214820cc9063d118b60437bc03152
41afd36104d30803eb2fae472a09e0254312557f37bb65216a46139b1365ce59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41AFD36104D30803EB2FAE472A09E0254312557F37BB65216A46139B1365CE59"
Last-Modified: Sun, 11 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2257
Expires: Mon, 12 Sep 2022 10:27:30 GMT
Date: Mon, 12 Sep 2022 09:49:53 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:41:28 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 313460986
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
i.pinimg.com/736x/19/54/0c/19540c55958e6fc6e9cfe6223b6606c7.jpg
200 OK 31 kB URL HTTP/2 i.pinimg.com/736x/19/54/0c/19540c55958e6fc6e9cfe6223b6606c7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 2000x2000, segment length 16, progressive, precision 8, 736x1039, components 3\012- data
Hash 49d8b0062b68981a3161d5b5510a4b5a
54d766fea023d2f386fd6934bbad251e1279db78
d37d575b3c9e7d839f3ddf724206363701c3a3997d686923e809a1c35b273f92
GET /736x/19/54/0c/19540c55958e6fc6e9cfe6223b6606c7.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharondenton.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:49:53 GMT
content-type: image/jpeg
content-length: 30742
cf-ray: 7497bc5b78430b65-OSL
accept-ranges: bytes
cache-control: max-age=31536000, immutable
etag: "49d8b0062b68981a3161d5b5510a4b5a"
vary: Origin, Accept-Encoding
cf-bgj: h2pri
edge-start: 1662976193844
origin-latency: 114
x-cdn: cloudflare
server: cloudflare
X-Firefox-Spdy: h2
i.pinimg.com/736x/d8/29/a8/d829a82dfb64c91ec527225e21958d6a.jpg
200 OK 67 kB URL HTTP/2 i.pinimg.com/736x/d8/29/a8/d829a82dfb64c91ec527225e21958d6a.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x736, components 3\012- data
Hash f6a9acfd2a5fdc5e36f01ef7a878b6b6
e666b60586b7cf04092c374127da7645e78c682a
140da05760188c534c60f169ccaea0bcbae78c5ec62267329817d0e47997c2d4
GET /736x/d8/29/a8/d829a82dfb64c91ec527225e21958d6a.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharondenton.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:49:53 GMT
content-type: image/jpeg
content-length: 67274
cf-ray: 7497bc5b78460b65-OSL
accept-ranges: bytes
cache-control: max-age=31536000, immutable
etag: "f6a9acfd2a5fdc5e36f01ef7a878b6b6"
vary: Origin, Accept-Encoding
edge-start: 1662976193860
origin-latency: 120
x-cdn: cloudflare
server: cloudflare
X-Firefox-Spdy: h2
i0.wp.com/cdn.slidesharecdn.com/ss_thumbnails/contohrphbmalaysia-120921231548-phpapp02-thumbnail.jpg?cb=1348269380
200 OK 5.4 kB URL HTTP/2 i0.wp.com/cdn.slidesharecdn.com/ss_thumbnails/contohrphbmalaysia-120921231548-phpapp02-thumbnail.jpg?cb=1348269380
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 170x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d82e4f656507eda4e7717f98061ca2cc
c1b2e0c7790c64939cea955e6ed2a3534b645746
19773c967d838f71e7b403922954b4bdbceed79802593b41ac34276c616a4344
GET /cdn.slidesharecdn.com/ss_thumbnails/contohrphbmalaysia-120921231548-phpapp02-thumbnail.jpg?cb=1348269380 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:49:53 GMT
content-type: image/webp
content-length: 5442
last-modified: Mon, 12 Sep 2022 09:49:53 GMT
expires: Wed, 11 Sep 2024 21:49:53 GMT
cache-control: public, max-age=63115200
link: <http://cdn.slidesharecdn.com/ss_thumbnails/contohrphbmalaysia-120921231548-phpapp02-thumbnail.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "58f5add17c570d8d"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 25e0740748990b9579a321d1b28983a2
849ef01a23e905d5a6c4a5f823fad713aa9a05e7
ec3c3120565756a22cb396a95382340b4a14eb69115c66ae5538190907974f8e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 09:49:54 GMT
Last-Modified: Mon, 12 Sep 2022 09:38:31 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JNj0wa6HCpoYkfpWa-c2JHFk4HolDjsryRoYZ8NapP7Ynh1D1IVi0w==
Age: 683
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 346923453b89a1da6a24698cb0a12eb4
b05dba140c7a1d000042f259c0fd9cb3d3c7ba59
ec680b8fc566ded89c8987bb31523f444a01b5f824ff17b25a93b9f97a906de5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharondenton.blogspot.com
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:49:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sharondenton.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=cebaf1ce-f38e-4c38-9c24-23b451137f21:2:1; expires=Thu, 09 Sep 2032 09:49:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5dc25adbca638e4a493bb2f9bdccd722
18168b8a51f6ab9e331eade0e76cffeb649eaf4b
502928763c74d2aea7774a18a586c69b9c2d7a1cc50e276f1366abfc3473aaa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "502928763C74D2AEA7774A18A586C69B9C2D7A1CC50E276F1366ABFC3473AAA1"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16605
Expires: Mon, 12 Sep 2022 14:26:39 GMT
Date: Mon, 12 Sep 2022 09:49:54 GMT
Connection: keep-alive
i0.wp.com/img.lovepik.com/desgin_photo/40085/9312_list.jpg
200 OK 101 kB URL HTTP/2 i0.wp.com/img.lovepik.com/desgin_photo/40085/9312_list.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x695, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 101 kB (100838 bytes)
Hash cb188fe29fe3e3cdc245f8d158699bd9
b1371ee1eae9ac68bf30f9a45ab53794be90684c
14b3cedbd092a736029a909aa2f922cfd1776be3b0acb478475abc036f5f5b2c
GET /img.lovepik.com/desgin_photo/40085/9312_list.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:49:54 GMT
content-type: image/webp
content-length: 100838
last-modified: Mon, 12 Sep 2022 09:49:54 GMT
expires: Wed, 11 Sep 2024 21:49:54 GMT
cache-control: public, max-age=63115200
link: <http://img.lovepik.com/desgin_photo/40085/9312_list.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "321989d5a84fa757"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16232
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 09:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16232
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 09:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16232
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 09:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16232
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 09:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16232
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 09:49:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 866ace739b788c7d6e9047d246985a8f
bec098ac12c44fc877555fea7b3ddb8cbef12b2d
1d8599845425acd4bf90d7da05efdd2a9c7e0b5a37efc291cdcf1a2277671429
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8390
x-amzn-requestid: 43e68b0e-80fd-43ed-8f63-86ec0c94c0a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJAPGy8IAMFsdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5534-0d51f22d34cb67eb2319ebf1;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7-heDNZyXWHL3b0QImPg965JLRhfEIVaOKTqnDlkJtz5xby64uPbXQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:44:22 GMT
age: 43532
etag: "bec098ac12c44fc877555fea7b3ddb8cbef12b2d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca76593aa217eb69a58ed89610d9d59d
d09f2d5acd5945620a2a51d72411c3c464a5166e
7b31c12dad70a30defa8924061b635410d8b2a59e90819c8707ee6d0b5acc98e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7029
x-amzn-requestid: 188bfede-89d9-42f9-914b-13a330675370
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHkBIAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-44c167dd64d1756c0280a759;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbhdBjUA4GNK7U8VQYUPDynJ58slL5aG1bZMDdXc8IKeg0KwZeqn2Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:11 GMT
age: 43303
etag: "d09f2d5acd5945620a2a51d72411c3c464a5166e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63d953ea7dce676e8b1c6fcab9f8eab7
5a359aed379e554c5c9885cc8f7a3bff7447d246
428029d6b65a52758df9fd8cb284df83ca4685031126b0ab5b60764a3e2d1a27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5709
x-amzn-requestid: 747b7be7-356b-4a9e-9869-4b8f71e66f53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YMl6sHaoIAMF2lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631b5044-0c6b0f57046b79cf56ecbf39;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 14:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dr4bY4RW6uq9WbrOmDnzqSUSYRgvbqP30MsMCA6ne_WND-u-1QkSeg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 23:28:04 GMT
age: 37310
etag: "5a359aed379e554c5c9885cc8f7a3bff7447d246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:13:41 GMT
age: 9373
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 43683
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:40:11 GMT
age: 43783
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
reapinject.com/da/ce/88/dace887d039f088ae0d9952a8b8cb060.js
200 OK 13 kB URL HTTP/1.1 reapinject.com/da/ce/88/dace887d039f088ae0d9952a8b8cb060.js
IP
File type ASCII text, with very long lines (37109), with no line terminators
Hash df599093dd191acbc9c3ce50890f4d7e
75df9ac8be16ae4e6c611709ba859f2390d367e6
1494d70ef884afa05ab0a789c92307e7ad091c03a039f4ba2e73efb72c8e142e
Analyzer Verdict Alert quad9 Sinkholed
GET /da/ce/88/dace887d039f088ae0d9952a8b8cb060.js HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 09:49:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0094affe75031ac33167cf4f52c85f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i1.wp.com/awsimages.detik.net.id/community/media/visual/2019/12/02/fe165925-1513-4b00-a83a-098b6a0bad4b_43.jpeg?w=700&q=90
200 OK 8.8 kB URL HTTP/2 i1.wp.com/awsimages.detik.net.id/community/media/visual/2019/12/02/fe165925-1513-4b00-a83a-098b6a0bad4b_43.jpeg?w=700&q=90
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5db4b38d3b06ce0b818f45bb52efbd4
2a606c6c457505bf648aa44e0677a5d7daa00bb6
7297c6eeb41ab2855b327b2a27cd5048518a64811d86aeb95d83217ffea80f96
GET /awsimages.detik.net.id/community/media/visual/2019/12/02/fe165925-1513-4b00-a83a-098b6a0bad4b_43.jpeg?w=700&q=90 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:49:54 GMT
content-type: image/webp
content-length: 8766
last-modified: Mon, 12 Sep 2022 09:49:54 GMT
expires: Wed, 11 Sep 2024 21:49:54 GMT
cache-control: public, max-age=63115200
link: <http://awsimages.detik.net.id/community/media/visual/2019/12/02/fe165925-1513-4b00-a83a-098b6a0bad4b_43.jpeg?90>; rel="canonical"
x-content-type-options: nosniff
etag: "c34f30da9c59c61d"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
reapinject.com/watch.252000407092.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22moldes%22%2C%22de%22%2C%22letras%22%2C%22grandes%22%2C%22y%22%2C%22bonitas%22%2C%22para%22%2C%22imprimir%22%2C%22a%22%2C%22color%22%2C%22letra%22%2C%22a%22%2C%22para%22%2C%22imprimir%22%2C%22letras%22%2C%22mayusculas%22%2C%22para%22%2C%22imprimir%22%2C%22-%22%2C%22sharon%22%2C%22denton%22%5D&refer=https%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&tz=0&dev=r&res=12.31&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 reapinject.com/watch.252000407092.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22moldes%22%2C%22de%22%2C%22letras%22%2C%22grandes%22%2C%22y%22%2C%22bonitas%22%2C%22para%22%2C%22imprimir%22%2C%22a%22%2C%22color%22%2C%22letra%22%2C%22a%22%2C%22para%22%2C%22imprimir%22%2C%22letras%22%2C%22mayusculas%22%2C%22para%22%2C%22imprimir%22%2C%22-%22%2C%22sharon%22%2C%22denton%22%5D&refer=https%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&tz=0&dev=r&res=12.31&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.252000407092.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22moldes%22%2C%22de%22%2C%22letras%22%2C%22grandes%22%2C%22y%22%2C%22bonitas%22%2C%22para%22%2C%22imprimir%22%2C%22a%22%2C%22color%22%2C%22letra%22%2C%22a%22%2C%22para%22%2C%22imprimir%22%2C%22letras%22%2C%22mayusculas%22%2C%22para%22%2C%22imprimir%22%2C%22-%22%2C%22sharon%22%2C%22denton%22%5D&refer=https%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&tz=0&dev=r&res=12.31&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharondenton.blogspot.com
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 09:49:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sharondenton.blogspot.com
Access-Control-Allow-Origin: https://sharondenton.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://reapinject.com/watch.252000407092.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22moldes%22%2C%22de%22%2C%22letras%22%2C%22grandes%22%2C%22y%22%2C%22bonitas%22%2C%22para%22%2C%22imprimir%22%2C%22a%22%2C%22color%22%2C%22letra%22%2C%22a%22%2C%22para%22%2C%22imprimir%22%2C%22letras%22%2C%22mayusculas%22%2C%22para%22%2C%22imprimir%22%2C%22-%22%2C%22sharon%22%2C%22denton%22%5D&refer=https%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&tz=0&dev=r&res=12.31&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1&shu=4ee5c8a39c1df8e5e9f1bef1766b9c7c652014038b4e4692de25ecd8f3614960eb030ae12a6a9660b970c1c621d57ed8deda4dd04a65144131cc0aa62e38b9c095eb95ed7ceb4aeb9a5bfff082ddff02e55e31315196c11a83a3b02944bafd448e79&pst=1662976254&rmtc=t
Set-Cookie: u_pl=15928454; expires=Tue, 13 Sep 2022 09:49:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjkiOiJkYWNlODg3ZDAzOWYwODhhZTBkOTk1MmE4YjhjYjA2MCIsIjI4IjoiNDQxMDhkMTgwNTU3Njk0NzYwMTVmNDI0MmNmN2QyMmQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NoYXJvbmRlbnRvbi5ibG9nc3BvdC5jb20vMjAyMi8wMi9tb2xkZXMtZGUtbGV0cmFzLWdyYW5kZXMteS1ib25pdGFzLXBhcmEuaHRtbCJ9fQ.yKcIJAC3WdRRzrYQW0hcDbWwlSKridhAwVpPQheuMC4; expires=Mon, 12 Sep 2022 09:50:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dfcd9a8f1bd06515dccac3260ccd2988
Strict-Transport-Security: max-age=0; includeSubdomains
reapinject.com/watch.252000407092.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22moldes%22%2C%22de%22%2C%22letras%22%2C%22grandes%22%2C%22y%22%2C%22bonitas%22%2C%22para%22%2C%22imprimir%22%2C%22a%22%2C%22color%22%2C%22letra%22%2C%22a%22%2C%22para%22%2C%22imprimir%22%2C%22letras%22%2C%22mayusculas%22%2C%22para%22%2C%22imprimir%22%2C%22-%22%2C%22sharon%22%2C%22denton%22%5D&refer=https%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&tz=0&dev=r&res=12.31&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1&shu=4ee5c8a39c1df8e5e9f1bef1766b9c7c652014038b4e4692de25ecd8f3614960eb030ae12a6a9660b970c1c621d57ed8deda4dd04a65144131cc0aa62e38b9c095eb95ed7ceb4aeb9a5bfff082ddff02e55e31315196c11a83a3b02944bafd448e79&pst=1662976254&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 reapinject.com/watch.252000407092.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22moldes%22%2C%22de%22%2C%22letras%22%2C%22grandes%22%2C%22y%22%2C%22bonitas%22%2C%22para%22%2C%22imprimir%22%2C%22a%22%2C%22color%22%2C%22letra%22%2C%22a%22%2C%22para%22%2C%22imprimir%22%2C%22letras%22%2C%22mayusculas%22%2C%22para%22%2C%22imprimir%22%2C%22-%22%2C%22sharon%22%2C%22denton%22%5D&refer=https%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&tz=0&dev=r&res=12.31&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1&shu=4ee5c8a39c1df8e5e9f1bef1766b9c7c652014038b4e4692de25ecd8f3614960eb030ae12a6a9660b970c1c621d57ed8deda4dd04a65144131cc0aa62e38b9c095eb95ed7ceb4aeb9a5bfff082ddff02e55e31315196c11a83a3b02944bafd448e79&pst=1662976254&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2646)
Hash b78d8f3e6ead600446bb0f6ccec0dfda
1c0b75f9747556fe745773b1a0951c42775329a1
e9847b900637f8afd0652c096ab441a1f22ad1959262654aa171c592a729b385
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.252000407092.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22moldes%22%2C%22de%22%2C%22letras%22%2C%22grandes%22%2C%22y%22%2C%22bonitas%22%2C%22para%22%2C%22imprimir%22%2C%22a%22%2C%22color%22%2C%22letra%22%2C%22a%22%2C%22para%22%2C%22imprimir%22%2C%22letras%22%2C%22mayusculas%22%2C%22para%22%2C%22imprimir%22%2C%22-%22%2C%22sharon%22%2C%22denton%22%5D&refer=https%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&tz=0&dev=r&res=12.31&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1&shu=4ee5c8a39c1df8e5e9f1bef1766b9c7c652014038b4e4692de25ecd8f3614960eb030ae12a6a9660b970c1c621d57ed8deda4dd04a65144131cc0aa62e38b9c095eb95ed7ceb4aeb9a5bfff082ddff02e55e31315196c11a83a3b02944bafd448e79&pst=1662976254&rmtc=t HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharondenton.blogspot.com
Referer: https://sharondenton.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15928454; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjkiOiJkYWNlODg3ZDAzOWYwODhhZTBkOTk1MmE4YjhjYjA2MCIsIjI4IjoiNDQxMDhkMTgwNTU3Njk0NzYwMTVmNDI0MmNmN2QyMmQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NoYXJvbmRlbnRvbi5ibG9nc3BvdC5jb20vMjAyMi8wMi9tb2xkZXMtZGUtbGV0cmFzLWdyYW5kZXMteS1ib25pdGFzLXBhcmEuaHRtbCJ9fQ.yKcIJAC3WdRRzrYQW0hcDbWwlSKridhAwVpPQheuMC4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 09:49:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sharondenton.blogspot.com
Access-Control-Allow-Origin: https://sharondenton.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cebaf1ce-f38e-4c38-9c24-23b451137f21:2:1; expires=Mon, 19 Sep 2022 09:49:54 GMT; secure; SameSite=None
iprc6a826fa2e9be7c2d58f265a23cfdcb60=3569806; expires=Mon, 12 Sep 2022 13:49:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 09:49:54 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 09:49:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Sep 2022 09:49:54 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Sep 2022 09:49:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b7f4627b6061200d420816436cb92f4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ba627272befd0f5ff19db41767b0c4
e262f240ad6e9c4036a1469b5e1d8b9552806ec0
d5c2c3f9401d006b7e078d210c9760789889abd6d6fca60072e6c57f18c82fa6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5C2C3F9401D006B7E078D210C9760789889ABD6D6FCA60072E6C57F18C82FA6"
Last-Modified: Mon, 12 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6248
Expires: Mon, 12 Sep 2022 11:34:02 GMT
Date: Mon, 12 Sep 2022 09:49:54 GMT
Connection: keep-alive
creepingbrings.com/sfp.js
200 OK 168 kB URL HTTP/2 creepingbrings.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 168 kB (167463 bytes)
Hash 298a45e1194cf571caf7119b2970c316
6f35dc6d3d6fa6f551689c7f4fc7686347bea721
270383e2eb4c0a6868cbca03de3649a48444340039ee7801d16baf038071984f
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:49:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ab7c7e0ec2cf7d1c211ae691b23d71ca
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 12 Sep 2022 09:49:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLAv43MumZ7k%2BzXiJWKMW3ruIiQHzaEw8UeCR82ozPHmYYyb3pFSKMyxK%2F%2BnVst%2BLbJQPb3%2FXNU8HeX%2FM8JmAczgABmJGD2KP2EkoqM%2BjUgnY86%2FG6Q7VHPk4rrITfm0ENDAUKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7497bc5fdcd18879-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4606357&@f16&@g1&@h1&@i1&@j1662976182211&@k0&@l1&@mMoldes%20De%20Letras%20Grandes%20Y%20Bonitas%20Para%20Imprimir%20A%20Color%20%2F%20letra%20a%20para%20imprimir%20%7C%20Letras%20mayusculas%20para%20imprimir%20-%20Sharon%20Denton&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-179318488&@b3:1662976182&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&@w
200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4606357&@f16&@g1&@h1&@i1&@j1662976182211&@k0&@l1&@mMoldes%20De%20Letras%20Grandes%20Y%20Bonitas%20Para%20Imprimir%20A%20Color%20%2F%20letra%20a%20para%20imprimir%20%7C%20Letras%20mayusculas%20para%20imprimir%20-%20Sharon%20Denton&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-179318488&@b3:1662976182&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&@w
IP
File type ASCII text, with no line terminators
Hash edc1e5e7616b691e3890a781d63846ef
8c7e37976aa23ebbac557988971c1bca083cad25
ae1c35dddcfebd9863402e905014fb40d04237e2d7b28b50d677530a37550a4f
GET /stats/0.php?4606357&@f16&@g1&@h1&@i1&@j1662976182211&@k0&@l1&@mMoldes%20De%20Letras%20Grandes%20Y%20Bonitas%20Para%20Imprimir%20A%20Color%20%2F%20letra%20a%20para%20imprimir%20%7C%20Letras%20mayusculas%20para%20imprimir%20-%20Sharon%20Denton&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-179318488&@b3:1662976182&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsharondenton.blogspot.com%2F2022%2F02%2Fmoldes-de-letras-grandes-y-bonitas-para.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:49:55 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
i0.wp.com/www.mcdonalds.com.my/microsites/breakfast/images/sharer.jpg
200 OK 89 kB URL HTTP/2 i0.wp.com/www.mcdonalds.com.my/microsites/breakfast/images/sharer.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 97dd13eaf104f9a6bd9449ba30a5b042
d7d53ccf9fcdfcba89bcc7767143756be21dd8d6
478720ff97418ee3d4e1d3eedab575d5c5a0a2c02bc9145036ac32418c178772
GET /www.mcdonalds.com.my/microsites/breakfast/images/sharer.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:49:55 GMT
content-type: image/webp
content-length: 88664
last-modified: Mon, 12 Sep 2022 09:49:55 GMT
expires: Wed, 11 Sep 2024 21:49:55 GMT
cache-control: public, max-age=63115200
link: <http://www.mcdonalds.com.my/microsites/breakfast/images/sharer.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6bdae016400d193a"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0ZcqJt9XiHSWlx_Lh8G63WFzMK1WZcKI-nAYGojzqpffUlPorVRMQ6aYWKVaV5Hu1-6q164gFlhRQjygLfOyA5oAqC=w80-h80-p-k-no-nu
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0ZcqJt9XiHSWlx_Lh8G63WFzMK1WZcKI-nAYGojzqpffUlPorVRMQ6aYWKVaV5Hu1-6q164gFlhRQjygLfOyA5oAqC=w80-h80-p-k-no-nu
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 1c9b39499ed20c18731b57ed0fd18a54
fe95394a1a195249e0bcf9b55400826e1c5435d9
b7c20750772401cb21c1d21dc6fd4dbee5359feba61a9c83f86cc1cb994b7e48
GET /blogger_img_proxy/ANbyha0ZcqJt9XiHSWlx_Lh8G63WFzMK1WZcKI-nAYGojzqpffUlPorVRMQ6aYWKVaV5Hu1-6q164gFlhRQjygLfOyA5oAqC=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 09:49:56 GMT
server: fife
content-length: 1693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1fj-K8PXtPYkANPiPDN6YxmmnkRcdHKbvkt5cQKSPquyFL_Xr8Gi79ZK6ZZ4TpBtX-Bryw_hCfLUrVT1rJJux1VN7UhZIGOZ97wJQpTGP_2rdpDfFdhwddJ1pfgfO7r13JET3Mni1zU79N_Ty5fs7hElTz=w80-h80-p-k-no-nu
200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1fj-K8PXtPYkANPiPDN6YxmmnkRcdHKbvkt5cQKSPquyFL_Xr8Gi79ZK6ZZ4TpBtX-Bryw_hCfLUrVT1rJJux1VN7UhZIGOZ97wJQpTGP_2rdpDfFdhwddJ1pfgfO7r13JET3Mni1zU79N_Ty5fs7hElTz=w80-h80-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash a9827fade41542b38ab1b1b2c437f29d
ab143aee51aa60ba31f862fc0669283a2427cf91
570faa2944745845e16a90954a28d18ad9df6b7d65e1cd184af90474df2353f7
GET /blogger_img_proxy/ANbyha1fj-K8PXtPYkANPiPDN6YxmmnkRcdHKbvkt5cQKSPquyFL_Xr8Gi79ZK6ZZ4TpBtX-Bryw_hCfLUrVT1rJJux1VN7UhZIGOZ97wJQpTGP_2rdpDfFdhwddJ1pfgfO7r13JET3Mni1zU79N_Ty5fs7hElTz=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 13 Sep 2022 09:49:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 09:49:56 GMT
server: fife
content-length: 2154
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 090a097732f15b625208ab10faeea110
33b4fbb528d5b24e6edeebec3887e9b92bed4272
dd912cb8f4b18a02f086446af981c96af8de389bb8872f8bb6dd76cb5b018194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD912CB8F4B18A02F086446AF981C96AF8DE389BB8872F8BB6DD76CB5B018194"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15739
Expires: Mon, 12 Sep 2022 14:12:15 GMT
Date: Mon, 12 Sep 2022 09:49:56 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0yFpwanX6EC7sMsLAC9E0zq924YN0nVWN_3vOqF7SYLI4cRQC1jysi6RzC3WSliebUOu2_xgA-ISWSahMxEZXBKogFe8abOlDaWRovnpxIm3khWyQ5WBwUQ9w7F0bGhJdEzUj4UGtk3N486OKXyN_AjIQJqGYDyA=w80-h80-p-k-no-nu
200 OK 5.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0yFpwanX6EC7sMsLAC9E0zq924YN0nVWN_3vOqF7SYLI4cRQC1jysi6RzC3WSliebUOu2_xgA-ISWSahMxEZXBKogFe8abOlDaWRovnpxIm3khWyQ5WBwUQ9w7F0bGhJdEzUj4UGtk3N486OKXyN_AjIQJqGYDyA=w80-h80-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 524a4853ac1c1e9d554955a4cfa7bdfd
177238ec8c5fa7b715eddf0e96de410239180e17
41267334cd8eab47805ea5e5930d8de0183337b13135a105f4052c5e9f547639
GET /blogger_img_proxy/ANbyha0yFpwanX6EC7sMsLAC9E0zq924YN0nVWN_3vOqF7SYLI4cRQC1jysi6RzC3WSliebUOu2_xgA-ISWSahMxEZXBKogFe8abOlDaWRovnpxIm3khWyQ5WBwUQ9w7F0bGhJdEzUj4UGtk3N486OKXyN_AjIQJqGYDyA=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 13 Sep 2022 09:49:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 09:49:56 GMT
server: fife
content-length: 5521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2TVxoUTJHS9GEknUIfBe1k7VU7uNVgNNxXN0fqbZIp9EGlmGIjTatgOO67a0fpuEpjUVpNMgoOLvnVLYXFkUCiLvKN97UQ68KYKD6tBC8ts8ViMC9jBrxxjib67ceapWuEAKfi24w3PEbBV1xG05lkHQGNKbWHXsR2=w80-h80-p-k-no-nu
200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2TVxoUTJHS9GEknUIfBe1k7VU7uNVgNNxXN0fqbZIp9EGlmGIjTatgOO67a0fpuEpjUVpNMgoOLvnVLYXFkUCiLvKN97UQ68KYKD6tBC8ts8ViMC9jBrxxjib67ceapWuEAKfi24w3PEbBV1xG05lkHQGNKbWHXsR2=w80-h80-p-k-no-nu
IP
File type GIF image data, version 89a, 80 x 80\012- data
Hash d3dcc44fc5001e8038531977c500ee90
3d0f711b8af35c2f31b9ee594b5f2b05aa41aade
37fe0c83ce5a8ee694205500f2b37c712a161d4facb248c7f113dea348bf6507
GET /blogger_img_proxy/ANbyha2TVxoUTJHS9GEknUIfBe1k7VU7uNVgNNxXN0fqbZIp9EGlmGIjTatgOO67a0fpuEpjUVpNMgoOLvnVLYXFkUCiLvKN97UQ68KYKD6tBC8ts8ViMC9jBrxxjib67ceapWuEAKfi24w3PEbBV1xG05lkHQGNKbWHXsR2=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 13 Sep 2022 09:49:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 09:49:56 GMT
server: fife
content-length: 4820
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 12 Sep 2022 09:49:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c81a13bdefa91205c23f0122e9e3ef00
Strict-Transport-Security: max-age=0; includeSubdomains
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3kgT6glXizo-ZEkOwtFEMpLr3dmKTco8zwkVY-8yJecxLtI2J_uiuOWf_wkS-6ZdvECTDGvaczx3tIEVlS98070Uul_J8scYySRov5F6WAmvKBq7OQkvT3F5PPExRbaSMGEKQO2zM0ZXsCxUnAkm4TuikCdHXhwUI0avY=w80-h80-p-k-no-nu
200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3kgT6glXizo-ZEkOwtFEMpLr3dmKTco8zwkVY-8yJecxLtI2J_uiuOWf_wkS-6ZdvECTDGvaczx3tIEVlS98070Uul_J8scYySRov5F6WAmvKBq7OQkvT3F5PPExRbaSMGEKQO2zM0ZXsCxUnAkm4TuikCdHXhwUI0avY=w80-h80-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash b3cc1ccad6c2edc99544831850fe796b
397d15c9102b14432d45eace79768582f2a7d1db
fa437e851faccfd17282788bc14288782bcb648598e84415057733e5611f233b
GET /blogger_img_proxy/ANbyha3kgT6glXizo-ZEkOwtFEMpLr3dmKTco8zwkVY-8yJecxLtI2J_uiuOWf_wkS-6ZdvECTDGvaczx3tIEVlS98070Uul_J8scYySRov5F6WAmvKBq7OQkvT3F5PPExRbaSMGEKQO2zM0ZXsCxUnAkm4TuikCdHXhwUI0avY=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 13 Sep 2022 09:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 09:49:57 GMT
server: fife
content-length: 1527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1952ae22cfd96ac9a06389a27a0ec8f2
7771864f6a4cc7fcc42bdf5f645e2b0ede568ac4
a245aaea73017fb82894d24a9480df93a89949d01a2f14181cc8475e7371ab5d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A245AAEA73017FB82894D24A9480DF93A89949D01A2F14181CC8475E7371AB5D"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13963
Expires: Mon, 12 Sep 2022 13:42:43 GMT
Date: Mon, 12 Sep 2022 09:50:00 GMT
Connection: keep-alive
grandsupple.com/sbar.json?key=dace887d039f088ae0d9952a8b8cb060&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1
200 OK 4.1 kB URL HTTP/1.1 grandsupple.com/sbar.json?key=dace887d039f088ae0d9952a8b8cb060&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5750), with no line terminators
Hash c8d8b4f469076e290fa98302ba2dbbb3
6a718e26593cce70bcb2f1f013de0cc61ba75a3a
239c5f2422460f4ca93d2096401e487b25c5696eb391c23267658c01445efa26
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=dace887d039f088ae0d9952a8b8cb060&uuid=cebaf1ce-f38e-4c38-9c24-23b451137f21%3A2%3A1 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharondenton.blogspot.com
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 12 Sep 2022 09:50:00 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sharondenton.blogspot.com
Access-Control-Allow-Origin: https://sharondenton.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16032438; expires=Tue, 13 Sep 2022 09:50:00 GMT; secure; SameSite=None
uid_id2=cebaf1ce-f38e-4c38-9c24-23b451137f21:2:1; expires=Mon, 19 Sep 2022 09:50:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 09:50:00 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 09:50:00 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 13 Sep 2022 09:50:00 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 13 Sep 2022 09:50:00 GMT; secure; SameSite=None
slecdace887d039f088ae0d9952a8b8cb060=[3357660]; expires=Mon, 12 Sep 2022 09:50:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5afb2ea9bf8bca099af32db2b0844c17
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
grandsupple.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bRRydTXNA4gTKBSSKDxxAIs7%2Bcew1PVSEEBSRNqUFgcQBZmdm7SGzO6uZXa%2FjU0Ql1KP5BpvnpFGhQnDhRkFOpSJFQqo5WYJ8BwTqiQOyG2H4XX7vzXuHN2%2Fmi8PinLgo6HTzmh5Ipejaet2tvfqR512p7ci06Nf6YfOTZuNKzfTeaDfr7mu1dwTb02u%2B67mu53q1LWlErPtrMxEyu9%2F26m233vDr3noDffN%2FbgsHljrgvXPyPCSfLD90ViDZGGny7aawe7nOXn87KRTNtUGPn3yQ7qW6TJEsYGwcxOnJhRvaPt56AJ0ez%2BNC9%2F41RnJCnEcPEKUnFyER9Y7mOSMFkSLiz6LsjSHUGJKOwfRtSP6YAIzj%2Bi7S5O51bUq6%2F1SlM3VClp%2F8CVlOyPLvK0iTbzaU7NduaVXkUqcW%2FbiC7I8hO2NkxSnywRJkeQqWfw7JfyFrT3aQJke7VmlIPn2FiYjGHhOrcRCK1QYLwtU28xurfhA11j0vaMW%2BNy9IyjFkPIYSQ1C7hMI6KKSDInZQZA4SPq0xz%2FNaLmfUDduMBbwloiZ3PdqKPeq5zRAFm91hiDwbgqkhmDlAZg6wJ4cwxU%2Bw3QqWL8HmE%2BK8N0CPVygFQWkJSkpQSoIyJyh71TFX1rfVXa5sEXkX27%2FYQTXSeeeQHuu8I1JymJ2T5%2Bbl%2FYXvsSemNU6ZCMMWd4N27IYhFS5vt9d9GkYhi9ymCysrSLsEah0M5ISsTBvI5IQsXR4ioqew6hRMroAWL4GWo5bvgnZHjdDFIP0x74oitbnOMhopwQXNuwllXZkKW09FDq4rZPky8n3nUJ2TF%2BbRgiu%2FQbCzq59G1yZ%2F3PsbzFTITIXP5EOCjrozuqlLcnRTl5Z8t5vlMpEDOnvzWznNxaWv3hX7pTZ8e9MO773JZsIM3n9f2HyHplymHUu%2B3pCcC7OlDRPkh237oYhuFLa7UZi0yHZuvLW1nWRGWCt1OgaVE0IenYHJCXmGl%2FPv%2FKL9GNKMYYoKSXFGLgZSn4JlB7DZIr%2FVl2DUwhNlDsqiGhk%2FWhwqSaDEgtOogv0Pjxb40N5Bx1wGzW8jTSr0TIWeqkDVELa4NMozc3b112A%2BiJQzipRxjiJl1JdPy7VyWmsFgUub7XWv1aKiFTX8MG56nFK%2F0fSbTRogtxP2Mvn5HwAAAP%2F%2FAQAA%2F%2F96FgCSmQQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 grandsupple.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bRRydTXNA4gTKBSSKDxxAIs7%2Bcew1PVSEEBSRNqUFgcQBZmdm7SGzO6uZXa%2FjU0Ql1KP5BpvnpFGhQnDhRkFOpSJFQqo5WYJ8BwTqiQOyG2H4XX7vzXuHN2%2Fmi8PinLgo6HTzmh5Ipejaet2tvfqR512p7ci06Nf6YfOTZuNKzfTeaDfr7mu1dwTb02u%2B67mu53q1LWlErPtrMxEyu9%2F26m233vDr3noDffN%2FbgsHljrgvXPyPCSfLD90ViDZGGny7aawe7nOXn87KRTNtUGPn3yQ7qW6TJEsYGwcxOnJhRvaPt56AJ0ez%2BNC9%2F41RnJCnEcPEKUnFyER9Y7mOSMFkSLiz6LsjSHUGJKOwfRtSP6YAIzj%2Bi7S5O51bUq6%2F1SlM3VClp%2F8CVlOyPLvK0iTbzaU7NduaVXkUqcW%2FbiC7I8hO2NkxSnywRJkeQqWfw7JfyFrT3aQJke7VmlIPn2FiYjGHhOrcRCK1QYLwtU28xurfhA11j0vaMW%2BNy9IyjFkPIYSQ1C7hMI6KKSDInZQZA4SPq0xz%2FNaLmfUDduMBbwloiZ3PdqKPeq5zRAFm91hiDwbgqkhmDlAZg6wJ4cwxU%2Bw3QqWL8HmE%2BK8N0CPVygFQWkJSkpQSoIyJyh71TFX1rfVXa5sEXkX27%2FYQTXSeeeQHuu8I1JymJ2T5%2Bbl%2FYXvsSemNU6ZCMMWd4N27IYhFS5vt9d9GkYhi9ymCysrSLsEah0M5ISsTBvI5IQsXR4ioqew6hRMroAWL4GWo5bvgnZHjdDFIP0x74oitbnOMhopwQXNuwllXZkKW09FDq4rZPky8n3nUJ2TF%2BbRgiu%2FQbCzq59G1yZ%2F3PsbzFTITIXP5EOCjrozuqlLcnRTl5Z8t5vlMpEDOnvzWznNxaWv3hX7pTZ8e9MO773JZsIM3n9f2HyHplymHUu%2B3pCcC7OlDRPkh237oYhuFLa7UZi0yHZuvLW1nWRGWCt1OgaVE0IenYHJCXmGl%2FPv%2FKL9GNKMYYoKSXFGLgZSn4JlB7DZIr%2FVl2DUwhNlDsqiGhk%2FWhwqSaDEgtOogv0Pjxb40N5Bx1wGzW8jTSr0TIWeqkDVELa4NMozc3b112A%2BiJQzipRxjiJl1JdPy7VyWmsFgUub7XWv1aKiFTX8MG56nFK%2F0fSbTRogtxP2Mvn5HwAAAP%2F%2FAQAA%2F%2F96FgCSmQQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST28bRRydTXNA4gTKBSSKDxxAIs7%2Bcew1PVSEEBSRNqUFgcQBZmdm7SGzO6uZXa%2FjU0Ql1KP5BpvnpFGhQnDhRkFOpSJFQqo5WYJ8BwTqiQOyG2H4XX7vzXuHN2%2Fmi8PinLgo6HTzmh5Ipejaet2tvfqR512p7ci06Nf6YfOTZuNKzfTeaDfr7mu1dwTb02u%2B67mu53q1LWlErPtrMxEyu9%2F26m233vDr3noDffN%2FbgsHljrgvXPyPCSfLD90ViDZGGny7aawe7nOXn87KRTNtUGPn3yQ7qW6TJEsYGwcxOnJhRvaPt56AJ0ez%2BNC9%2F41RnJCnEcPEKUnFyER9Y7mOSMFkSLiz6LsjSHUGJKOwfRtSP6YAIzj%2Bi7S5O51bUq6%2F1SlM3VClp%2F8CVlOyPLvK0iTbzaU7NduaVXkUqcW%2FbiC7I8hO2NkxSnywRJkeQqWfw7JfyFrT3aQJke7VmlIPn2FiYjGHhOrcRCK1QYLwtU28xurfhA11j0vaMW%2BNy9IyjFkPIYSQ1C7hMI6KKSDInZQZA4SPq0xz%2FNaLmfUDduMBbwloiZ3PdqKPeq5zRAFm91hiDwbgqkhmDlAZg6wJ4cwxU%2Bw3QqWL8HmE%2BK8N0CPVygFQWkJSkpQSoIyJyh71TFX1rfVXa5sEXkX27%2FYQTXSeeeQHuu8I1JymJ2T5%2Bbl%2FYXvsSemNU6ZCMMWd4N27IYhFS5vt9d9GkYhi9ymCysrSLsEah0M5ISsTBvI5IQsXR4ioqew6hRMroAWL4GWo5bvgnZHjdDFIP0x74oitbnOMhopwQXNuwllXZkKW09FDq4rZPky8n3nUJ2TF%2BbRgiu%2FQbCzq59G1yZ%2F3PsbzFTITIXP5EOCjrozuqlLcnRTl5Z8t5vlMpEDOnvzWznNxaWv3hX7pTZ8e9MO773JZsIM3n9f2HyHplymHUu%2B3pCcC7OlDRPkh237oYhuFLa7UZi0yHZuvLW1nWRGWCt1OgaVE0IenYHJCXmGl%2FPv%2FKL9GNKMYYoKSXFGLgZSn4JlB7DZIr%2FVl2DUwhNlDsqiGhk%2FWhwqSaDEgtOogv0Pjxb40N5Bx1wGzW8jTSr0TIWeqkDVELa4NMozc3b112A%2BiJQzipRxjiJl1JdPy7VyWmsFgUub7XWv1aKiFTX8MG56nFK%2F0fSbTRogtxP2Mvn5HwAAAP%2F%2FAQAA%2F%2F96FgCSmQQAAA%3D%3D HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Cookie: u_pl=16032438; uid_id2=cebaf1ce-f38e-4c38-9c24-23b451137f21:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdace887d039f088ae0d9952a8b8cb060=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 12 Sep 2022 09:50:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 455f8500a3d4dda8c06a22a007889bcd
Strict-Transport-Security: max-age=0; includeSubdomains
www.blogger.com/comment/frame/4771231211637548505?po=1972774757039764210&hl=en&skin=contempo&blogspotRpcToken=6989242
200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/4771231211637548505?po=1972774757039764210&hl=en&skin=contempo&blogspotRpcToken=6989242
IP
GET /comment/frame/4771231211637548505?po=1972774757039764210&hl=en&skin=contempo&blogspotRpcToken=6989242 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharondenton.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 12 Sep 2022 09:49:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-YFM8Gbr0GmsLYWVeUK_DaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=CZBFWmpm8uPCtBQ7lBeQ-Xx1ckO62lH5evQCYvBzetsrwDzJrrkqbFP-di4LJ01WWvKSGbpE9fXv5wEF2vuQssh16HyqHpNTkr-s57bitfD3XNX5oDYYqAlocExYrpKIn35TH5wqbyhTO631yvFWaiXMeLdnWY67W963J8WlUj0; expires=Tue, 14-Mar-2023 09:49:52 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
142.250.74.161
46.105.201.240
104.18.14.176
192.99.8.28
93.184.220.29
95.101.11.115
52.28.172.243