icefairystreasurechest.blogspot.fr/search/label/Toys
302 Moved Temporarily 197 B URL HTTP/1.1 icefairystreasurechest.blogspot.fr/search/label/Toys
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 91199ab6506a728936f489c439508624
a0bcb90d48b2448dbbf4fc53f865cbdd745b6d5e
84eb5610d1436b22aa77828845a77fcb4774680c3f08a5f5bd9d48eb97816672
Analyzer Verdict Alert fortinet Phishing
GET /search/label/Toys HTTP/1.1
Host: icefairystreasurechest.blogspot.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://icefairystreasurechest.blogspot.com/search/label/Toys
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 23 Mar 2023 23:39:34 GMT
Expires: Thu, 23 Mar 2023 23:39:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 197
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3281
Expires: Fri, 24 Mar 2023 00:34:15 GMT
Date: Thu, 23 Mar 2023 23:39:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3721
Expires: Fri, 24 Mar 2023 00:41:35 GMT
Date: Thu, 23 Mar 2023 23:39:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 23:15:09 GMT
content-type: application/json
age: 1465
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14771
Expires: Fri, 24 Mar 2023 03:45:45 GMT
Date: Thu, 23 Mar 2023 23:39:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5DLPvyIULTtfH9APjpIc/rjYTsgrH/gSI9xHrM1yQf5lbtIGJuw5rpmVlaH6XSg5Me1MWaYAegc=
x-amz-request-id: 0MRZXWCET9E7JAKA
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 22:54:13 GMT
age: 2721
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:34 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 23:14:33 GMT
age: 1501
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4451
Expires: Fri, 24 Mar 2023 00:53:46 GMT
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 15ffef94f3ca35ec4ab22f87648a00b6
47742d904f9bd65cfc0260b9ac9527d378f6d26b
a838b31a41cc20fb321369f1e93c542b52e26e0c76787e56688887f41eaa2d23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 980fdb160191050671abe681e7aba45d
81d25de29530d06e7d06c312aa317a17bd048fe9
ec13be89cf3b6a4b49b91e09dd628af73020a038fb84ef1137c1d631560afe59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.statcounter.com/counter/counter_xhtml.js
200 OK 14 kB URL HTTP/1.1 www.statcounter.com/counter/counter_xhtml.js
IP
File type ASCII text, with very long lines (43941), with no line terminators
Hash 0dd9b9ebdc1428a9db2c954800fa9c75
0bc8467b00b1bd4cfc73936a6c3ef15f2c5fe0d9
75fa8b09a2404b25e1d107db70bd11d64e493f6967afc1b050f0df3277f499d6
GET /counter/counter_xhtml.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Mar 2023 15:28:48 GMT
ETag: W/"aba5-5f792eedb23f6"
Cache-Control: max-age=43200
Expires: Fri, 24 Mar 2023 04:01:11 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
User-Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 27504
Server: cloudflare
CF-RAY: 7aca83b81c47b512-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f140c75bb5da2cd7fb6e766dd6270b9d
afcbc2c00cd803edc322a66a4cd32ee933433682
077eb37a6e98251caf56b2f6f8987d8f7695bab0f936681971ce3d3c887b0097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/cse/api/branding.css
301 Moved Permanently 240 B URL HTTP/1.1 www.google.com/cse/api/branding.css
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 45d8b9287efe893be2350ff89f991c63
aff877b245649e7f02f940b70d1fb51728782ce2
8419b15bd2324a0463f4ee81576bf262cfd32e584337586ca02fc18f68f01408
GET /cse/api/branding.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://cse.google.com/cse/api/branding.css
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 240
X-XSS-Protection: 0
Date: Thu, 23 Mar 2023 23:23:54 GMT
Expires: Thu, 23 Mar 2023 23:53:54 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 941
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 18 Mar 2023 20:17:37 GMT
expires: Sun, 17 Mar 2024 20:17:37 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 18 Mar 2023 16:49:42 GMT
content-type: text/css
vary: Accept-Encoding
age: 444118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1429)
Hash 3161bcab6d00af494c239ab853923a64
3a9c842aa0b2fc894aea7a308a56cc09fce0def3
2b5444c3782c761e5ddb30bd733e9f746f49b3442c5d787b0a7b0c10434fe81f
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21022
date: Thu, 23 Mar 2023 23:39:35 GMT
expires: Thu, 23 Mar 2023 23:39:35 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a817d6f6a95ec85f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-92-B34lHgb0/WWHPCYfZhkI/AAAAAAAAOic/wYkTk8wsy3ouI3qK1xV8dVXkPa3m7veBgCLcBGAs/s1600/header2-1.jpg
200 OK 21 kB URL HTTP/2 4.bp.blogspot.com/-92-B34lHgb0/WWHPCYfZhkI/AAAAAAAAOic/wYkTk8wsy3ouI3qK1xV8dVXkPa3m7veBgCLcBGAs/s1600/header2-1.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 1005x107, components 3\012- data
Hash 5536a20320582a6b02b1d0abb9927527
ed3a14d731048dbad6942c93ee4321b397a0e143
c6908d4d23dea18b46726a4cc1ee95ed51354e60c9c2a16073dff208538c214a
GET /-92-B34lHgb0/WWHPCYfZhkI/AAAAAAAAOic/wYkTk8wsy3ouI3qK1xV8dVXkPa3m7veBgCLcBGAs/s1600/header2-1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3a28"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="header2-1.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 21215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 84b45209d94ad7301f9dc2224bb2f5da
90fbb479fe4faefda4e6b2eba4004da6328d81c7
b8be78412999d773ace79581e7160d879c1b165f47a80dfcc4ebd90dac95d799
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 980fdb160191050671abe681e7aba45d
81d25de29530d06e7d06c312aa317a17bd048fe9
ec13be89cf3b6a4b49b91e09dd628af73020a038fb84ef1137c1d631560afe59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 15ffef94f3ca35ec4ab22f87648a00b6
47742d904f9bd65cfc0260b9ac9527d378f6d26b
a838b31a41cc20fb321369f1e93c542b52e26e0c76787e56688887f41eaa2d23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cse.google.com/cse/api/branding.css
200 OK 322 B URL HTTP/2 cse.google.com/cse/api/branding.css
IP
Hash eb44259f9eed170ffd1b7293b57ca0f8
3099cbdc7f7ac67ec5863ae5f1a669163b56c6c4
7ddb01d9a89048ea77b75c1fc966e14c3c6c3bfe5d45b5b372f3d93ccc9670f4
GET /cse/api/branding.css HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: pfe
content-length: 322
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Thu, 23 Mar 2023 23:12:56 GMT
expires: Thu, 23 Mar 2023 23:42:56 GMT
cache-control: public, max-age=1800
age: 1599
last-modified: Sat, 17 Nov 2007 23:34:50 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PBN79J
302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-PBN79J
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 3a6b961cc076de0d53eed535ec7ee9d6
5f7ba46caf737223a12b551baec7b2729b12d92a
f118ea8c671ec7704a00ab54c3a0e3c3a0ca1485a3f92dd8e9f4ae494522ff61
GET /gtm.js?id=GTM-PBN79J HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
www.googletagservices.com/tag/js/gpt.js
200 OK 28 kB URL HTTP/1.1 www.googletagservices.com/tag/js/gpt.js
IP
File type ASCII text, with very long lines (39604)
Hash 08bb89c6689a2a76ee58fd73a6c2582d
126e0fb07ae7b6dad1c6e240357d5ed144c4ea65
78654501471792a42ad86d00cfddf9b634e37594e84ea1f323843b4607effc8e
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Timing-Allow-Origin: *
Content-Length: 27495
Date: Thu, 23 Mar 2023 23:39:35 GMT
Expires: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: private, max-age=900, stale-while-revalidate=3600
ETag: "1520 / 323 of 1000 / last-modified: 1679609265"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
icefairystreasurechest.blogspot.com/search/label/Toys
200 OK 54 kB URL HTTP/1.1 icefairystreasurechest.blogspot.com/search/label/Toys
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1047)
Hash 27699ac3d719c0ff775e08b6d8ff4e53
5465801f206d53577425c8b23b0a32f8c69432ee
80aad6aa7a93b163b4dd72df384c8a913c3bce826fc0f0d4fd1cda2c1f3b550a
Analyzer Verdict Alert fortinet Phishing
GET /search/label/Toys HTTP/1.1
Host: icefairystreasurechest.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 23 Mar 2023 23:39:34 GMT
Date: Thu, 23 Mar 2023 23:39:34 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 23 Mar 2023 22:53:26 GMT
ETag: W/"86876f853a9e7e3189a50083755c1cdad02b9835f120a06f44705a92e0233369"
X-Robots-Tag: all
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 53465
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/_d4TpLC-Q3no/SjALvSDGeQI/AAAAAAAAALk/xyZOZVhMDLA/s200/prbutton4.gif
200 OK 7.6 kB URL HTTP/1.1 2.bp.blogspot.com/_d4TpLC-Q3no/SjALvSDGeQI/AAAAAAAAALk/xyZOZVhMDLA/s200/prbutton4.gif
IP
File type GIF image data, version 89a, 150 x 150\012- data
Hash 8fada01a648f109dbb8c47c200a59946
416d2fb1b40a641c78f25e5d999ceac9ee0cd784
d935a2b8755a3c0eb806e18ffd597b40960113e5821324046fb273fc0dedd62e
GET /_d4TpLC-Q3no/SjALvSDGeQI/AAAAAAAAALk/xyZOZVhMDLA/s200/prbutton4.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v2048"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="prbutton4.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 7568
X-XSS-Protection: 0
2.bp.blogspot.com/_d4TpLC-Q3no/SqffKpfWzqI/AAAAAAAAAZE/rHIdMhbjYw4/S1600-R/emailme.png
200 OK 5.6 kB URL HTTP/1.1 2.bp.blogspot.com/_d4TpLC-Q3no/SqffKpfWzqI/AAAAAAAAAZE/rHIdMhbjYw4/S1600-R/emailme.png
IP
File type PNG image data, 200 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash d1dee78c81a944558cb0587e27f00b20
de155ff3585750af17835c7a58bc9f82e24364d9
8fee554fa8d0b00fe5d4d5e24e69cdd64a8933b796503edbce823e747ed80f74
GET /_d4TpLC-Q3no/SqffKpfWzqI/AAAAAAAAAZE/rHIdMhbjYw4/S1600-R/emailme.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v191"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="emailme.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 5626
X-XSS-Protection: 0
2.bp.blogspot.com/_d4TpLC-Q3no/TB5X1NS553I/AAAAAAAAA0w/svxJM9N7XOw/s320/disclosure.jpg
200 OK 2.6 kB URL HTTP/1.1 2.bp.blogspot.com/_d4TpLC-Q3no/TB5X1NS553I/AAAAAAAAA0w/svxJM9N7XOw/s320/disclosure.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 88x31, components 3\012- data
Hash 12c60064983af44308023772727420d4
86659dc4c08d6f599fc5ccbde6a005f9097ec2cf
e4b19575cdf6611638e1af01ed5045b721947720303eb6878ddce972d0033d65
GET /_d4TpLC-Q3no/TB5X1NS553I/AAAAAAAAA0w/svxJM9N7XOw/s320/disclosure.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v34c"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="disclosure.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 2585
X-XSS-Protection: 0
4.bp.blogspot.com/_d4TpLC-Q3no/SqffRZ-t8SI/AAAAAAAAAZM/aLE1swI8q8g/S1600-R/about+me.png
200 OK 3.9 kB URL HTTP/1.1 4.bp.blogspot.com/_d4TpLC-Q3no/SqffRZ-t8SI/AAAAAAAAAZM/aLE1swI8q8g/S1600-R/about+me.png
IP
File type PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 0807438eac40ccc343cc0dfd3bc75bf8
704a948ac9b62920ff12f1a804ee92273916ce7b
fa9623c8043149a74019fabbf584166e5839ee80c5130f17363449f40f921515
GET /_d4TpLC-Q3no/SqffRZ-t8SI/AAAAAAAAAZM/aLE1swI8q8g/S1600-R/about+me.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v193"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="about me.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 3867
X-XSS-Protection: 0
1.bp.blogspot.com/_d4TpLC-Q3no/Sqffpw0YROI/AAAAAAAAAZs/zL75od_is2E/S1600-R/grab+button.png
200 OK 3.6 kB URL HTTP/1.1 1.bp.blogspot.com/_d4TpLC-Q3no/Sqffpw0YROI/AAAAAAAAAZs/zL75od_is2E/S1600-R/grab+button.png
IP
File type PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash d65ae60398e714ed5eaf74ba7ef9cc4a
8bafe8ec5c9399db30f7546e13ca9ea3d593825f
f1c26898ae5bcf3dc0d4d65e22da9fe61cf2a2517e852342e1cf93351a2cd66d
GET /_d4TpLC-Q3no/Sqffpw0YROI/AAAAAAAAAZs/zL75od_is2E/S1600-R/grab+button.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v19b"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="grab button.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 3589
X-XSS-Protection: 0
2.bp.blogspot.com/_d4TpLC-Q3no/SqffvYqbyQI/AAAAAAAAAZ0/yVsE6LoTgqA/S1600-R/Memberships.png
200 OK 3.5 kB URL HTTP/1.1 2.bp.blogspot.com/_d4TpLC-Q3no/SqffvYqbyQI/AAAAAAAAAZ0/yVsE6LoTgqA/S1600-R/Memberships.png
IP
File type PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 4619cf56a3953f9f7fcbab767c3c0e3f
d9e024af59c503152c72e0e8518d3224967e9ae2
db4e08025d9e79f6b9a66f858354ed0404366432c1159f1a8d1e4145082fd0c7
GET /_d4TpLC-Q3no/SqffvYqbyQI/AAAAAAAAAZ0/yVsE6LoTgqA/S1600-R/Memberships.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v19d"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Memberships.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 3500
X-XSS-Protection: 0
1.bp.blogspot.com/-oTwtrjCwK2Y/UdvXT43sUWI/AAAAAAAAG8A/z6RX9HQBjl4/s1600/header.png
200 OK 411 kB URL HTTP/1.1 1.bp.blogspot.com/-oTwtrjCwK2Y/UdvXT43sUWI/AAAAAAAAG8A/z6RX9HQBjl4/s1600/header.png
IP
File type PNG image data, 1005 x 350, 8-bit/color RGB, non-interlaced\012- data
Size 411 kB (410848 bytes)
Hash b756df51e62221d455ca867b5dbbe3d4
a1de2c36a01e5e931ec32785146615a1ee31aea6
d0b3a4aa103e42e4638db4f3fa929590d217a33644c8a43f71908f837358bab8
GET /-oTwtrjCwK2Y/UdvXT43sUWI/AAAAAAAAG8A/z6RX9HQBjl4/s1600/header.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v27a2"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="header.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 410848
X-XSS-Protection: 0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (1530)
Hash 36a46584cf5844d36f358524bdb8f81c
bdffe8f2e18bbb8209fdfa54149728a8d5244e41
1ae488515a1c92a1c028bad7172b69b96f0a03dd921ea3c2baafac1345cfdef3
GET /_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 61154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 08:04:00 GMT
expires: Fri, 22 Mar 2024 08:04:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 09 Mar 2023 16:31:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 56135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5J3S25
302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-5J3S25
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4cb354a9dd331189a3eedaeecdfcccee
5a58d2d01bcf8e519c8bac2e73cdcd1d0732d35b
29dd36a1602deac4744b7ff09b2bec032f740f74be756b35eb5e7c552fb850d8
GET /gtm.js?id=GTM-5J3S25 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-5J3S25
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif
200 OK 488 B URL HTTP/1.1 www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif
IP
File type GIF image data, version 89a, 56 x 20\012- data
Hash 7759990ff12382cab2e362e8de465c92
bf76285ae03b5544f889580113334d302f055c2b
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
GET /images/poweredby_transparent/poweredby_FFFFFF.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 488
Date: Thu, 23 Mar 2023 23:39:35 GMT
Expires: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
thesitsgirls.com/badges/SS_125x125_button.png
301 Moved Permanently 265 B URL HTTP/1.1 thesitsgirls.com/badges/SS_125x125_button.png
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dbb39884be45c7a660f125eaa5db90c1
88f729a7a7679b6d6e6c1ee56a00a3767d439175
f5552ffc52d4b6d40944142261bfb839960bf282dfafbe6f47055e249dcf3b98
GET /badges/SS_125x125_button.png HTTP/1.1
Host: thesitsgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 23:39:34 GMT
Server: Apache
Location: https://www.thesitsgirls.com/badges/SS_125x125_button.png
Cache-Control: max-age=600
Expires: Thu, 23 Mar 2023 23:49:34 GMT
Content-Length: 265
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.google.com/jsapi
301 Moved Permanently 237 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 362d5b448e14803e150656f8f2b2064f
46e929aad5f6323e61c895d51c8fa5f46171f16e
9361792c2d970710b9e66bb86b6dc9b17dab59a9294a30a5790bdb1e92b38021
GET /jsapi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.gstatic.com/charts/loader.js
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
Date: Thu, 23 Mar 2023 23:10:30 GMT
Expires: Thu, 23 Mar 2023 23:40:30 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1745
icefairystreasurechest.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 icefairystreasurechest.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: icefairystreasurechest.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/search/label/Toys
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 23 Mar 2023 23:39:35 GMT
Expires: Thu, 30 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 23 Mar 2023 22:34:34 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.usfamilyguide.com/graphics/USFGmemberbadge.png
301 Moved Permanently 266 B URL HTTP/1.1 www.usfamilyguide.com/graphics/USFGmemberbadge.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ec6a56e38caf10af481a9d53287b7751
ee1b3934f105a6bc9cb1281e1793e3010a297ee1
cc5087bc48a29a1b21e9d0ec7832e48eddb9243725b4a7df3c877f8036f023cb
GET /graphics/USFGmemberbadge.png HTTP/1.1
Host: www.usfamilyguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: Apache
Location: https://www.usfamilyguide.com/graphics/USFGmemberbadge.png
Content-Length: 266
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 23 Mar 2023 05:01:02 GMT
Expires: Thu, 06 Apr 2023 05:01:02 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 67113
www.bloglovin.com/widget/bilder/en/widget.gif
301 Moved Permanently 0 B URL HTTP/1.1 www.bloglovin.com/widget/bilder/en/widget.gif
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/bilder/en/widget.gif HTTP/1.1
Host: www.bloglovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Location: https://www.bloglovin.com:443/widget/bilder/en/widget.gif
Content-Length: 0
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: text/html; charset=UTF-8
images.brandbacker.com/badges/no_badge.png
200 OK 926 B URL HTTP/1.1 images.brandbacker.com/badges/no_badge.png
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c155004c1d6d48bbea58bf1e80dfe232
8cdb397298dfff16b2e4388852c378dcfb26c3c8
2fa8abe7a4539a613f4fe47f90c661b86663292fb1b2edb482b7e76b571093dc
GET /badges/no_badge.png HTTP/1.1
Host: images.brandbacker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: image/png
Content-Length: 926
Connection: keep-alive
x-amz-id-2: aE4OP0110Mhd5IRD8NMmW16g9LoyB088oJo8UwW/YIfKocEiFFGk0eXvQOB4syzopR9kHKi5Lm0=
x-amz-request-id: 4B21PZAG9Y8YDRA4
Last-Modified: Tue, 16 Apr 2013 23:42:23 GMT
x-amz-version-id: null
ETag: "c155004c1d6d48bbea58bf1e80dfe232"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 799
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHjNMd5Il%2Fpg2%2B1JAdp6YDAR%2F8cS3zpmL9u%2F%2B9bJOqMq7kP%2FznXBugUkwdafPPBs1yO7RHuoLACYTiaM2D70jrAdt7462iCy9IBMfx8qxW%2FKgYMpHmE%2Bts5seji9oBweexLEwtFTzPg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aca83ba098f1c16-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KsrZdKNt5axEjnLDtbGO1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jlPTRfrJgYYLMFduiNhbVeKQ9P4=
badge.clevergirlscollective.com/v2/v0X7bbaV0v4FN5tum7U3lfNNifJCg681.js
200 OK 0 B URL HTTP/1.1 badge.clevergirlscollective.com/v2/v0X7bbaV0v4FN5tum7U3lfNNifJCg681.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/v0X7bbaV0v4FN5tum7U3lfNNifJCg681.js HTTP/1.1
Host: badge.clevergirlscollective.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Last-Modified: Sun, 06 Dec 2020 21:55:30 GMT
Connection: keep-alive
ETag: "5fcd5352-0"
Accept-Ranges: bytes
4.bp.blogspot.com/-rjnQvUfdJIE/WWGs-3rsDzI/AAAAAAAAOiI/Qtlut707-skN5yF5rEhYV72IaDV_7zzSQCLcBGAs/s1600/signature.png
200 OK 13 kB URL HTTP/2 4.bp.blogspot.com/-rjnQvUfdJIE/WWGs-3rsDzI/AAAAAAAAOiI/Qtlut707-skN5yF5rEhYV72IaDV_7zzSQCLcBGAs/s1600/signature.png
IP
File type PNG image data, 199 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 73654bb76f1fdacad33caee706bab69c
08ff689562b3bac91f0671f082700101261b489e
c3f964aa2b06e8feef4d1e50a6ff8b90ab458d66d2d82d1472c39b1306ca08f4
GET /-rjnQvUfdJIE/WWGs-3rsDzI/AAAAAAAAOiI/Qtlut707-skN5yF5rEhYV72IaDV_7zzSQCLcBGAs/s1600/signature.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3a28"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="signature.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 12686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 35 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP
File type ASCII text, with very long lines (4129)
Hash e93ce3e54bd989f9ddc931ddc6462bdd
26b9e2492532003c73df95b0ce6f51e583581af5
6be621beee34df1875b2d9cdd3d205586e6f50ed248ac295253497b30f04f833
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 23 Mar 2023 23:39:35 GMT
Expires: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 3950885254377012862
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 34759
X-XSS-Protection: 0
3.bp.blogspot.com/_d4TpLC-Q3no/SqfghGppldI/AAAAAAAAAbE/lPLNc0WYAaM/S1600-R/Subscribe.png
200 OK 3.1 kB URL HTTP/1.1 3.bp.blogspot.com/_d4TpLC-Q3no/SqfghGppldI/AAAAAAAAAbE/lPLNc0WYAaM/S1600-R/Subscribe.png
IP
File type PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 16fb8e6b80a3ad48104e01e4299a9e70
4bdc188ca6318ef93117a49ca9eb163f12ddfea6
fc5f0c84a7bcbbeb8ceb19a19242ac551b4a82d6ba2a346a44b3a1effcd3f18b
GET /_d4TpLC-Q3no/SqfghGppldI/AAAAAAAAAbE/lPLNc0WYAaM/S1600-R/Subscribe.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1b1"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Subscribe.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 3093
X-XSS-Protection: 0
edge.quantserve.com/quant.js
200 OK 9.2 kB URL HTTP/1.1 edge.quantserve.com/quant.js
IP
File type ASCII text, with very long lines (22210)
Hash b43a18fbe6986dfc5626e06e8cb23b0f
cc3ee4e5bf5f9a57e04f87c9942329ca985e6833
86107dcf815f1af0107e9c9c07880ad83fb2e56e6949e8b552f788ef917b8f1b
GET /quant.js HTTP/1.1
Host: edge.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, max-age=604800
Content-Encoding: gzip
Etag: "qnbLQo87mD/KmvsyZTIxlQ=="
Expires: Thu, 30 Mar 2023 23:39:35 GMT
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 7ba2eac293b882c62e172f4995670ac0
a0c114424d8ba45f91a426cc83abc665b8dff17b
52b73c47a8e71e6266d827dbe6cd9e2bf17fb4e47419fa42c16ca8e5b56a26a0
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 23 Mar 2023 23:39:35 GMT
Last-Modified: Thu, 23 Mar 2023 22:06:00 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lI1sRednYQLQAfD-tY8s-_1fNVQW7zg1w1Rzphrt1adE21HULiT0Jg==
Age: 5615
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i745.photobucket.com/albums/xx96/beatspammer/header_opt_zps09394be7.jpg
301 Moved Permanently 167 B URL HTTP/1.1 i745.photobucket.com/albums/xx96/beatspammer/header_opt_zps09394be7.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/xx96/beatspammer/header_opt_zps09394be7.jpg HTTP/1.1
Host: i745.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i745.photobucket.com/albums/xx96/beatspammer/header_opt_zps09394be7.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: phZbTJ65B9HMt8tIB-P6XkeKybxCxhlPhlwciehPmwOV8zTO3PYs1w==
Vary: Origin
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img2.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL HTTP/1.1 img2.blogblog.com/img/icon18_edit_allbkg.gif
IP
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: img2.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 162
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 22:03:55 GMT
Expires: Wed, 29 Mar 2023 22:03:55 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 22 Mar 2023 12:51:20 GMT
Content-Type: image/gif
Age: 92140
1.bp.blogspot.com/-bLaVLl-5ZeU/VhA2SnkrTzI/AAAAAAAAMLs/Zku20QpQ6iw/s1600/Wii%2BU.jpg
200 OK 26 kB URL HTTP/1.1 1.bp.blogspot.com/-bLaVLl-5ZeU/VhA2SnkrTzI/AAAAAAAAMLs/Zku20QpQ6iw/s1600/Wii%2BU.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 260x240, components 3\012- data
Hash ca1493eec3373e8957a037bea327d2fa
f0ce9a6fc89479c8bc6236e6ed20b86e7e0f6d1c
bb19e0d1098c95b8b3ffd72bd46e868dbde7e636a3c4a254890d45609336a4ca
GET /-bLaVLl-5ZeU/VhA2SnkrTzI/AAAAAAAAMLs/Zku20QpQ6iw/s1600/Wii%2BU.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v30bc"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Wii U.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 26204
X-XSS-Protection: 0
3.bp.blogspot.com/_d4TpLC-Q3no/SqfgmTagydI/AAAAAAAAAbM/XYzt7KbcVDk/S1600-R/Giveaways.png
200 OK 3.5 kB URL HTTP/1.1 3.bp.blogspot.com/_d4TpLC-Q3no/SqfgmTagydI/AAAAAAAAAbM/XYzt7KbcVDk/S1600-R/Giveaways.png
IP
File type PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash d6c1fedcf6e955b9a5a8b0b97fae2adf
78f78ed29ab0728b0d17dc44303b5af3fd255e7a
7020b305003c694b88c53f31ab2e11a8c6e99fb5733defe05548846ea8c6b7e5
GET /_d4TpLC-Q3no/SqfgmTagydI/AAAAAAAAAbM/XYzt7KbcVDk/S1600-R/Giveaways.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1b3"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Giveaways.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 3460
X-XSS-Protection: 0
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=icefairystreasurechest.blogspot.com
200 OK 114 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=icefairystreasurechest.blogspot.com
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash bdc8e11a242c231c2e7e99bc61beca7e
a5a5212392e66e8f73eaf6b9c599c21ba41f3310
84e59b44e7a66339555b0d19c7c7c4d2dd855b17b955d04b0bbf5a5ccc1733b8
GET /pagead/ppub_config?ippd=icefairystreasurechest.blogspot.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://icefairystreasurechest.blogspot.com
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Thu, 23 Mar 2023 23:39:35 GMT
expires: Thu, 23 Mar 2023 23:39:35 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 114
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 23:54:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 7ba2eac293b882c62e172f4995670ac0
a0c114424d8ba45f91a426cc83abc665b8dff17b
52b73c47a8e71e6266d827dbe6cd9e2bf17fb4e47419fa42c16ca8e5b56a26a0
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90480
Date: Thu, 23 Mar 2023 23:39:35 GMT
Etag: "641b88bf-1d7"
Expires: Sat, 25 Mar 2023 00:47:35 GMT
Last-Modified: Wed, 22 Mar 2023 23:01:19 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CUIJFSlXwFx023kMsKH2spbvJO6fcO4ThHtPBlIc7W8ghRKg3mtUkw==
Age: 6376
2.bp.blogspot.com/_d4TpLC-Q3no/SqfgX4OdJOI/AAAAAAAAAa0/e11U12bqBHA/S1600-R/Events+I+Enjoy.png
200 OK 4.0 kB URL HTTP/1.1 2.bp.blogspot.com/_d4TpLC-Q3no/SqfgX4OdJOI/AAAAAAAAAa0/e11U12bqBHA/S1600-R/Events+I+Enjoy.png
IP
File type PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 1afde3c62a85c116d1c82ff92e523d2a
20a7dd81bebecb2a5da36952dd593a98c42968c2
cd1795fcb6fb8077e60c59f76bb3bd949d72cde126fd09e8920baac3ea779a3a
GET /_d4TpLC-Q3no/SqfgX4OdJOI/AAAAAAAAAa0/e11U12bqBHA/S1600-R/Events+I+Enjoy.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1ad"
Expires: Fri, 24 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Events I Enjoy.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 23 Mar 2023 23:39:35 GMT
Server: fife
Content-Length: 3989
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (3599)
Hash a56ac7805fdd7cadb1c9b221179d6ab1
10b62a730b3b65a3ae6eb459bc54dd33dd4aca8a
e995bca3fe6e09f5f61642645eda80e75feac67b3052864ac17788d76ab87dae
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Mar 2023 23:39:35 GMT
expires: Thu, 23 Mar 2023 23:39:35 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13396403584785506805
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PBN79J
200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PBN79J
IP
File type ASCII text, with very long lines (10477)
Hash 86ecc4358b58a51ea799f080ab448f57
562340008790e616ae36410b62f713c6d7f4a899
64dd1dbffbb1bb18773d29a3a6fd716b5d682e59a7bc7a7ea2289483adf3ccac
GET /gtm.js?id=GTM-PBN79J HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 23:39:35 GMT
expires: Thu, 23 Mar 2023 23:39:35 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Mar 2023 22:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.amazonaws.com/cgc-badge-v2/load.min.js
200 OK 0 B URL HTTP/1.1 s3.amazonaws.com/cgc-badge-v2/load.min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgc-badge-v2/load.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: o9PxmT8Pa0YY67d+vIkgYJ3MM7Zu5y9hY9kHKv5PFjVeYnboaK5twhoMdQOMDdbLVjZliRlhRgo=
x-amz-request-id: 29FX3K9M09AHANC9
Date: Thu, 23 Mar 2023 23:39:36 GMT
Last-Modified: Fri, 07 May 2021 06:33:05 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 0
4.bp.blogspot.com/-UygR9m3Fxi4/XSSH5N02YnI/AAAAAAAAQYc/ZaHWZvMwksIVzjnqwVkWIirB3FT3cyFEQCLcBGAs/s400/If-I-Were-Human-by-WB-Tyler-Awareness-Tour-v2.jpg
200 OK 30 kB URL HTTP/2 4.bp.blogspot.com/-UygR9m3Fxi4/XSSH5N02YnI/AAAAAAAAQYc/ZaHWZvMwksIVzjnqwVkWIirB3FT3cyFEQCLcBGAs/s400/If-I-Were-Human-by-WB-Tyler-Awareness-Tour-v2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x200, components 3\012- data
Hash be16f50714876fd103b8a97814351a87
1ee4d6265a3faaf6a7cb8c426e77edca4e15247a
6bca2d4290d67d1517ea5abd1d4467015982b4cc7c94f50e6e753d7bad607d04
GET /-UygR9m3Fxi4/XSSH5N02YnI/AAAAAAAAQYc/ZaHWZvMwksIVzjnqwVkWIirB3FT3cyFEQCLcBGAs/s400/If-I-Were-Human-by-WB-Tyler-Awareness-Tour-v2.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4188"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="If-I-Were-Human-by-WB-Tyler-Awareness-Tour-v2.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 30376
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-Qe4mmQGfz8Y/XqKjx08AGPI/AAAAAAAAQzk/QFu48gAiAEI-HLRLSX6FtTifvnTNZgfWACNcBGAsYHQ/s400/Think%2BBig%2BGiveaway%2BTour%2BHeader%2BImage.jpg
200 OK 46 kB URL HTTP/2 4.bp.blogspot.com/-Qe4mmQGfz8Y/XqKjx08AGPI/AAAAAAAAQzk/QFu48gAiAEI-HLRLSX6FtTifvnTNZgfWACNcBGAsYHQ/s400/Think%2BBig%2BGiveaway%2BTour%2BHeader%2BImage.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x200, components 3\012- data
Hash 8b98115729f9d9b7bb3d2d58d67b5406
b1818fb5a1c999affcf93875af3f6f344b6046d6
3f04ca35650c0f0856605fbab6c139c8e1e481ffdfeb6997aec3146532d2223c
GET /-Qe4mmQGfz8Y/XqKjx08AGPI/AAAAAAAAQzk/QFu48gAiAEI-HLRLSX6FtTifvnTNZgfWACNcBGAsYHQ/s400/Think%2BBig%2BGiveaway%2BTour%2BHeader%2BImage.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v433a"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Think Big Giveaway Tour Header Image.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 45738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-vNcTp2_K3uY/XzJEB7DtYjI/AAAAAAAARDg/ReqVw4wRttMecmctXARhbowBJgIYVQlAACNcBGAsYHQ/w324-h400/Buckets%2BGoes%2Bon%2Ba%2BWinter%2BAdventure.jpg
200 OK 54 kB URL HTTP/2 1.bp.blogspot.com/-vNcTp2_K3uY/XzJEB7DtYjI/AAAAAAAARDg/ReqVw4wRttMecmctXARhbowBJgIYVQlAACNcBGAsYHQ/w324-h400/Buckets%2BGoes%2Bon%2Ba%2BWinter%2BAdventure.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 324x400, components 3\012- data
Hash 95312aee933259434db49914588a6a2c
79bbc5ebf761666a01e1636c23a2c1ef5eb2e615
b4e058e1aa36aaebdcaf5c4eca904dd9ccf5d4a0be49f5cc1cdc0be2f8d8203e
GET /-vNcTp2_K3uY/XzJEB7DtYjI/AAAAAAAARDg/ReqVw4wRttMecmctXARhbowBJgIYVQlAACNcBGAsYHQ/w324-h400/Buckets%2BGoes%2Bon%2Ba%2BWinter%2BAdventure.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4439"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Buckets Goes on a Winter Adventure.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 53962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-i_ManzWApWk/XUQ0EQIdEXI/AAAAAAAAQbw/al001CTdG2Y1dr33Xii2jZKNWxKD89wxACLcBGAs/s400/Slime%2Bkit%2Bcontents.jpg
200 OK 22 kB URL HTTP/2 1.bp.blogspot.com/-i_ManzWApWk/XUQ0EQIdEXI/AAAAAAAAQbw/al001CTdG2Y1dr33Xii2jZKNWxKD89wxACLcBGAs/s400/Slime%2Bkit%2Bcontents.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x281, components 3\012- data
Hash 361730fa23cfb5ea20af2ce589a5dc3b
91f00505a967a4dd2f4950369d741d0c3928fdd6
e241386fefe1e04c5278608c71b960f1c082aa991144643b762181ac5597de0f
GET /-i_ManzWApWk/XUQ0EQIdEXI/AAAAAAAAQbw/al001CTdG2Y1dr33Xii2jZKNWxKD89wxACLcBGAs/s400/Slime%2Bkit%2Bcontents.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v41bd"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Slime kit contents.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 21696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-LkfHDf4UMbQ/X8hpfFIVGvI/AAAAAAAARPw/ZLAVHxiiQPEqaag1zF0hXYePuyROAtUegCNcBGAsYHQ/s400/Ooze%2BLabs%2BColorful%2BCrystal%2BLab%2Bdemo.jpg
200 OK 53 kB URL HTTP/2 1.bp.blogspot.com/-LkfHDf4UMbQ/X8hpfFIVGvI/AAAAAAAARPw/ZLAVHxiiQPEqaag1zF0hXYePuyROAtUegCNcBGAsYHQ/s400/Ooze%2BLabs%2BColorful%2BCrystal%2BLab%2Bdemo.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 334x400, components 3\012- data
Hash 4e04faeb0e756cf17c6b13f7a7075c60
87fc7fd8b955af8c298927e081c13382a23af03e
55926c2ae0dfa1859ddfec04d0cef70a4f51d09f67fdd5c9415db2f19cda9c0f
GET /-LkfHDf4UMbQ/X8hpfFIVGvI/AAAAAAAARPw/ZLAVHxiiQPEqaag1zF0hXYePuyROAtUegCNcBGAsYHQ/s400/Ooze%2BLabs%2BColorful%2BCrystal%2BLab%2Bdemo.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v44ff"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ooze Labs Colorful Crystal Lab demo.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 52855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-njct6it18G8/YA_ptRH9kdI/AAAAAAAARW8/Ekvdvtv6QJoZ6vZtvGvWygBCD5-beorQgCNcBGAsYHQ/s400/Mia%2Band%2BNattie%2BOne%2BGreat%2BTeam.jpg
200 OK 73 kB URL HTTP/2 1.bp.blogspot.com/-njct6it18G8/YA_ptRH9kdI/AAAAAAAARW8/Ekvdvtv6QJoZ6vZtvGvWygBCD5-beorQgCNcBGAsYHQ/s400/Mia%2Band%2BNattie%2BOne%2BGreat%2BTeam.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x398, components 3\012- data
Hash ea061d19ba54dc9c3dddf10b3e231c48
7a083ee168f3255c97ce03c05c997dac21c0e766
d28f167143fdcfb560f8907fc96e22402468c712f5a8b25d81e4cfa590bb9599
GET /-njct6it18G8/YA_ptRH9kdI/AAAAAAAARW8/Ekvdvtv6QJoZ6vZtvGvWygBCD5-beorQgCNcBGAsYHQ/s400/Mia%2Band%2BNattie%2BOne%2BGreat%2BTeam.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4571"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Mia and Nattie One Great Team.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 73019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kMS5hxeiWLQ/X8hpkq9-6pI/AAAAAAAARP0/XuzqXuiWQM8fQsa0CsTmfCAS1t2MFtqwgCNcBGAsYHQ/s400/Ooze%2BLabs%2BColorful%2BCrystal%2BLab%2Binside.jpg
200 OK 45 kB URL HTTP/2 1.bp.blogspot.com/-kMS5hxeiWLQ/X8hpkq9-6pI/AAAAAAAARP0/XuzqXuiWQM8fQsa0CsTmfCAS1t2MFtqwgCNcBGAsYHQ/s400/Ooze%2BLabs%2BColorful%2BCrystal%2BLab%2Binside.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x295, components 3\012- data
Hash eb9a68a6bec76d4103072cbed4457cdb
c59517c6d49be6ae22ada0de65f4b4afd16db045
971c224d4b4d45944203d6505ffae7289d150550c15eddcfdb2b45f757fd07cd
GET /-kMS5hxeiWLQ/X8hpkq9-6pI/AAAAAAAARP0/XuzqXuiWQM8fQsa0CsTmfCAS1t2MFtqwgCNcBGAsYHQ/s400/Ooze%2BLabs%2BColorful%2BCrystal%2BLab%2Binside.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4500"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ooze Labs Colorful Crystal Lab inside.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 44660
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhL3RYsQsUDG0szltTrnNE6R9BaIeXsiaXNAQIuvyw0qktkNuh7HuzJZFBCDNWFysTw3UENQa-Pv7M6ma_n0iLYgBFbGmOXvWugYZbn2uhiYGdoCjwTCvKoiVKCUp0rczmkxL48oep0KTHP9GPI9hjyIH5iqSg8xPpnDBwjvs4M9HWMgTZ3DMBpJ2Ts-w/s1600/facebook.webp
200 OK 6.7 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhL3RYsQsUDG0szltTrnNE6R9BaIeXsiaXNAQIuvyw0qktkNuh7HuzJZFBCDNWFysTw3UENQa-Pv7M6ma_n0iLYgBFbGmOXvWugYZbn2uhiYGdoCjwTCvKoiVKCUp0rczmkxL48oep0KTHP9GPI9hjyIH5iqSg8xPpnDBwjvs4M9HWMgTZ3DMBpJ2Ts-w/s1600/facebook.webp
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash c990627fe22be584622071c56a9217bc
b933e33796239d18ef7a79c38b090a61d7a7ef12
2a67ac693df8ffa0d863c905ecc1134cebfbf7a94cc56c97168dd0fdb5054ccb
GET /img/b/R29vZ2xl/AVvXsEhL3RYsQsUDG0szltTrnNE6R9BaIeXsiaXNAQIuvyw0qktkNuh7HuzJZFBCDNWFysTw3UENQa-Pv7M6ma_n0iLYgBFbGmOXvWugYZbn2uhiYGdoCjwTCvKoiVKCUp0rczmkxL48oep0KTHP9GPI9hjyIH5iqSg8xPpnDBwjvs4M9HWMgTZ3DMBpJ2Ts-w/s1600/facebook.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v494d"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="facebook.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 6659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipHEcnTgQYGUz7sVJjWBWsOoSzFPGj_dvE1DN7X7PGFHu0sB4MHyD6Ms0ipekILiQv0i16bR3X-1d7sc9cu1ePt7qoqhcixgfnRNxx5n1zCIYIhd4rv8_3MROVpQe7Lwv2i4txABNCyeYorWdW-_DVNE7fveLHrWJz7tNu68pki0vYXwNZPrlOWoTHKg/s1600/twitter.webp
200 OK 7.1 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipHEcnTgQYGUz7sVJjWBWsOoSzFPGj_dvE1DN7X7PGFHu0sB4MHyD6Ms0ipekILiQv0i16bR3X-1d7sc9cu1ePt7qoqhcixgfnRNxx5n1zCIYIhd4rv8_3MROVpQe7Lwv2i4txABNCyeYorWdW-_DVNE7fveLHrWJz7tNu68pki0vYXwNZPrlOWoTHKg/s1600/twitter.webp
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 85070569a99a43192fbffc73b8b87ac2
e94cd23a06816852323166b2404548013f4b3d7e
a987c0098e48e0641ebe558217c7ee52b657de53653080cfe190220871197d01
GET /img/b/R29vZ2xl/AVvXsEipHEcnTgQYGUz7sVJjWBWsOoSzFPGj_dvE1DN7X7PGFHu0sB4MHyD6Ms0ipekILiQv0i16bR3X-1d7sc9cu1ePt7qoqhcixgfnRNxx5n1zCIYIhd4rv8_3MROVpQe7Lwv2i4txABNCyeYorWdW-_DVNE7fveLHrWJz7tNu68pki0vYXwNZPrlOWoTHKg/s1600/twitter.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v494f"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="twitter.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 7099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3sEM2kW4Dkc4MsWnS2r49KLrnx6VxLmJurOweZkO1_Cjw4HMn8JeHycyVEJ8cXp_iQ1gHWQ6OfUQpaNA1KNHWZo6V4M2JgafEY-0xfjU6dm_-7o6ez70AaPIYBK_cxKO6OiTJ-o3F3mdsmyoXbPwELVioCfNDxZz1fiM81_t1_Kjhg_t5bXr27HkMHA/s1600/pinterest.webp
200 OK 5.0 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3sEM2kW4Dkc4MsWnS2r49KLrnx6VxLmJurOweZkO1_Cjw4HMn8JeHycyVEJ8cXp_iQ1gHWQ6OfUQpaNA1KNHWZo6V4M2JgafEY-0xfjU6dm_-7o6ez70AaPIYBK_cxKO6OiTJ-o3F3mdsmyoXbPwELVioCfNDxZz1fiM81_t1_Kjhg_t5bXr27HkMHA/s1600/pinterest.webp
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 9566aefc1ac39ff3ac115923aec82e3e
44d554298bb21f6bb7bcd15cf9727f784f0247ca
cf8a860d5e0aebca1e3ed621eb7ab28865efe0492685c03654d19449457d2e87
GET /img/b/R29vZ2xl/AVvXsEj3sEM2kW4Dkc4MsWnS2r49KLrnx6VxLmJurOweZkO1_Cjw4HMn8JeHycyVEJ8cXp_iQ1gHWQ6OfUQpaNA1KNHWZo6V4M2JgafEY-0xfjU6dm_-7o6ez70AaPIYBK_cxKO6OiTJ-o3F3mdsmyoXbPwELVioCfNDxZz1fiM81_t1_Kjhg_t5bXr27HkMHA/s1600/pinterest.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v494f"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pinterest.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 4996
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Nk0oqdyJ3Ck/XzI_XmdFHjI/AAAAAAAARDU/OqXDdZ4b_08FNJLGkeVRb2cs1IoLYeGYACNcBGAsYHQ/w400-h200/Giveaway%2BBuckets%2BGoes%2Bon%2Ba%2BWinter%2BAdventure.jpg
200 OK 30 kB URL HTTP/2 1.bp.blogspot.com/-Nk0oqdyJ3Ck/XzI_XmdFHjI/AAAAAAAARDU/OqXDdZ4b_08FNJLGkeVRb2cs1IoLYeGYACNcBGAsYHQ/w400-h200/Giveaway%2BBuckets%2BGoes%2Bon%2Ba%2BWinter%2BAdventure.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x200, components 3\012- data
Hash 698df77f846bf24f1bdc3e9af5e8095a
ba3835c015aaf0b00a519123b4642fd4340736d1
10e2fcde6247bf5d31b0be9a13cbe7c56918d58a19dd24448250d40f8b4171e0
GET /-Nk0oqdyJ3Ck/XzI_XmdFHjI/AAAAAAAARDU/OqXDdZ4b_08FNJLGkeVRb2cs1IoLYeGYACNcBGAsYHQ/w400-h200/Giveaway%2BBuckets%2BGoes%2Bon%2Ba%2BWinter%2BAdventure.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4436"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Giveaway Buckets Goes on a Winter Adventure.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 29484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-sl1QDn3m5Q0/YXxdusCpbuI/AAAAAAAARzQ/UX5bUwpNxhQz9B9Z4GAXPd0yiWTLEdoZgCNcBGAsYHQ/s400/Vampland%2BDough%2BCup.jpg
200 OK 38 kB URL HTTP/2 1.bp.blogspot.com/-sl1QDn3m5Q0/YXxdusCpbuI/AAAAAAAARzQ/UX5bUwpNxhQz9B9Z4GAXPd0yiWTLEdoZgCNcBGAsYHQ/s400/Vampland%2BDough%2BCup.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x400, components 3\012- data
Hash 37e1e4ff4c93ef2efddb452e5e38f818
76819026c8b0cc6870369a06f3b8edec5731cd41
f247e55c3af335498bfa05dba64b2a1d7065a1732257bf5513ca49bcfa4d3597
GET /-sl1QDn3m5Q0/YXxdusCpbuI/AAAAAAAARzQ/UX5bUwpNxhQz9B9Z4GAXPd0yiWTLEdoZgCNcBGAsYHQ/s400/Vampland%2BDough%2BCup.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4735"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Vampland Dough Cup.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 38480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400
200 OK 971 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400
IP
Hash 835ccd91b39dd55eada0bd5261f8e1f7
4d6afcdca540c366c844e3ab52780b66bd287f5a
1014831b655a0b96d45efaaf3015b2d68798cf6d190c2a9e90475860eac3e189
GET /css?family=Montserrat:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 23:39:35 GMT
date: Thu, 23 Mar 2023 23:39:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.thesitsgirls.com/badges/SS_125x125_button.png
200 OK 16 kB URL HTTP/2 www.thesitsgirls.com/badges/SS_125x125_button.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03539f8e9d29bca78281e149e3b482df
a497e3746ba73da8f13f5553814dee527eb871e7
bea30ee70af7dab3e44388be2ded0ce3cfb7a41d17e4cb818560c3d3abd7d257
GET /badges/SS_125x125_button.png HTTP/1.1
Host: www.thesitsgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 23:39:35 GMT
content-type: image/webp
content-length: 16248
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=19975
content-disposition: inline; filename="SS_125x125_button.webp"
vary: Accept
expires: Sat, 22 Apr 2023 21:49:25 GMT
last-modified: Tue, 24 Jan 2012 23:56:20 GMT
cf-cache-status: HIT
age: 6609
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYRLROqOC46k4%2BDe6xCHEOCgJFHHHVeg5WpAJQDZWPNecNwsM%2BVIX9lotR3nHO86vsPy1Qim9NTdrRjYossprYovKF7kDm7fC2vb1daJfYnS%2BGCaV9wxqLkhwZmFvi88a8vY0r6s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aca83bc2966b518-OSL
X-Firefox-Spdy: h2
1.bp.blogspot.com/-VBe6FTAZML4/YXxgOyovQjI/AAAAAAAARzY/i3WXmKaopqw1BGpJusFWIRYU0Ibfy5KXgCNcBGAsYHQ/s400/Vampland_Sculpts.jpg
200 OK 28 kB URL HTTP/2 1.bp.blogspot.com/-VBe6FTAZML4/YXxgOyovQjI/AAAAAAAARzY/i3WXmKaopqw1BGpJusFWIRYU0Ibfy5KXgCNcBGAsYHQ/s400/Vampland_Sculpts.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x328, components 3\012- data
Hash aa84749ccfcaf9ebffa2f42b0d4e8325
0f1c7b32203cb5dd6ed3480de36c351859e2628e
37b8d98ca468b16789167ff730d0dac550222ff9328e0810f4b33b578767b4d5
GET /-VBe6FTAZML4/YXxgOyovQjI/AAAAAAAARzY/i3WXmKaopqw1BGpJusFWIRYU0Ibfy5KXgCNcBGAsYHQ/s400/Vampland_Sculpts.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4737"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Vampland_Sculpts.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 27469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/charts/loader.js
200 OK 18 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP
File type ASCII text, with very long lines (2065)
Hash bb134be461db219dd9d1e3c8bd2a31c5
616a74f6406eb3d7924bb93b9f6ccb8c566dc140
e6417c9fb72b13741b7048e6db086563784e815d5a108fa0d1fa2dd1ffc59aa2
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 18426
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 23:16:17 GMT
expires: Fri, 24 Mar 2023 00:16:17 GMT
cache-control: public, max-age=3600
last-modified: Sat, 18 Feb 2023 18:04:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 1398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-BFF-aAKwwv4/XUQvpNOnjCI/AAAAAAAAQbc/jVRi3QFZZN8uItwQUxG5Z53Z1ZVMTVsDgCLcBGAs/s400/Slime%2Bmaking%2Blab%2Bkit.jpg
200 OK 65 kB URL HTTP/2 4.bp.blogspot.com/-BFF-aAKwwv4/XUQvpNOnjCI/AAAAAAAAQbc/jVRi3QFZZN8uItwQUxG5Z53Z1ZVMTVsDgCLcBGAs/s400/Slime%2Bmaking%2Blab%2Bkit.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x356, components 3\012- data
Hash 8ce69b0be033e62a9755d6edf2dc1e9f
c431e252ef8fe12ad915815b28e6359aec3ba17a
0bb7442b6b7674e4a99084caae2dabefbe2ebb18f0e1a4870d4cfc36fe9c4d26
GET /-BFF-aAKwwv4/XUQvpNOnjCI/AAAAAAAAQbc/jVRi3QFZZN8uItwQUxG5Z53Z1ZVMTVsDgCLcBGAs/s400/Slime%2Bmaking%2Blab%2Bkit.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v41ba"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Slime making lab kit.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 64598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f2ae2af74a14f13b8e7cf2edaa12176a
181dd8fac61ebd4c194cc01f46246f5d8e814802
553247799d8fd8b439f5f54a124bec3b04b95b94499d51a03b4eb01c6164913b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-VNhJt1oI_PQ/YYo353ZLLEI/AAAAAAAAR0U/6LAG5OBq6n4cB5GSqYyjg39bVU6aOMRvgCNcBGAsYHQ/s400/Creatto%2BKitty%2BGiveaway.jpg
200 OK 59 kB URL HTTP/2 1.bp.blogspot.com/-VNhJt1oI_PQ/YYo353ZLLEI/AAAAAAAAR0U/6LAG5OBq6n4cB5GSqYyjg39bVU6aOMRvgCNcBGAsYHQ/s400/Creatto%2BKitty%2BGiveaway.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 383x400, components 3\012- data
Hash b77abc94c1f869345c0b4dc85dd9f095
796f9eb75370611297bc3d4ec7c08c9f86b420f7
65704895a30ed31a7a50405d30e260b287259f47d9852910b71c53e1cb4379cd
GET /-VNhJt1oI_PQ/YYo353ZLLEI/AAAAAAAAR0U/6LAG5OBq6n4cB5GSqYyjg39bVU6aOMRvgCNcBGAsYHQ/s400/Creatto%2BKitty%2BGiveaway.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4746"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Creatto Kitty Giveaway.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 59252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-cwdqHlybc7o/XSSNdK-MIzI/AAAAAAAAQYs/nD0460duPpw5gqmBLQ6H4wAbkzo4O6OwACLcBGAs/s400/If%2BI%2BWere%2BHuman%2BCover%2BFinal%2B5-14-19.jpg
200 OK 53 kB URL HTTP/2 1.bp.blogspot.com/-cwdqHlybc7o/XSSNdK-MIzI/AAAAAAAAQYs/nD0460duPpw5gqmBLQ6H4wAbkzo4O6OwACLcBGAs/s400/If%2BI%2BWere%2BHuman%2BCover%2BFinal%2B5-14-19.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 399x400, components 3\012- data
Hash e7c8ff237a13da1b12893702f1085153
23b0fc15ca39b6c0264f8f2691df7b30cab5d281
a2996537dbb9e799342dfa9cff2dc2ff09479341e70b08db3f399a8aa65f9af4
GET /-cwdqHlybc7o/XSSNdK-MIzI/AAAAAAAAQYs/nD0460duPpw5gqmBLQ6H4wAbkzo4O6OwACLcBGAs/s400/If%2BI%2BWere%2BHuman%2BCover%2BFinal%2B5-14-19.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v418d"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="If I Were Human Cover Final 5-14-19.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 52576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 84b45209d94ad7301f9dc2224bb2f5da
90fbb479fe4faefda4e6b2eba4004da6328d81c7
b8be78412999d773ace79581e7160d879c1b165f47a80dfcc4ebd90dac95d799
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-Hk3KFzkvGTs/YGvYrLeSfoI/AAAAAAAARcg/dckPKuIsbGgKMG8BhArN-G7xe1NdcOBPQCNcBGAsYHQ/s400/Green%2BScience%2BKit.jpg
200 OK 86 kB URL HTTP/2 1.bp.blogspot.com/-Hk3KFzkvGTs/YGvYrLeSfoI/AAAAAAAARcg/dckPKuIsbGgKMG8BhArN-G7xe1NdcOBPQCNcBGAsYHQ/s400/Green%2BScience%2BKit.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x400, components 3\012- data
Hash 7756ce201b0bd6cc337888d3143d2ef5
f77e0aaac9953091c0e5755b9e0eef8b55d327e4
307b5666a4d4bba47ffe7734cd95a91014e47ced5d9ba447c90b8d0eca003770
GET /-Hk3KFzkvGTs/YGvYrLeSfoI/AAAAAAAARcg/dckPKuIsbGgKMG8BhArN-G7xe1NdcOBPQCNcBGAsYHQ/s400/Green%2BScience%2BKit.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v45ca"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Green Science Kit.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 85756
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Thu, 23 Mar 2023 22:05:11 GMT
Expires: Fri, 24 Mar 2023 00:05:11 GMT
Cache-Control: public, max-age=7200
Age: 5664
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
1.bp.blogspot.com/-5hWg_9_kOic/YGvYjtWgz3I/AAAAAAAARcc/wZM54u5QoPYcbybgKM8yujIJ1WMP5cGPgCNcBGAsYHQ/s400/Green%2BScience%2BKit%2BGiveaway.jpg
200 OK 82 kB URL HTTP/2 1.bp.blogspot.com/-5hWg_9_kOic/YGvYjtWgz3I/AAAAAAAARcc/wZM54u5QoPYcbybgKM8yujIJ1WMP5cGPgCNcBGAsYHQ/s400/Green%2BScience%2BKit%2BGiveaway.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x361, components 3\012- data
Hash 8614b154d27d5c821d9d5dad856b704d
6fbccd1788d4f081ac16f8e4b7bf89d5f47ef806
9296fac8ee091f2713c2a92f7ec554e7ae779fd2683a572af80c89b62e136926
GET /-5hWg_9_kOic/YGvYjtWgz3I/AAAAAAAARcc/wZM54u5QoPYcbybgKM8yujIJ1WMP5cGPgCNcBGAsYHQ/s400/Green%2BScience%2BKit%2BGiveaway.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v45c9"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Green Science Kit Giveaway.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 81771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j99&a=1764459857&t=pageview&_s=1&dl=http%3A%2F%2Ficefairystreasurechest.blogspot.com%2Fsearch%2Flabel%2FToys&ul=en-us&de=UTF-8&dt=icefairy%27s%20Treasure%20Chest%7C%23%7C&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgEABCAAAAAACI~&jid=1460166312&gjid=371250888&cid=1018962520.1679614785&tid=UA-55933669-34&_gid=1276121844.1679614785&z=512726944
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j99&a=1764459857&t=pageview&_s=1&dl=http%3A%2F%2Ficefairystreasurechest.blogspot.com%2Fsearch%2Flabel%2FToys&ul=en-us&de=UTF-8&dt=icefairy%27s%20Treasure%20Chest%7C%23%7C&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgEABCAAAAAACI~&jid=1460166312&gjid=371250888&cid=1018962520.1679614785&tid=UA-55933669-34&_gid=1276121844.1679614785&z=512726944
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=1764459857&t=pageview&_s=1&dl=http%3A%2F%2Ficefairystreasurechest.blogspot.com%2Fsearch%2Flabel%2FToys&ul=en-us&de=UTF-8&dt=icefairy%27s%20Treasure%20Chest%7C%23%7C&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgEABCAAAAAACI~&jid=1460166312&gjid=371250888&cid=1018962520.1679614785&tid=UA-55933669-34&_gid=1276121844.1679614785&z=512726944 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Thu, 23 Mar 2023 18:05:11 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 20064
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvd3-Ks4NOz6GE2Hi0CqfGDzhTaJn4oLpvn1RWLSYcKDsrGtjEQFXC0tJORzsBDF9N5Zmp1mo4I5nL0sdec2k4wOQRwMdxE4yHxK_trtXEfBYbBvtuaOF5juZi_VceAFdUSG0QSnGMGWs4lXgrV7glhpfi5lcxXeA5Vi3XgAVuXIkA6fupTSmw6vpfZQ/s400/Holiday%20Reversible%20Plushies.png
200 OK 55 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvd3-Ks4NOz6GE2Hi0CqfGDzhTaJn4oLpvn1RWLSYcKDsrGtjEQFXC0tJORzsBDF9N5Zmp1mo4I5nL0sdec2k4wOQRwMdxE4yHxK_trtXEfBYbBvtuaOF5juZi_VceAFdUSG0QSnGMGWs4lXgrV7glhpfi5lcxXeA5Vi3XgAVuXIkA6fupTSmw6vpfZQ/s400/Holiday%20Reversible%20Plushies.png
IP
File type PNG image data, 400 x 136, 8-bit/color RGB, non-interlaced\012- data
Hash e132b38500b97fce70f9234b45fcfb27
26d74550dbe11d01f0d7c1ae17eef99e7de47fad
aeafae99dc9719ae7ce82ff108b45f12ff86977890c4c7fa05c77b834668454e
GET /img/b/R29vZ2xl/AVvXsEhvd3-Ks4NOz6GE2Hi0CqfGDzhTaJn4oLpvn1RWLSYcKDsrGtjEQFXC0tJORzsBDF9N5Zmp1mo4I5nL0sdec2k4wOQRwMdxE4yHxK_trtXEfBYbBvtuaOF5juZi_VceAFdUSG0QSnGMGWs4lXgrV7glhpfi5lcxXeA5Vi3XgAVuXIkA6fupTSmw6vpfZQ/s400/Holiday%20Reversible%20Plushies.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v491b"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Holiday Reversible Plushies.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 54837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgw78lafOyqK_cXUUIFboY0JZLfNNHMfTO7k1JMqT6i6XYcmJzCAMKSSMOfucdJDZKXuM1lZ-4etv-92jQyZEhG6CrdLm_AAqkeyOTuBveU6mHlLkqrdWX1IjCp7t9BWjqflSKHj6TEWVSawrVPVO1Lvcv9G068wYksLa1LSJb2iwjbo4hQefyVqCxsQ/w306-h320/TeeTurtle%20Reversible%20Octopus.jpg
200 OK 31 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgw78lafOyqK_cXUUIFboY0JZLfNNHMfTO7k1JMqT6i6XYcmJzCAMKSSMOfucdJDZKXuM1lZ-4etv-92jQyZEhG6CrdLm_AAqkeyOTuBveU6mHlLkqrdWX1IjCp7t9BWjqflSKHj6TEWVSawrVPVO1Lvcv9G068wYksLa1LSJb2iwjbo4hQefyVqCxsQ/w306-h320/TeeTurtle%20Reversible%20Octopus.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 306x320, components 3\012- data
Hash c3bc20bfaed747b001ceeef2c7e7fac7
98c1cb1f48a8e07604eae466cf138bad22195c93
cb46a9a0b7c73d24f54eaf37cfcf55de7b0c38d3a824989ec328637bed62267c
GET /img/b/R29vZ2xl/AVvXsEhgw78lafOyqK_cXUUIFboY0JZLfNNHMfTO7k1JMqT6i6XYcmJzCAMKSSMOfucdJDZKXuM1lZ-4etv-92jQyZEhG6CrdLm_AAqkeyOTuBveU6mHlLkqrdWX1IjCp7t9BWjqflSKHj6TEWVSawrVPVO1Lvcv9G068wYksLa1LSJb2iwjbo4hQefyVqCxsQ/w306-h320/TeeTurtle%20Reversible%20Octopus.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4919"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="TeeTurtle Reversible Octopus.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 31024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.amazonaws.com/cgc-badge-v2/common.js
200 OK 0 B URL HTTP/1.1 s3.amazonaws.com/cgc-badge-v2/common.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgc-badge-v2/common.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NpOTQMSeVpHnwunZtxM+shr6DL/COzreIfJ2o1y6XFc553Hh388QJWRiSFca/Tq9RZtaGttOdLw=
x-amz-request-id: 29FHRC6575ZSYXTR
Date: Thu, 23 Mar 2023 23:39:36 GMT
Last-Modified: Fri, 07 May 2021 06:33:05 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i745.photobucket.com/albums/xx96/beatspammer/header_opt_zps09394be7.jpg
200 OK 52 kB URL HTTP/2 i745.photobucket.com/albums/xx96/beatspammer/header_opt_zps09394be7.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash a8d94df9bae66ae3ae8713831d66ed86
4885f02e2649e7094bc549fbc088f7b0f2ae6815
c1c9a03386bd157a09b5bc85bdd5586429293ff02a8c9fba4383497041ff12fa
GET /albums/xx96/beatspammer/header_opt_zps09394be7.jpg HTTP/1.1
Host: i745.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 51658
date: Thu, 23 Mar 2023 23:39:35 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="header_opt_zps09394be7.webp"
content-security-policy: script-src 'none'
expires: Fri, 22 Mar 2024 23:39:35 GMT
server: photobucket
x-amzn-trace-id: Root=1-641ce337-1525fbd763374a591a1a183e
x-request-id: TOkEspC2oLWGC_Kn6DCQ1
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -FKQ8Xq0tqkF7oxA12dcVKgNfOftjpOX0YtcTgHR_GsRI-61NM-DEQ==
vary: Accept, Origin
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-55933669-34&cid=1018962520.1679614785&jid=1460166312&gjid=371250888&_gid=1276121844.1679614785&_u=YGBAgEABCAAAAEACI~&z=1133479230
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-55933669-34&cid=1018962520.1679614785&jid=1460166312&gjid=371250888&_gid=1276121844.1679614785&_u=YGBAgEABCAAAAEACI~&z=1133479230
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-55933669-34&cid=1018962520.1679614785&jid=1460166312&gjid=371250888&_gid=1276121844.1679614785&_u=YGBAgEABCAAAAEACI~&z=1133479230 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://icefairystreasurechest.blogspot.com
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://icefairystreasurechest.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Mar 2023 23:39:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b161468592e9288cf0bd27a2a3c3ab6d
caf9abcba11eab2664628a3508d90f95a0ee6868
773101a2c1b761cd72249061c106e9c8c3c4313c76401b90c00e3ed9d4a18bc2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 23:39:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 04:17:09 GMT
Expires: Tue, 28 Mar 2023 04:17:08 GMT
Etag: "caf9abcba11eab2664628a3508d90f95a0ee6868"
Cache-Control: max-age=361652,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aca83bc286f0b51-OSL
1.bp.blogspot.com/-a4bvxNiT7CE/YA_pnM8_1ZI/AAAAAAAARW4/J9vWdAv0s-QaDJOLupP_IzEfWOIyb3XgACNcBGAsYHQ/s400/Mia%2Band%2BNattie%2BTour%2BBanner.png
200 OK 83 kB URL HTTP/2 1.bp.blogspot.com/-a4bvxNiT7CE/YA_pnM8_1ZI/AAAAAAAARW4/J9vWdAv0s-QaDJOLupP_IzEfWOIyb3XgACNcBGAsYHQ/s400/Mia%2Band%2BNattie%2BTour%2BBanner.png
IP
File type PNG image data, 400 x 185, 8-bit/color RGB, non-interlaced\012- data
Hash c3479159dee4d202028034fd1a5714dd
38a9c5fefe90595ee9beda19ea2cece4bccbfd75
e23bfc3bbde9adbd27ea9a788f39e43baf8f9f08825d2f2fcd9a423f8d283b59
GET /-a4bvxNiT7CE/YA_pnM8_1ZI/AAAAAAAARW4/J9vWdAv0s-QaDJOLupP_IzEfWOIyb3XgACNcBGAsYHQ/s400/Mia%2Band%2BNattie%2BTour%2BBanner.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4570"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Mia and Nattie Tour Banner.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 82631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/11/tee-turtle-holiday-gift-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/11/tee-turtle-holiday-gift-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/11/tee-turtle-holiday-gift-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/11/tee-turtle-holiday-gift-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/07/fun-summer-toys-for-active-kids-all-pro.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/07/fun-summer-toys-for-active-kids-all-pro.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/07/fun-summer-toys-for-active-kids-all-pro.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/07/fun-summer-toys-for-active-kids-all-pro.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/alycat-and-cattywampus-wednesday-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/alycat-and-cattywampus-wednesday-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/alycat-and-cattywampus-wednesday-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/alycat-and-cattywampus-wednesday-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
fonts.googleapis.com/css?family=Montserrat:700
200 OK 500 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:700
IP
Hash b7e1a3e1f2cf23c2566765115ef60304
90003128f32ee27852856a6304a49e9d29a6d461
9f8673f1e85c7e598e49cd6613ffcc6a31e6c00d6996de84551f430bb44e6c18
GET /css?family=Montserrat:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 23:39:35 GMT
date: Thu, 23 Mar 2023 23:39:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7Y8QS6msvFK_5gX_e3N3FkysEE0j3A76BazzNcYO-oTCrXYKJHpSHeoLA_OkTp4ryOJHsaTOoeQaNr8K6su50pcu0WfqZAxxR1vEu-OwuXjY3hpCFnxZjNPb6wpDQhkLLGnAOZQLoylYrKHdI2bSVpyOKJxJKQO9FNjpJF6y_D4S9B7y5X1MYsNYJag/s400/Go%20Pop%20Presto%20Game.jpg
200 OK 55 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7Y8QS6msvFK_5gX_e3N3FkysEE0j3A76BazzNcYO-oTCrXYKJHpSHeoLA_OkTp4ryOJHsaTOoeQaNr8K6su50pcu0WfqZAxxR1vEu-OwuXjY3hpCFnxZjNPb6wpDQhkLLGnAOZQLoylYrKHdI2bSVpyOKJxJKQO9FNjpJF6y_D4S9B7y5X1MYsNYJag/s400/Go%20Pop%20Presto%20Game.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x389, components 3\012- data
Hash a0838331074135c7f5eb2401beecef87
5939ee41d35137bad8e3a55588be8004d12e6932
7a1024ba77289e397f4bc787e50b6070ebe9db6604bd3290d08e2f69a5e96b5d
GET /img/b/R29vZ2xl/AVvXsEh7Y8QS6msvFK_5gX_e3N3FkysEE0j3A76BazzNcYO-oTCrXYKJHpSHeoLA_OkTp4ryOJHsaTOoeQaNr8K6su50pcu0WfqZAxxR1vEu-OwuXjY3hpCFnxZjNPb6wpDQhkLLGnAOZQLoylYrKHdI2bSVpyOKJxJKQO9FNjpJF6y_D4S9B7y5X1MYsNYJag/s400/Go%20Pop%20Presto%20Game.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v482b"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Go Pop Presto Game.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 55079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-giveaway-may-flowers.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-giveaway-may-flowers.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-giveaway-may-flowers.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-giveaway-may-flowers.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4JgYA8iBgpZMfCGp37EzMx3AP1zIT8OeqxEOLXzqLiK6M5ujvEZz3e8r0ZEoHK2612urE0cou06V9_9JGFZI7WP3hVCsXHOh8WuerLztIxr3Zfza1PorCz6aBej46BlmqBfp6gQlyk4oa7C2-zW2s-j9qlWxKf5_iUM6yWW_CddgnqHdDZHTLvqkRkQ/s400/Go%20Pop%20Presto%20Game.jpg
200 OK 55 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4JgYA8iBgpZMfCGp37EzMx3AP1zIT8OeqxEOLXzqLiK6M5ujvEZz3e8r0ZEoHK2612urE0cou06V9_9JGFZI7WP3hVCsXHOh8WuerLztIxr3Zfza1PorCz6aBej46BlmqBfp6gQlyk4oa7C2-zW2s-j9qlWxKf5_iUM6yWW_CddgnqHdDZHTLvqkRkQ/s400/Go%20Pop%20Presto%20Game.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x389, components 3\012- data
Hash a0838331074135c7f5eb2401beecef87
5939ee41d35137bad8e3a55588be8004d12e6932
7a1024ba77289e397f4bc787e50b6070ebe9db6604bd3290d08e2f69a5e96b5d
GET /img/b/R29vZ2xl/AVvXsEj4JgYA8iBgpZMfCGp37EzMx3AP1zIT8OeqxEOLXzqLiK6M5ujvEZz3e8r0ZEoHK2612urE0cou06V9_9JGFZI7WP3hVCsXHOh8WuerLztIxr3Zfza1PorCz6aBej46BlmqBfp6gQlyk4oa7C2-zW2s-j9qlWxKf5_iUM6yWW_CddgnqHdDZHTLvqkRkQ/s400/Go%20Pop%20Presto%20Game.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v481d"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Go Pop Presto Game.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 55079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/01/mia-and-nattie-one-great-team-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/01/mia-and-nattie-one-great-team-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/01/mia-and-nattie-one-great-team-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/01/mia-and-nattie-one-great-team-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/11/creatto-starlight-kitty-cutie-crew.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/11/creatto-starlight-kitty-cutie-crew.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/11/creatto-starlight-kitty-cutie-crew.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/11/creatto-starlight-kitty-cutie-crew.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/10/land-of-dough-vampland-luxe-dough-cup.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/10/land-of-dough-vampland-luxe-dough-cup.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/10/land-of-dough-vampland-luxe-dough-cup.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/10/land-of-dough-vampland-luxe-dough-cup.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8926522047608644233%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMzNDlkYjkqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMzNDlkYjlKByMwMDAwMDBSByMzNDlkYjlaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://icefairystreasurechest.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.zUi2Oiqh0cQ.O/d%253D1/rs%253DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8926522047608644233%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMzNDlkYjkqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMzNDlkYjlKByMwMDAwMDBSByMzNDlkYjlaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://icefairystreasurechest.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.zUi2Oiqh0cQ.O/d%253D1/rs%253DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%253D__features__%26bpli%3D1&go=true
302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8926522047608644233%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMzNDlkYjkqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMzNDlkYjlKByMwMDAwMDBSByMzNDlkYjlaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://icefairystreasurechest.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.zUi2Oiqh0cQ.O/d%253D1/rs%253DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8926522047608644233%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMzNDlkYjkqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMzNDlkYjlKByMwMDAwMDBSByMzNDlkYjlaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://icefairystreasurechest.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.zUi2Oiqh0cQ.O/d%253D1/rs%253DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%253D__features__%26bpli%3D1&go=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8926522047608644233%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMzNDlkYjkqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMzNDlkYjlKByMwMDAwMDBSByMzNDlkYjlaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://icefairystreasurechest.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.zUi2Oiqh0cQ.O/d%253D1/rs%253DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8926522047608644233%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMzNDlkYjkqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMzNDlkYjlKByMwMDAwMDBSByMzNDlkYjlaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://icefairystreasurechest.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.zUi2Oiqh0cQ.O/d%253D1/rs%253DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Mar 2023 23:39:35 GMT
location: https://www.blogger.com/followers.g?blogID=8926522047608644233&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMzNDlkYjkqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMzNDlkYjlKByMwMDAwMDBSByMzNDlkYjlaC3RyYW5zcGFyZW50&pageSize=21&origin=http://icefairystreasurechest.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.zUi2Oiqh0cQ.O/d%3D1/rs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/m%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-d6HuZNdw0rS9HNIBUTPevA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:xitDpnDKfR9jREqglaaeQvhWb1MhWw:zCWzL-gmNa30Sze0; Expires=Sat, 22-Mar-2025 23:39:35 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/08/buckets-goes-on-winter-adventure-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/08/buckets-goes-on-winter-adventure-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/08/buckets-goes-on-winter-adventure-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/08/buckets-goes-on-winter-adventure-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/07/green-toys-parking-garage-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/07/green-toys-parking-garage-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/07/green-toys-parking-garage-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/07/green-toys-parking-garage-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/04/science-4-you-green-science-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/04/science-4-you-green-science-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/04/science-4-you-green-science-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/04/science-4-you-green-science-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwEs7KWpXJv8dWWDuFBWeq0b3KNk4E2iH5rjxLBnFIWkNDRGLdi13JZOeB33-8MWOGD8eI4WPJ0djFbNhkhG-xuVVxhs_T6oEvzDMTg22g4dTYXN1d6zJ28-y5kCvbazorEtaJogh2un4Kk09wQAv6AA9lneC37RpzcGjLEKTQCVLFV7s7EnGAPPIRDw/s400/All%20Pro%20Passer%20Robotic%20Quarterback.jpg
200 OK 56 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwEs7KWpXJv8dWWDuFBWeq0b3KNk4E2iH5rjxLBnFIWkNDRGLdi13JZOeB33-8MWOGD8eI4WPJ0djFbNhkhG-xuVVxhs_T6oEvzDMTg22g4dTYXN1d6zJ28-y5kCvbazorEtaJogh2un4Kk09wQAv6AA9lneC37RpzcGjLEKTQCVLFV7s7EnGAPPIRDw/s400/All%20Pro%20Passer%20Robotic%20Quarterback.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x280, components 3\012- data
Hash 2e879ee2b88dc73242457072e7cc3a02
6ca6c4f2756bf7fff1a6319793932150b850fb1d
480329c4554ba6f32a99883c9efed2bc355ac9610c617950d38d3176d5b0bb9c
GET /img/b/R29vZ2xl/AVvXsEjwEs7KWpXJv8dWWDuFBWeq0b3KNk4E2iH5rjxLBnFIWkNDRGLdi13JZOeB33-8MWOGD8eI4WPJ0djFbNhkhG-xuVVxhs_T6oEvzDMTg22g4dTYXN1d6zJ28-y5kCvbazorEtaJogh2un4Kk09wQAv6AA9lneC37RpzcGjLEKTQCVLFV7s7EnGAPPIRDw/s400/All%20Pro%20Passer%20Robotic%20Quarterback.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v486b"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="All Pro Passer Robotic Quarterback.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 56132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 23 Mar 2023 22:05:11 GMT
Expires: Fri, 24 Mar 2023 00:05:11 GMT
Cache-Control: public, max-age=7200
Age: 5665
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/01/boxiki-kiddolab-toys-review-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/01/boxiki-kiddolab-toys-review-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/01/boxiki-kiddolab-toys-review-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/01/boxiki-kiddolab-toys-review-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:35 GMT
Connection: keep-alive
Content-Length: 0
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSRMCbGhJ9DzxRHanZdXpRieCJO-MVp0GdS69SAwDwZeuNogTRlIVxdwNSQ8ZY3mjcC16nCqvO2ItXzuzezSsHSBduqpOHnfrj0X0WrgTAEEzHB8Tu7ukq8NIfAff38QX5aOgUxaKoAefRN7zZqZ5e1qLQnfA_zixjopqpaHK98N42WApKe6fsg04lcQ/s400/Alycat%20and%20the%20Cattywampus%20Wednesday%20Awareness%20Tour.png
200 OK 85 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSRMCbGhJ9DzxRHanZdXpRieCJO-MVp0GdS69SAwDwZeuNogTRlIVxdwNSQ8ZY3mjcC16nCqvO2ItXzuzezSsHSBduqpOHnfrj0X0WrgTAEEzHB8Tu7ukq8NIfAff38QX5aOgUxaKoAefRN7zZqZ5e1qLQnfA_zixjopqpaHK98N42WApKe6fsg04lcQ/s400/Alycat%20and%20the%20Cattywampus%20Wednesday%20Awareness%20Tour.png
IP
File type PNG image data, 400 x 200, 8-bit/color RGB, non-interlaced\012- data
Hash f7c0d67ef0ee1015a7228d4676557171
81e56292f926250ff23ea3990bf2c392e85c7499
0f03073604b9ca1e0dfcfd7087bbc279db4fa0767cf19ba02de4603dfd24d822
GET /img/b/R29vZ2xl/AVvXsEjSRMCbGhJ9DzxRHanZdXpRieCJO-MVp0GdS69SAwDwZeuNogTRlIVxdwNSQ8ZY3mjcC16nCqvO2ItXzuzezSsHSBduqpOHnfrj0X0WrgTAEEzHB8Tu7ukq8NIfAff38QX5aOgUxaKoAefRN7zZqZ5e1qLQnfA_zixjopqpaHK98N42WApKe6fsg04lcQ/s400/Alycat%20and%20the%20Cattywampus%20Wednesday%20Awareness%20Tour.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v482d"
expires: Fri, 24 Mar 2023 23:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Alycat and the Cattywampus Wednesday Awareness Tour.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:35 GMT
server: fife
content-length: 84602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4StLWFyzICVXyYINyL0Y99CP9tnJyTZbCZX0RBsqw9YWU7oS3SQTJfB_RKQ6PQ-KpOzhNGBzKeLfwMynEKDR8f4IielipPFItjDuUK6wr2uq6n_ZKDbk4-xkuM5kaqD9r9Oj_i4nPnz0UcYA9uImrqaN1DDRdYOKuA1xLc0q40cucVbehKMbw88meoQ/s400/Alycat%20and%20the%20Cattywampus%20Wednesday.jpg
200 OK 52 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4StLWFyzICVXyYINyL0Y99CP9tnJyTZbCZX0RBsqw9YWU7oS3SQTJfB_RKQ6PQ-KpOzhNGBzKeLfwMynEKDR8f4IielipPFItjDuUK6wr2uq6n_ZKDbk4-xkuM5kaqD9r9Oj_i4nPnz0UcYA9uImrqaN1DDRdYOKuA1xLc0q40cucVbehKMbw88meoQ/s400/Alycat%20and%20the%20Cattywampus%20Wednesday.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 315x400, components 3\012- data
Hash 9a64f8801c41d372a31b16c59b440c5e
a105523bba71df025ec62114193b92a1e3f74f43
f6f8bfdf33963798aaa6d6350e634723e477a834d624c2115f6ce14f07765d1b
GET /img/b/R29vZ2xl/AVvXsEi4StLWFyzICVXyYINyL0Y99CP9tnJyTZbCZX0RBsqw9YWU7oS3SQTJfB_RKQ6PQ-KpOzhNGBzKeLfwMynEKDR8f4IielipPFItjDuUK6wr2uq6n_ZKDbk4-xkuM5kaqD9r9Oj_i4nPnz0UcYA9uImrqaN1DDRdYOKuA1xLc0q40cucVbehKMbw88meoQ/s400/Alycat%20and%20the%20Cattywampus%20Wednesday.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4830"
expires: Fri, 24 Mar 2023 23:39:36 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Alycat and the Cattywampus Wednesday.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:36 GMT
server: fife
content-length: 52315
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bloglovin.com/widget/bilder/en/widget.gif
200 OK 1.6 kB URL HTTP/2 www.bloglovin.com/widget/bilder/en/widget.gif
IP
File type GIF image data, version 89a, 173 x 29\012- data
Hash aa527201ccdd3a09a11178cfe13ab034
2b6c0087150d7026a36defd8202c43cc3a26a3ed
45daca1b266668874deee662165df621e3cf8027893e5cac63deb50f1fa18085
GET /widget/bilder/en/widget.gif HTTP/1.1
Host: www.bloglovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:35 GMT
content-type: image/gif
content-length: 1588
last-modified: Thu, 16 Feb 2023 16:14:22 GMT
etag: "63ee565e-634"
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/04/think-big-blog-tour-prize-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/04/think-big-blog-tour-prize-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/04/think-big-blog-tour-prize-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/04/think-big-blog-tour-prize-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
Content-Length: 0
ocsp.digicert.com/
200 OK 471 B IP
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1602
Cache-Control: max-age=156256
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 19:03:52 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/12/magformers-amazing-rescue-50-piece-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/12/magformers-amazing-rescue-50-piece-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/12/magformers-amazing-rescue-50-piece-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/12/magformers-amazing-rescue-50-piece-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
Content-Length: 0
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://icefairystreasurechest.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
age: 106465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/07/if-i-were-human-blog-tour-review-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/07/if-i-were-human-blog-tour-review-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/07/if-i-were-human-blog-tour-review-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/07/if-i-were-human-blog-tour-review-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
Content-Length: 0
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://icefairystreasurechest.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 13:57:54 GMT
expires: Tue, 19 Mar 2024 13:57:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
age: 294102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/08/stem-at-play-slime-slime-making-lab-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/08/stem-at-play-slime-slime-making-lab-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/08/stem-at-play-slime-slime-making-lab-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/08/stem-at-play-slime-slime-making-lab-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
Content-Length: 0
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiD6OvNhVY6EcgJS7_upfT36CAsl9dBUhxYD4zOIEnQK6gs5jnp7wEZ3WCZod8rgEVGPJi_IcSse_4ilQGPDJqNf5-p_dN9CUYYxuktV0tobRzMfkkPsNxcIroGG01ZgJYVZ6fVzsUJUReDXagPAa1cI92TBX9OQzCPk5SjXHVB_M13TKMlvH7qY-gZw/s400/Go%20Pop%20Presto%20Game%20in%20action.jpg
200 OK 56 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiD6OvNhVY6EcgJS7_upfT36CAsl9dBUhxYD4zOIEnQK6gs5jnp7wEZ3WCZod8rgEVGPJi_IcSse_4ilQGPDJqNf5-p_dN9CUYYxuktV0tobRzMfkkPsNxcIroGG01ZgJYVZ6fVzsUJUReDXagPAa1cI92TBX9OQzCPk5SjXHVB_M13TKMlvH7qY-gZw/s400/Go%20Pop%20Presto%20Game%20in%20action.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x400, components 3\012- data
Hash 4964416934e947cb3c8b41d8e802ec7d
6272c8cd1acffe0d8aa91b14244860da5ad7afb8
7f688a2f29c78de1ac515b2e9a1a0e951fa9cf4d8aa325b88c1c7389304db0a9
GET /img/b/R29vZ2xl/AVvXsEjiD6OvNhVY6EcgJS7_upfT36CAsl9dBUhxYD4zOIEnQK6gs5jnp7wEZ3WCZod8rgEVGPJi_IcSse_4ilQGPDJqNf5-p_dN9CUYYxuktV0tobRzMfkkPsNxcIroGG01ZgJYVZ6fVzsUJUReDXagPAa1cI92TBX9OQzCPk5SjXHVB_M13TKMlvH7qY-gZw/s400/Go%20Pop%20Presto%20Game%20in%20action.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v481f"
expires: Fri, 24 Mar 2023 23:39:36 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Go Pop Presto Game in action.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:36 GMT
server: fife
content-length: 55873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/theres-elephant-in-my-bathtub-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/theres-elephant-in-my-bathtub-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/theres-elephant-in-my-bathtub-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/theres-elephant-in-my-bathtub-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/goliath-games-stocking-stuffer-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/goliath-games-stocking-stuffer-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/goliath-games-stocking-stuffer-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/goliath-games-stocking-stuffer-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
Content-Length: 0
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/04/science-4-you-green-science-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/04/science-4-you-green-science-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/04/science-4-you-green-science-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 5zR3Nk5HKSa/RW0LvEhglDlrLDKH/5VVm0sQNNthgZK0+8cv2le1EUTLuQAY4q03tsX6iEPp5YWaOCyxA9nkqg==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/10/land-of-dough-vampland-luxe-dough-cup.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/10/land-of-dough-vampland-luxe-dough-cup.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/10/land-of-dough-vampland-luxe-dough-cup.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: tkZjMIcH1XCQDd7apA4L73KUcsCPKDGtqQ7JZ5xNQ3sljItsJEG8nW66inZFw1qVnYm5g9dNf7UmEeGqd380vg==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/08/buckets-goes-on-winter-adventure-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/08/buckets-goes-on-winter-adventure-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/08/buckets-goes-on-winter-adventure-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 8zfy0vsQ+NsYXnFtTU8W6ECZQmYYO4DqnrEBaKZjvN6vgAx/il/C37UqpPjN5ieEjWczhf/iiBPQ7fGPMqCkyw==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/07/fun-summer-toys-for-active-kids-all-pro.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/07/fun-summer-toys-for-active-kids-all-pro.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/07/fun-summer-toys-for-active-kids-all-pro.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Xt86JdVcNokiYWiaZicIBmLOpkUvoLja7W5AB4+qyDebLhGkEJ611XYs+ZFkRsDUPykL2YIqAMNFz6g9H8UZLQ==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/11/creatto-starlight-kitty-cutie-crew.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/11/creatto-starlight-kitty-cutie-crew.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/11/creatto-starlight-kitty-cutie-crew.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Cx7IbESMR02Qr8/x0Od5l7So5NrhVJLixzTDbkWO1Ju6/EIo35i8YUU4AIr9sPkHqkQ5ov2mwSplvuzw7npx6Q==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/07/green-toys-parking-garage-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/07/green-toys-parking-garage-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/07/green-toys-parking-garage-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: JcS0xOhzqctQSSd9ZjHbyc9g7/mMboug0+mPNJekuact0A5BIymLE3qHJTGTt3hZF1UfOjgwbvfaYbkIcermTg==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
follow.it/static/img/colored-logo.svg
200 OK 1.3 kB URL HTTP/2 follow.it/static/img/colored-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3885), with no line terminators
Hash 03c9dc0460700c81b026640c2485aa9d
b92afd630ad04c74ba6b912827076d90768e55ab
f661d6ce6c718a743a6fadf5ac23c63e1bc519a54b5f4f78169990d877639975
GET /static/img/colored-logo.svg HTTP/1.1
Host: follow.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 23:39:35 GMT
content-type: image/svg+xml
last-modified: Thu, 23 Mar 2023 12:29:05 GMT
etag: W/"641c4611-f2d"
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=600; includeSubdomains;
cache-control: max-age=14400
cf-cache-status: HIT
age: 6310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lyqbOKDbSxAX4T0azFw6tEtT0yduZs9Z4PxyWZSW31sHPLYIggz4MwcvxiOs1P5S8nmKmxFKi631%2FAjlyd3zQ5aBBArtae7DNh36Ch28H2vOQQZrifk1qjozw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aca83bc2a23b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/12/ooze-labs-colorful-crystal-lab-stem.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/12/ooze-labs-colorful-crystal-lab-stem.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/12/ooze-labs-colorful-crystal-lab-stem.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: cAydYP/+LLOl9TZEIBtRcj9vWY/UTeodSQPpVfETlNhRYN42H6vPGnmMRxBbfshbA4YVrTkSRfxK+5hKn9SWjg==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 692
Cache-Control: max-age=155346
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 18:48:42 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-giveaway-may-flowers.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-giveaway-may-flowers.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-giveaway-may-flowers.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 3zgo3pxq7fHO2kMO5QPts+LmDmZ3TJUj7eYWY178+DCW8UU/kqVl2T9MJEaH8R0fLlwNiW61UjM1M1LMsindIQ==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/alycat-and-cattywampus-wednesday-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/alycat-and-cattywampus-wednesday-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/alycat-and-cattywampus-wednesday-blog.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: nlBOesobYJf4grKsmrNcYBare43wcRDRGjPTzR+ahQMY+T59WfehxyBoYijZoo8VhG6Hlou73bBN/kpdUY6c5w==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/04/think-big-blog-tour-prize-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/04/think-big-blog-tour-prize-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2020/04/think-big-blog-tour-prize-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: EZyjddSKRKCv5C9CyxAuZxSOVQedUOpA5Rfx+B+9ZGH25V4lX6CIqOTfKMgNYUMyw90UFpsPFcs1NK8YU0KDTQ==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/05/go-pop-presto-game-review.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 55qJntgCeGT25tMzEYPwBbDsv1dVIYrwy7WEru8ZlQrWfQUFzDfrF72nnmCFdp3ssOfDRJdSvgqTCoF5Y/jawg==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/11/tee-turtle-holiday-gift-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/11/tee-turtle-holiday-gift-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/11/tee-turtle-holiday-gift-pack-giveaway.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: D+5uXkI8xTbm5BPw1i+exrMHbdYqsFAXZDjgwryNnjJBMuC2Lci1JgXkoqVcBCLMU5S6CvOpjfo/4nGxlBbgjA==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/12/magformers-amazing-rescue-50-piece-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/12/magformers-amazing-rescue-50-piece-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/12/magformers-amazing-rescue-50-piece-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Pa6Uc6AysKkk9IB81RycSXuQxz4UVRXYej2vdupG1029dMaGJwpgpWwBBa1NUUjprbEJasP2ZRU18yCTL9UP+w==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/01/mia-and-nattie-one-great-team-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/01/mia-and-nattie-one-great-team-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2021/01/mia-and-nattie-one-great-team-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: akfmC1vyLz5QO4anSduqojYeeibLq/FjiMbXcLVkKSqNCjcyM7rIqC2Ugqy/gRlY4mWZsI/+TcBWc3xnv7M/ZQ==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/07/if-i-were-human-blog-tour-review-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/07/if-i-were-human-blog-tour-review-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/07/if-i-were-human-blog-tour-review-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: qhgrORfGwxOdIlOMvkQnqvdqRY6fO/fLVI93xEdPiSUtjD9RI3FyiLCTKnojhi1xWCTmY48JUbezeqrdyCYoJA==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/08/stem-at-play-slime-slime-making-lab-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/08/stem-at-play-slime-slime-making-lab-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2019/08/stem-at-play-slime-slime-making-lab-kit.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: esEXRDclxzUjFPA90SGJn0NICRYjOionM3O2fB4uosWaHoEKg0ro3XC19MCcD8qr/yg53ZiMskfa73OVwAhJyQ==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1602
Cache-Control: max-age=156256
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 19:03:52 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658824020&utmhn=icefairystreasurechest.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=icefairy%27s%20Treasure%20Chest&utmhid=1764459857&utmr=-&utmp=%2Fsearch%2Flabel%2FToys&utmht=1679614785189&utmac=UA-10549999-1&utmcc=__utma%3D120098448.1018962520.1679614785.1679614785.1679614785.1%3B%2B__utmz%3D120098448.1679614785.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=411911896&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658824020&utmhn=icefairystreasurechest.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=icefairy%27s%20Treasure%20Chest&utmhid=1764459857&utmr=-&utmp=%2Fsearch%2Flabel%2FToys&utmht=1679614785189&utmac=UA-10549999-1&utmcc=__utma%3D120098448.1018962520.1679614785.1679614785.1679614785.1%3B%2B__utmz%3D120098448.1679614785.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=411911896&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658824020&utmhn=icefairystreasurechest.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=icefairy%27s%20Treasure%20Chest&utmhid=1764459857&utmr=-&utmp=%2Fsearch%2Flabel%2FToys&utmht=1679614785189&utmac=UA-10549999-1&utmcc=__utma%3D120098448.1018962520.1679614785.1679614785.1679614785.1%3B%2B__utmz%3D120098448.1679614785.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=411911896&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 23 Mar 2023 23:39:36 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/theres-elephant-in-my-bathtub-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/theres-elephant-in-my-bathtub-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/theres-elephant-in-my-bathtub-blog-tour.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: oT2dA9j16BJk72bFUbW+20GT7fmS8q8HiiocAmjYaS+OuxfMoZevdGfzQ75wwErX6gjeGaBW4Y+7pqLfjlRvnQ==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230322/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Thu, 23 Mar 2023 12:50:23 GMT
expires: Thu, 06 Apr 2023 12:50:23 GMT
cache-control: public, max-age=1209600
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
age: 38953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/goliath-games-stocking-stuffer-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/goliath-games-stocking-stuffer-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2018/12/goliath-games-stocking-stuffer-prize.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: qhs0FO8Wuo2uMTltzMbA32T339Ig9WxkXHf7HinZq2ISfYnIr7vpLEyb4DENQho25trzXxBgOXKc3M/q2UiEWg==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 692
Cache-Control: max-age=155346
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 18:48:42 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/03/kool-aid-mini-jigsaw-puzzles-6-pack-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/03/kool-aid-mini-jigsaw-puzzles-6-pack-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://icefairystreasurechest.blogspot.com/2022/03/kool-aid-mini-jigsaw-puzzles-6-pack-set.html&layout=button_count&show_faces=false&width=100&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Y4q2p8Ip2uU0gujXqV9Hf7fdJ/02T/mpoCi3vYyzA5n6/at02NnE4UEDGkPd/oerkD8M2+ys87BkeqAmrZ5sqw==
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db7cef7386b63ec85111dfa1b3ef599f
216567ab9d4cb5293d14bc7f498dbd200d243419
609aa71bb5f748e22b4ae75e59d14477b15b6e3a07751a54ec4b5532f9106e12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "609AA71BB5F748E22B4AE75E59D14477B15B6E3A07751A54EC4B5532F9106E12"
Last-Modified: Thu, 23 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Fri, 24 Mar 2023 05:39:11 GMT
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ebcf61a48430e13e52994188ea9b55dd
412e2406dc4c96f2b8cc4d6cd7e27551de38983a
34e780818d56cf60e6ce4235c5d5b296db56ccd3f243a578902bbe9d0e95f30b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/a/AVvXsEjJOvIpQt_0W_miMew0VNsu_Nhe-zY0hlVCqZSTbfZJ_pjgCYUKDArCflMdWlr69cFIVZSfrq29WNRXOtbL1L61gWUMKTEJq9qrdrTuqSQ1IbxwiQTFbsEJTAVx2CJmz--ytdWGpAz2M_zmLy0l4pRpR7N6JWKRlOrlzj1driezWoaaMQ2AP_e-a-QvNA=s400
200 OK 117 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjJOvIpQt_0W_miMew0VNsu_Nhe-zY0hlVCqZSTbfZJ_pjgCYUKDArCflMdWlr69cFIVZSfrq29WNRXOtbL1L61gWUMKTEJq9qrdrTuqSQ1IbxwiQTFbsEJTAVx2CJmz--ytdWGpAz2M_zmLy0l4pRpR7N6JWKRlOrlzj1driezWoaaMQ2AP_e-a-QvNA=s400
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 348x400, components 3\012- data
Size 117 kB (116984 bytes)
Hash ff32afd1df6d50b1b7fe095ded63743d
80a966e16025b7e428e7b90c7e10f421a9ac9fdd
f8d7e687128e66273f1a2daad6132988ad73f810d45bb25951d1d62e7314cacd
GET /img/a/AVvXsEjJOvIpQt_0W_miMew0VNsu_Nhe-zY0hlVCqZSTbfZJ_pjgCYUKDArCflMdWlr69cFIVZSfrq29WNRXOtbL1L61gWUMKTEJq9qrdrTuqSQ1IbxwiQTFbsEJTAVx2CJmz--ytdWGpAz2M_zmLy0l4pRpR7N6JWKRlOrlzj1driezWoaaMQ2AP_e-a-QvNA=s400 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v47e7"
expires: Fri, 24 Mar 2023 23:39:36 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="KoolAid Mini Puzzles.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:39:36 GMT
server: fife
content-length: 116984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=icefairystreasurechest.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=icefairystreasurechest.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=icefairystreasurechest.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 23:39:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=icefairystreasurechest.blogspot.com&callback=_gfp_s_&client=ca-pub-0872567836412770
200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=icefairystreasurechest.blogspot.com&callback=_gfp_s_&client=ca-pub-0872567836412770
IP
File type ASCII text, with very long lines (391), with no line terminators
Hash 94dbe424cb965a2588f508bf36a86df5
58f6b2bfc945f16311e40d0f85957f124f1459db
70e2be969dfd884fb6db3b71f51cf52e048f3b917acf29489e64a445e4a0d5b3
GET /gampad/cookie.js?domain=icefairystreasurechest.blogspot.com&callback=_gfp_s_&client=ca-pub-0872567836412770 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 23:39:36 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=icefairystreasurechest.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=icefairystreasurechest.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=icefairystreasurechest.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 23:39:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b161468592e9288cf0bd27a2a3c3ab6d
caf9abcba11eab2664628a3508d90f95a0ee6868
773101a2c1b761cd72249061c106e9c8c3c4313c76401b90c00e3ed9d4a18bc2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 23:39:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 04:17:09 GMT
Expires: Tue, 28 Mar 2023 04:17:08 GMT
Etag: "caf9abcba11eab2664628a3508d90f95a0ee6868"
Cache-Control: max-age=361651,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aca83bf4a1a0b51-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ebcf61a48430e13e52994188ea9b55dd
412e2406dc4c96f2b8cc4d6cd7e27551de38983a
34e780818d56cf60e6ce4235c5d5b296db56ccd3f243a578902bbe9d0e95f30b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usfamilyguide.com/graphics/USFGmemberbadge.png
403 Forbidden 199 B URL HTTP/2 www.usfamilyguide.com/graphics/USFGmemberbadge.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb8f534fbff5ee61a95af9c4740ae043
832e403d42aac1fec93e4f602338544d3fd2e4f1
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
GET /graphics/USFGmemberbadge.png HTTP/1.1
Host: www.usfamilyguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Apache
content-length: 199
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9724
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9724
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9724
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9724
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 23:39:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83b68a72-4db6-4e13-ab9e-7af99c1275e5.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83b68a72-4db6-4e13-ab9e-7af99c1275e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5483f1e55bfb1dd7ee50d5c993ce2c43
713be5af68f68936358ad6dc6c2e292ff63fb209
723ee03be195bc93706981369e3df3cbe711f04278f20b02a4da912932896a62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83b68a72-4db6-4e13-ab9e-7af99c1275e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5593
x-amzn-requestid: 951fbc92-bdf3-4af4-ad5d-20d68add7218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQP4PEX9IAMFiTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc69a-01309cc42208ab5272768fce;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:37:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: sZ4KMGCKfdrOi6s0dlGdpxcj689G5WU3CDEC_eNJ2crz0DTsj9UMGA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:01:17 GMT
age: 5899
etag: "713be5af68f68936358ad6dc6c2e292ff63fb209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sidelinesapp.com/static/js/sidelines-sdk.min.js?lv=1
302 Found 0 B URL HTTP/1.1 sidelinesapp.com/static/js/sidelines-sdk.min.js?lv=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/sidelines-sdk.min.js?lv=1 HTTP/1.1
Host: sidelinesapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 302 Found
content-length: 0
date: Thu, 23 Mar 2023 23:39:36 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=sidelinesapp.com
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6bfe713-dd17-46d3-afa9-f5f78836b408.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6bfe713-dd17-46d3-afa9-f5f78836b408.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e1c698a6ed426668efaac9f8a907b2f
f529e2fd710f48f8b176fdaa3c3f66446b930d58
6e7e0803f34264257884908e16a1a9d1aa15b96fba2f513a8ab2c57add34dc5f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6bfe713-dd17-46d3-afa9-f5f78836b408.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8852
x-amzn-requestid: c001b294-0a71-4389-9060-b31536c4a6e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt5EQ-IAMF5Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-373a1f13254871d145a18579;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Q7tdTNfKBU2LAoNGw-3DLxUAMIRyihjBuNpmUnZhjVR9-UyZywRADA==
via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:42:31 GMT
age: 7025
etag: "f529e2fd710f48f8b176fdaa3c3f66446b930d58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd357d16d-d40f-4b91-81cc-69aeb80f25fe.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd357d16d-d40f-4b91-81cc-69aeb80f25fe.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68798f0963b37143bcbec5c6e08f2efe
00bb4ca04f3e52c8d9eacec7449a9cf49f6c312a
7c54bbd23a76d8b4c15e352b92e33c7164916899a5af71ba34a7af884b8a0944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd357d16d-d40f-4b91-81cc-69aeb80f25fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6403
x-amzn-requestid: aab6628c-f612-4b57-9ae1-0017714e19c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHyEIkIAMF4JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-2110e0d35561ab794e44e966;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: seF5M3gxStTgmzA24jiDR8-LA-xy80ZQX2JGk9Ok4ndBoyMpNcrY7A==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:40:49 GMT
age: 7127
etag: "00bb4ca04f3e52c8d9eacec7449a9cf49f6c312a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e3bd59-44bb-4c85-81cb-08614cf98777.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e3bd59-44bb-4c85-81cb-08614cf98777.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89cd024b8021bb2873b0b8972c77cb47
9aea167a3ebf62d91e705433f13b9fb0194daad4
454e0b9e6e12f7a8a1a87913fb7f539358bbfdb1371e30abd472c897082c2a38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e3bd59-44bb-4c85-81cb-08614cf98777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8490
x-amzn-requestid: 7444a745-87e0-4424-92fd-630bf7cacc0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQP4QFRxoAMF3Yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc69a-112bec36430d78e3733e6e12;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:37:31 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 7bujxVYzIuSbb0k7QTtODPpARYVNjAExwSJwNlRWNwR1u_oGeDZqow==
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:13:47 GMT
age: 5149
etag: "9aea167a3ebf62d91e705433f13b9fb0194daad4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d733019c5326d4617096c74ae22fdffd
72bc0b2a19ca257ac974460f81af47fcfa2fee24
6746fcedbf4aad5c94582162e343d160fdc7d127bae807d1a97a9d7a231c9a70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: bf32e1c8-cac1-4f04-abe6-fba2e9e824f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89vHbyoAMFc7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa857-5d84ed861375c4ba04a2ae30;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:51 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: fmwyq7CNN4Eof4DzXfjQtGIsOaoyLH23RMTYdUyFoxdUWe2EFnMCMg==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:13:29 GMT
age: 59167
etag: "72bc0b2a19ca257ac974460f81af47fcfa2fee24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 06:24:31 GMT
age: 62105
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a2c8b3a7a09c1661f2c044c61bacd02d
428c0bbd8a1ea8642220894e567be4b13259eb08
27e52aa4cf46b9ff91af79568ccebe41028bc37bbf98cc8901d8d3251db442da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a2c8b3a7a09c1661f2c044c61bacd02d
428c0bbd8a1ea8642220894e567be4b13259eb08
27e52aa4cf46b9ff91af79568ccebe41028bc37bbf98cc8901d8d3251db442da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js
200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js
IP
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230322/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Thu, 23 Mar 2023 16:32:15 GMT
expires: Thu, 06 Apr 2023 16:32:15 GMT
cache-control: public, max-age=1209600
age: 25641
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js
200 OK 8.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (2465)
Hash 9da78d3accd905d5cc426fad37ef9ce9
c1c5ebc107844e165679f2b069763d10cf8d226d
79578369b938e27d7a0e3b6d02e048ef340d848e12e7b2465acb1e52dc24eeaa
GET /pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8627
x-xss-protection: 0
date: Thu, 23 Mar 2023 16:32:15 GMT
expires: Thu, 06 Apr 2023 16:32:15 GMT
cache-control: public, max-age=1209600
age: 25641
etag: 8620137988422272387
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 2f9541035d4465eda3c438ff9fed5491
04f1747240118a215082135df9175de332ecf41f
2aaa73ca46027d8b75b6503f79561460296d4a8d5617d1159296d7b4e2d19b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5321
Cache-Control: max-age=120696
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Etag: "641c02e8-138"
Expires: Sat, 25 Mar 2023 09:11:12 GMT
Last-Modified: Thu, 23 Mar 2023 07:42:32 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 471 B IP
Hash 9095e56c7010bfcbe5b75b9178fb743e
29a3c046eb4aa112b5fb0a4b3be76f1239d66ad5
b65f391c272bc8d9d84f50f0a90f67e33a221f7edc458e10cc746914c5c5366a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2699
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:36 GMT
Last-Modified: Thu, 23 Mar 2023 22:54:37 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWXjYBJ2DYgICAAAAThqyaw00LsMQOOMcZJQY75WcIfbIMSoAABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=ZBzjOAAGXwsKsqeMAAtZS9R-3oQClrq1TcLfxg
200 OK 0 B URL HTTP/2 rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWXjYBJ2DYgICAAAAThqyaw00LsMQOOMcZJQY75WcIfbIMSoAABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=ZBzjOAAGXwsKsqeMAAtZS9R-3oQClrq1TcLfxg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWXjYBJ2DYgICAAAAThqyaw00LsMQOOMcZJQY75WcIfbIMSoAABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=ZBzjOAAGXwsKsqeMAAtZS9R-3oQClrq1TcLfxg HTTP/1.1
Host: rtb.nl3.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 162815
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash c3937e3292dad35c950f665f729ffea2
9b3464373a19fcc57f305faa19fb86cf88102489
3248d154c17840d4f8ea8533221b0c3feec5f45fae6e0b0250259b6eba2fca8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3872
Cache-Control: max-age=154230
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Etag: "641c8b8f-139"
Expires: Sat, 25 Mar 2023 18:30:07 GMT
Last-Modified: Thu, 23 Mar 2023 17:25:35 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash c3937e3292dad35c950f665f729ffea2
9b3464373a19fcc57f305faa19fb86cf88102489
3248d154c17840d4f8ea8533221b0c3feec5f45fae6e0b0250259b6eba2fca8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3872
Cache-Control: max-age=154230
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Etag: "641c8b8f-139"
Expires: Sat, 25 Mar 2023 18:30:07 GMT
Last-Modified: Thu, 23 Mar 2023 17:25:35 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash c3937e3292dad35c950f665f729ffea2
9b3464373a19fcc57f305faa19fb86cf88102489
3248d154c17840d4f8ea8533221b0c3feec5f45fae6e0b0250259b6eba2fca8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3862
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Last-Modified: Thu, 23 Mar 2023 22:35:15 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash c3937e3292dad35c950f665f729ffea2
9b3464373a19fcc57f305faa19fb86cf88102489
3248d154c17840d4f8ea8533221b0c3feec5f45fae6e0b0250259b6eba2fca8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3872
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Last-Modified: Thu, 23 Mar 2023 22:35:05 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/back_button2.svg
200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:37 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 17 Mar 2024 23:39:37 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:37 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 17 Mar 2024 23:39:37 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 1a04d9ef60d2e55a9db002c1f331a690
b6c3e88b8d63071cdd2b5be27da7b03fc2c5fa5a
1d1df864d169ec60615eb42c66e9cc00b89014a53ec7bb37037fff4323dc9219
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Last-Modified: Thu, 23 Mar 2023 22:38:18 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 314
static.criteo.net/flash/icon/privacy_small.svg
200 OK 1.3 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP
Hash 4896509cae19e3fd7b577a49994b44b6
31755c2eb8e681c993fee19eae39bcd08e9542ce
28fe5f23f026aadab8ffe549b74ee58d9bc9cfd51c5d9f5e25c0129dc6164f46
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:37 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 17 Mar 2024 23:39:37 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 5722981d94a99adbbe3e49b6295aa828
01b00862f7c21d23626a08b4fe0ded8cc0d04d3c
a2750c410a610dd4090a5fc85961cf8f0f28a63d67f73b037a91a10a44aac810
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: max-age=126801
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Etag: "641c1c4b-138"
Expires: Sat, 25 Mar 2023 10:52:58 GMT
Last-Modified: Thu, 23 Mar 2023 09:30:51 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash 5722981d94a99adbbe3e49b6295aa828
01b00862f7c21d23626a08b4fe0ded8cc0d04d3c
a2750c410a610dd4090a5fc85961cf8f0f28a63d67f73b037a91a10a44aac810
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: max-age=126801
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Etag: "641c1c4b-138"
Expires: Sat, 25 Mar 2023 10:52:58 GMT
Last-Modified: Thu, 23 Mar 2023 09:30:51 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash 5722981d94a99adbbe3e49b6295aa828
01b00862f7c21d23626a08b4fe0ded8cc0d04d3c
a2750c410a610dd4090a5fc85961cf8f0f28a63d67f73b037a91a10a44aac810
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: max-age=126801
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:39:37 GMT
Etag: "641c1c4b-138"
Expires: Sat, 25 Mar 2023 10:52:58 GMT
Last-Modified: Thu, 23 Mar 2023 09:30:51 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 312
pix.eu.criteo.net/img/img?h=110&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=236&s=AeqRuVHzagggeeqLQzeLmV7L
200 OK 2.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=110&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=236&s=AeqRuVHzagggeeqLQzeLmV7L
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x89, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d87cdb4eda717111802d9aa1b5e195d4
cb341d80253d5ba7c698bdd35aa8f6f2df770656
3e0963a9ddd575e4f6e28877bc5c142de022322d00a11057ccd423ddbb0b06a4
GET /img/img?h=110&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=236&s=AeqRuVHzagggeeqLQzeLmV7L HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29399268
expires: Tue, 27 Feb 2024 06:07:25 GMT
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2708
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0eeda7e6493484cfb7f70b2967c08177
35b93c5f4f4652bd480397742e1d7edf02399d31
b1b70f74f765bdeacace86455a42be94b01ab5957f2fbaea09fbba672defef41
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29016233
expires: Thu, 22 Feb 2024 19:43:30 GMT
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
200 OK 84 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash babac81dc2e4da2b8343e7d76bbbb357
c89b8eaf661b9220a82f950997eaaa899dd69ea2
5ba6a375ea3c3582d4aa716da8602fb2551bc8b2dcbfc1b8f5913f49f9466e70
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29405875
expires: Tue, 27 Feb 2024 07:57:32 GMT
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 84090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_ctan.jpg&v=3&w=400&s=NTtvgePhF0MNicCYa-0Orwfu&b=400
200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_ctan.jpg&v=3&w=400&s=NTtvgePhF0MNicCYa-0Orwfu&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x342, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99693f44b94946304f8bc098974bcdd2
a76990117ddf657cb61f09a8e8011211efc5e897
4f31215492ee8b7855652b8d7f548ffedbbf1b4f6f0ce8077d02264fcdb926b8
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_ctan.jpg&v=3&w=400&s=NTtvgePhF0MNicCYa-0Orwfu&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31391897
expires: Thu, 21 Mar 2024 07:37:54 GMT
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13820
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fselected-homme%2F1300x1700%2Fsel16075101_cmediumbluemelange_v194038.jpg&v=3&w=400&s=C_4vGaCUs6EtQWYTlXjyTa3O&b=400
200 OK 3.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fselected-homme%2F1300x1700%2Fsel16075101_cmediumbluemelange_v194038.jpg&v=3&w=400&s=C_4vGaCUs6EtQWYTlXjyTa3O&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 175x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5806b04c035eda9be36a3347b3cbe025
b8533b321e75eea31783d270d11230dedaeaa630
af117eec046e95d767b0f8393842994f4d94641fa65765adb518f9d9154233cf
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fselected-homme%2F1300x1700%2Fsel16075101_cmediumbluemelange_v194038.jpg&v=3&w=400&s=C_4vGaCUs6EtQWYTlXjyTa3O&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30795380
expires: Thu, 14 Mar 2024 09:55:57 GMT
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3344
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fthe-kooples%2F1300x1700%2Ftkslo22026s_cblack.jpg&v=3&w=400&s=Mg9xEVANidyK-mJAK9kFQtVO&b=400
200 OK 4.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fthe-kooples%2F1300x1700%2Ftkslo22026s_cblack.jpg&v=3&w=400&s=Mg9xEVANidyK-mJAK9kFQtVO&b=400
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0bdc8754697c2dd4154e23bc3e13b01
8f08cf0137bd778d517e3c826c01472152b0fab4
c4aa7e0d2e0755246b19463d3c359d8e9088402649b1de6f7369fc426c7203ff
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fthe-kooples%2F1300x1700%2Ftkslo22026s_cblack.jpg&v=3&w=400&s=Mg9xEVANidyK-mJAK9kFQtVO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30142697
expires: Wed, 06 Mar 2024 20:37:54 GMT
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4034
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=CJB71YU_Qndc_ul3_Cs-XOj_rHsL-DbI45Rnj7Yk9DwZp8YiAnCCWz19dUUPjvzTBNF_UKmVguNTmq8ScyrNHAthfJNjcIxRw6Cjwlyx1Y9uLZIY8QHDU1Yi3NR_Q_pqQNnqiXiOTsol4J9yZmw7KyVV0W0LaWLVCyIzjgkERJtCnwhRq4yvj0qFy1ecuRdCN0coZGw456DisttSi6e1ogMp_22dnESnzDbxafpOlfnPUkP_I9tpbzoMPhF3ATm3v7IdeQ&sds=2&rev=85392&sendBeacon=true
200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=CJB71YU_Qndc_ul3_Cs-XOj_rHsL-DbI45Rnj7Yk9DwZp8YiAnCCWz19dUUPjvzTBNF_UKmVguNTmq8ScyrNHAthfJNjcIxRw6Cjwlyx1Y9uLZIY8QHDU1Yi3NR_Q_pqQNnqiXiOTsol4J9yZmw7KyVV0W0LaWLVCyIzjgkERJtCnwhRq4yvj0qFy1ecuRdCN0coZGw456DisttSi6e1ogMp_22dnESnzDbxafpOlfnPUkP_I9tpbzoMPhF3ATm3v7IdeQ&sds=2&rev=85392&sendBeacon=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=CJB71YU_Qndc_ul3_Cs-XOj_rHsL-DbI45Rnj7Yk9DwZp8YiAnCCWz19dUUPjvzTBNF_UKmVguNTmq8ScyrNHAthfJNjcIxRw6Cjwlyx1Y9uLZIY8QHDU1Yi3NR_Q_pqQNnqiXiOTsol4J9yZmw7KyVV0W0LaWLVCyIzjgkERJtCnwhRq4yvj0qFy1ecuRdCN0coZGw456DisttSi6e1ogMp_22dnESnzDbxafpOlfnPUkP_I9tpbzoMPhF3ATm3v7IdeQ&sds=2&rev=85392&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 23:39:36 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6v2dIoyhfLYaQxfu9mIH5RFo7xreToITs96pzE1ACjYZv3crkygashRWmzsXD4Qy6v15tQleCqqQAAV7OOuYiA==
content-length: 27907
x-fb-trip-id: 1904183273
date: Thu, 23 Mar 2023 23:39:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
px.owneriq.net/stas/s/igpkg3.js
200 OK 5.1 kB URL HTTP/1.1 px.owneriq.net/stas/s/igpkg3.js
IP
File type ASCII text, with very long lines (14418), with no line terminators
Hash 9987a81b5256866aeecc7ad558c2d9f0
c5046430cf9f9acb88182dc0958a4faaef00b264
e83a8f5a4533284d6819a48b0a60255b6e8708340cc8a63e88bd9e48d274600c
GET /stas/s/igpkg3.js HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5087
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 23 Mar 2023 23:39:37 GMT
Date: Thu, 23 Mar 2023 23:39:37 GMT
Connection: keep-alive
px.owneriq.net/eps?pt=igpkg3&pid=8972&uid=Q7329011862122889972J&l=true
302 Moved Temporarily 0 B URL HTTP/1.1 px.owneriq.net/eps?pt=igpkg3&pid=8972&uid=Q7329011862122889972J&l=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eps?pt=igpkg3&pid=8972&uid=Q7329011862122889972J&l=true HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=text%2Fhtml
Date: Thu, 23 Mar 2023 23:39:37 GMT
Connection: keep-alive
px.owneriq.net/noop?ct=text%2Fhtml
200 OK 20 B URL HTTP/1.1 px.owneriq.net/noop?ct=text%2Fhtml
IP
Hash 3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967
GET /noop?ct=text%2Fhtml HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 23 Mar 2023 23:39:37 GMT
Content-Length: 20
Connection: keep-alive
subjectivebeauty.com/Blog%20Designs%20and%20Layouts/icefairystreasurechest.blogspot.com/favicon.ico
404 Not Found 33 kB URL HTTP/1.1 subjectivebeauty.com/Blog%20Designs%20and%20Layouts/icefairystreasurechest.blogspot.com/favicon.ico
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 600e221798a881a286e86b8996dbefd1
4e75ea44d1474b9032117c8e5474726607c4e46d
16c49cc0147f77d18faad348cae063b18352f5607cc98484bd62452e1652b7a0
GET /Blog%20Designs%20and%20Layouts/icefairystreasurechest.blogspot.com/favicon.ico HTTP/1.1
Host: subjectivebeauty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
HTTP/1.1 404 Not Found
date: Thu, 23 Mar 2023 23:39:37 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <http://subjectivebeauty.com/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
age: 0
transfer-encoding: chunked
px.owneriq.net/j/?ref=http://icefairystreasurechest.blogspot.com/search/label/Toys&pt=igpkg3&t=f%7C%22icefairy%27s%2520Treasure%2520Chest%22&s=ba2e
302 Moved Temporarily 0 B URL HTTP/1.1 px.owneriq.net/j/?ref=http://icefairystreasurechest.blogspot.com/search/label/Toys&pt=igpkg3&t=f%7C%22icefairy%27s%2520Treasure%2520Chest%22&s=ba2e
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/?ref=http://icefairystreasurechest.blogspot.com/search/label/Toys&pt=igpkg3&t=f%7C%22icefairy%27s%2520Treasure%2520Chest%22&s=ba2e HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date: Thu, 23 Mar 2023 23:39:38 GMT
Connection: keep-alive
px.owneriq.net/noop?ct=application%2Fx-javascript
200 OK 20 B URL HTTP/1.1 px.owneriq.net/noop?ct=application%2Fx-javascript
IP
Hash 3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967
GET /noop?ct=application%2Fx-javascript HTTP/1.1
Host: px.owneriq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: application/x-javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 23 Mar 2023 23:39:38 GMT
Content-Length: 20
Connection: keep-alive
c.statcounter.com/t.php?sc_project=4577560&u1=A840FB6800754F18ADE89B0364D50F10&java=1&security=0e321959&sc_snum=1&sess=c5bd59&sc_rum_e_s=1757&sc_rum_e_e=1762&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//icefairystreasurechest.blogspot.com/search/label/Toys&t=icefairy%27s%20Treasure%20Chest&get_config=true
200 OK 111 kB URL HTTP/2 c.statcounter.com/t.php?sc_project=4577560&u1=A840FB6800754F18ADE89B0364D50F10&java=1&security=0e321959&sc_snum=1&sess=c5bd59&sc_rum_e_s=1757&sc_rum_e_e=1762&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//icefairystreasurechest.blogspot.com/search/label/Toys&t=icefairy%27s%20Treasure%20Chest&get_config=true
IP
File type JSON data\012- , ASCII text, with very long lines (336), with no line terminators
Size 111 kB (110763 bytes)
Hash de7bf40eb7a162740858251ebbd3e2aa
796df90ff05afb60ecd10d78b43872dd06167fa5
e508a44eccb2f23393035a782b6cb9bb2eff5ec67db5394eb58c51a1bdf2b223
GET /t.php?sc_project=4577560&u1=A840FB6800754F18ADE89B0364D50F10&java=1&security=0e321959&sc_snum=1&sess=c5bd59&sc_rum_e_s=1757&sc_rum_e_e=1762&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//icefairystreasurechest.blogspot.com/search/label/Toys&t=icefairy%27s%20Treasure%20Chest&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://icefairystreasurechest.blogspot.com
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 23:39:37 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc4577560.1679614777.0; SameSite=None; Secure; Expires=Tuesday, 21-Mar-2028 18:39:37 CDT; Path=/; Domain=.statcounter.com
access-control-allow-origin: http://icefairystreasurechest.blogspot.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aca83c89f01b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5302ee71fa3e150cdb8c7349c03efd9
f4bd3fafd333c5a4e376cf2f4231c665f4d3d9d3
cc7cdde20f7140802d5404b9c374fb7aa50d551e37ab9b560e48a8c476c5b2ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: ba7e025c-6706-41da-8013-90552bfa7107
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt6GklIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-3d2b7a661e1ef3bd4b8c9731;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jNW300e9Q31z_2uRbeRRIYZxNrOxXTLy3W2vB9qYZvIGGbePBcBPhQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:42:31 GMT
age: 7032
etag: "f4bd3fafd333c5a4e376cf2f4231c665f4d3d9d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:37 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 17 Mar 2024 23:39:37 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QiJhZrHvV44WWWAi_61BXHNm7onTDDZuuWLKSdcDtogNjO5YBzvQh9t5yUoIV6idvL8I1TG3NFuLrMrXno6U_SMQYaPXAUC5c-_6X0wcgUUiuwKFVzr_Q70htmGHvYvbYKWIX9hAUm0aLKjmJOSygK-Th4XrK4blffnpVPIhMo2_F26F2Oc5PqUnGdoho9ETmPo5NxbqB_7Wl4yrIqPJkNw42YrZx__QGy2UKocQ3d8VffbZgMz_5AldU7RJqK5jxe2b7FZii1rK8hCWqx4Itzc8khAI1CgzBLE0vgHWjaARD98sOlLfTDfUmyZ1dAckuNmvuz2OxmbPS4aSM62XJ8S5p659rpUqTXwVUfg3FDUEZXH-SOBlHyIKGwugCDiI779t8hS0_d_6jvTfJj1P5PdWH0cWvJRoTKYGLgdHVlVaIoPM
200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QiJhZrHvV44WWWAi_61BXHNm7onTDDZuuWLKSdcDtogNjO5YBzvQh9t5yUoIV6idvL8I1TG3NFuLrMrXno6U_SMQYaPXAUC5c-_6X0wcgUUiuwKFVzr_Q70htmGHvYvbYKWIX9hAUm0aLKjmJOSygK-Th4XrK4blffnpVPIhMo2_F26F2Oc5PqUnGdoho9ETmPo5NxbqB_7Wl4yrIqPJkNw42YrZx__QGy2UKocQ3d8VffbZgMz_5AldU7RJqK5jxe2b7FZii1rK8hCWqx4Itzc8khAI1CgzBLE0vgHWjaARD98sOlLfTDfUmyZ1dAckuNmvuz2OxmbPS4aSM62XJ8S5p659rpUqTXwVUfg3FDUEZXH-SOBlHyIKGwugCDiI779t8hS0_d_6jvTfJj1P5PdWH0cWvJRoTKYGLgdHVlVaIoPM
IP
GET /delivery/lg.php?cppv=3&cpp=QiJhZrHvV44WWWAi_61BXHNm7onTDDZuuWLKSdcDtogNjO5YBzvQh9t5yUoIV6idvL8I1TG3NFuLrMrXno6U_SMQYaPXAUC5c-_6X0wcgUUiuwKFVzr_Q70htmGHvYvbYKWIX9hAUm0aLKjmJOSygK-Th4XrK4blffnpVPIhMo2_F26F2Oc5PqUnGdoho9ETmPo5NxbqB_7Wl4yrIqPJkNw42YrZx__QGy2UKocQ3d8VffbZgMz_5AldU7RJqK5jxe2b7FZii1rK8hCWqx4Itzc8khAI1CgzBLE0vgHWjaARD98sOlLfTDfUmyZ1dAckuNmvuz2OxmbPS4aSM62XJ8S5p659rpUqTXwVUfg3FDUEZXH-SOBlHyIKGwugCDiI779t8hS0_d_6jvTfJj1P5PdWH0cWvJRoTKYGLgdHVlVaIoPM HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 23:39:36 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2849767
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.hugedomains.com/domain_profile.cfm?d=sidelinesapp.com
200 OK 0 B URL HTTP/2 www.hugedomains.com/domain_profile.cfm?d=sidelinesapp.com
IP
GET /domain_profile.cfm?d=sidelinesapp.com HTTP/1.1
Host: www.hugedomains.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://icefairystreasurechest.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 23:39:36 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Sun, 17-Mar-2024 23:39:36 GMT; path=/
site_version=HDv3; expires=Sun, 17-Mar-2024 23:39:36 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1uhadUBafEnfMYcqv%2F%2BNoXO3QqLI5MwZjOsTaAz03UKCRBW5eaSVq8xafa0RZhEFc4kKCPU5LHspVEiXnZiqYz4AZzNBNmXqF7wwaFzPIi9vP6q3KuqLimOF4J6JJ4JbBT%2FEvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aca83c1ad1d0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=ZBzjOAAGXwsKsqeMAAtZS9R-3oQClrq1TcLfxg&u=%7Clnmk59E3nI11YTTKkjKwbArIqnLBbrFiwnEDRe7Vsrg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1ZebXXvkDDWgoSV5pWFQ-pMsv4xpS32eyGHdic5DLm1wGhHkRn0VewOWgmuU5vQ6WM8Lm-4bTp6oh02kmks0hJ_QM3KRxpyNP_tKv0GKAY6UXePLCda8bLdzDzZiT_AP9x7qvuUtO8hMCjPaR6Q0A05Z_uPRpi7Hk495uorcDJErCYMWkeFwUmqd1_qcHgHpX7O0A5B_MX37CDAf8RfrbHg5HGN6OHVFI7caSj7ayU24PSrETkhVcEl5raW_-6eFKAentlXuBM67UnO0iG2sP-wR4IcepQZ8kn5khSEMl9MCiy2XksTb_APd2L1HrRH0DKV3Xc5KurRrd0Noj2KFbdu49Iu7cQ6wrT1LTRU4g4eeSP754tnBh6X2tkA42f2MAD--0plA0n3eKMPJOTMdbvONzNH5wjen6diWCyPmHsPpD64YhjMdIJkNwaC-PuhKmt6-qWZjz-_tTK1BL8Lo_Mt4YCttg4w8EGn_WdTW6xiia4Gbq_KR0IZXT9l3gdpr4Aus3_sc2eGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOKLMOOMcZIu-GYzPygXLsq1YyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0wODcyNTY3ODM2NDEyNzcwyAEJqQIKZfeuGDWyPqgDAaoEhwJP0CehXRpuMQM6Hc4aGH0ogPNh5xqCathdkzKTdyi1u0maqNrNVNESBkrsMONTsLHNx754qVACq3JMkIyv69zdD7u7MIsiea17LIdKHMBya1vTr-vl8_jcN3piRQRXRz1dWeQKk0FR90Bmo-GXFvTkqpUD9tG8zx-Vt11eeRO2TsWbHRLK7QajzbreckCOeW5VC3aQwEfiR9WXdf1XS5tRt48IeYLNrlODZV1VJymH-STWidV9kbxP8aVG_SF9Kxr5t31H_DlU_MvRm5zuvrA4qbyP9I1u8PJH91LMiIxkDnsdLv8XCaoNFbpDH6y0_H4lKxZr1YU115vtjBrC7JCft0wUZ_W0aYAG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1svdOKIvfUgkRIbtDVbbSvnITLqg%26client%3Dca-pub-0872567836412770%26adurl%3D
200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=ZBzjOAAGXwsKsqeMAAtZS9R-3oQClrq1TcLfxg&u=%7Clnmk59E3nI11YTTKkjKwbArIqnLBbrFiwnEDRe7Vsrg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1ZebXXvkDDWgoSV5pWFQ-pMsv4xpS32eyGHdic5DLm1wGhHkRn0VewOWgmuU5vQ6WM8Lm-4bTp6oh02kmks0hJ_QM3KRxpyNP_tKv0GKAY6UXePLCda8bLdzDzZiT_AP9x7qvuUtO8hMCjPaR6Q0A05Z_uPRpi7Hk495uorcDJErCYMWkeFwUmqd1_qcHgHpX7O0A5B_MX37CDAf8RfrbHg5HGN6OHVFI7caSj7ayU24PSrETkhVcEl5raW_-6eFKAentlXuBM67UnO0iG2sP-wR4IcepQZ8kn5khSEMl9MCiy2XksTb_APd2L1HrRH0DKV3Xc5KurRrd0Noj2KFbdu49Iu7cQ6wrT1LTRU4g4eeSP754tnBh6X2tkA42f2MAD--0plA0n3eKMPJOTMdbvONzNH5wjen6diWCyPmHsPpD64YhjMdIJkNwaC-PuhKmt6-qWZjz-_tTK1BL8Lo_Mt4YCttg4w8EGn_WdTW6xiia4Gbq_KR0IZXT9l3gdpr4Aus3_sc2eGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOKLMOOMcZIu-GYzPygXLsq1YyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0wODcyNTY3ODM2NDEyNzcwyAEJqQIKZfeuGDWyPqgDAaoEhwJP0CehXRpuMQM6Hc4aGH0ogPNh5xqCathdkzKTdyi1u0maqNrNVNESBkrsMONTsLHNx754qVACq3JMkIyv69zdD7u7MIsiea17LIdKHMBya1vTr-vl8_jcN3piRQRXRz1dWeQKk0FR90Bmo-GXFvTkqpUD9tG8zx-Vt11eeRO2TsWbHRLK7QajzbreckCOeW5VC3aQwEfiR9WXdf1XS5tRt48IeYLNrlODZV1VJymH-STWidV9kbxP8aVG_SF9Kxr5t31H_DlU_MvRm5zuvrA4qbyP9I1u8PJH91LMiIxkDnsdLv8XCaoNFbpDH6y0_H4lKxZr1YU115vtjBrC7JCft0wUZ_W0aYAG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1svdOKIvfUgkRIbtDVbbSvnITLqg%26client%3Dca-pub-0872567836412770%26adurl%3D
IP
GET /delivery/r/afr.php?z=ZBzjOAAGXwsKsqeMAAtZS9R-3oQClrq1TcLfxg&u=%7Clnmk59E3nI11YTTKkjKwbArIqnLBbrFiwnEDRe7Vsrg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1ZebXXvkDDWgoSV5pWFQ-pMsv4xpS32eyGHdic5DLm1wGhHkRn0VewOWgmuU5vQ6WM8Lm-4bTp6oh02kmks0hJ_QM3KRxpyNP_tKv0GKAY6UXePLCda8bLdzDzZiT_AP9x7qvuUtO8hMCjPaR6Q0A05Z_uPRpi7Hk495uorcDJErCYMWkeFwUmqd1_qcHgHpX7O0A5B_MX37CDAf8RfrbHg5HGN6OHVFI7caSj7ayU24PSrETkhVcEl5raW_-6eFKAentlXuBM67UnO0iG2sP-wR4IcepQZ8kn5khSEMl9MCiy2XksTb_APd2L1HrRH0DKV3Xc5KurRrd0Noj2KFbdu49Iu7cQ6wrT1LTRU4g4eeSP754tnBh6X2tkA42f2MAD--0plA0n3eKMPJOTMdbvONzNH5wjen6diWCyPmHsPpD64YhjMdIJkNwaC-PuhKmt6-qWZjz-_tTK1BL8Lo_Mt4YCttg4w8EGn_WdTW6xiia4Gbq_KR0IZXT9l3gdpr4Aus3_sc2eGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOKLMOOMcZIu-GYzPygXLsq1YyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi0wODcyNTY3ODM2NDEyNzcwyAEJqQIKZfeuGDWyPqgDAaoEhwJP0CehXRpuMQM6Hc4aGH0ogPNh5xqCathdkzKTdyi1u0maqNrNVNESBkrsMONTsLHNx754qVACq3JMkIyv69zdD7u7MIsiea17LIdKHMBya1vTr-vl8_jcN3piRQRXRz1dWeQKk0FR90Bmo-GXFvTkqpUD9tG8zx-Vt11eeRO2TsWbHRLK7QajzbreckCOeW5VC3aQwEfiR9WXdf1XS5tRt48IeYLNrlODZV1VJymH-STWidV9kbxP8aVG_SF9Kxr5t31H_DlU_MvRm5zuvrA4qbyP9I1u8PJH91LMiIxkDnsdLv8XCaoNFbpDH6y0_H4lKxZr1YU115vtjBrC7JCft0wUZ_W0aYAG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1svdOKIvfUgkRIbtDVbbSvnITLqg%26client%3Dca-pub-0872567836412770%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 23:39:36 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CJB71YU_Qndc_ul3_Cs-XOj_rHsL-DbI45Rnj7Yk9DwZp8YiAnCCWz19dUUPjvzTBNF_UKmVguNTmq8ScyrNHAthfJNjcIxRw6Cjwlyx1Y9uLZIY8QHDU1Yi3NR_Q_pqQNnqiXiOTsol4J9yZmw7KyVV0W0LaWLVCyIzjgkERJtCnwhRq4yvj0qFy1ecuRdCN0coZGw456DisttSi6e1ogMp_22dnESnzDbxafpOlfnPUkP_I9tpbzoMPhF3ATm3v7IdeQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 93697264
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:37 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sun, 17 Mar 2024 23:39:37 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js?cb=31073317
200 OK 0 B URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js?cb=31073317
IP
GET /gpt/pubads_impl_2023032101.js?cb=31073317 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://icefairystreasurechest.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 136519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 14:48:33 GMT
expires: Thu, 21 Mar 2024 14:48:33 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 21 Mar 2023 08:35:57 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 118262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:39:37 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sun, 17 Mar 2024 23:39:37 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
142.250.74.65
178.250.0.139
104.20.219.77
91.228.74.208
157.240.200.35
31.13.72.12
95.101.11.115