935soniasullivannews.blogspot.com/2022/09/antonio-costa-danca.html
301 Moved Permanently 211 B URL HTTP/1.1 935soniasullivannews.blogspot.com/2022/09/antonio-costa-danca.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 585d12900c9e4f5d771953b77323cae7
3e736d9ee36104481d1a4dcd3f4e5686194f62b8
8e046e428e88320fe38da07490cc27a0c6c066165c8f3562df2504b51b1acb85
GET /2022/09/antonio-costa-danca.html HTTP/1.1
Host: 935soniasullivannews.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://935soniasullivannews.blogspot.com/2022/09/antonio-costa-danca.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 11:37:51 GMT
Expires: Wed, 07 Dec 2022 11:37:51 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 211
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3657
Expires: Wed, 07 Dec 2022 12:38:48 GMT
Date: Wed, 07 Dec 2022 11:37:51 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:51 GMT
Last-Modified: Wed, 07 Dec 2022 10:32:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18755
Expires: Wed, 07 Dec 2022 16:50:26 GMT
Date: Wed, 07 Dec 2022 11:37:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5PCKxbgtLGuq37OIXu76Fonv/faZtpnwJCiB8vcawdzGysQ7Z6au9Hs2Tdwt+ojj5guUkV7gPgc=
x-amz-request-id: 71ZQTAJGHBVZ908R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 10:49:20 GMT
age: 2911
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 11:18:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1145
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cbcd8c53639a6546d9152b265b407f1f
f166ecb2a63e819c03ba476d2640a0b27838d7d4
3e69252575b020da03c0cf3b5734084cf9d73f44ecfa743b00e2976c53013b66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 11:37:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 11:11:20 GMT
cache-control: public,max-age=3600
age: 1592
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3936
Cache-Control: max-age=167674
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:12:26 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nHuHogEfgXhq/PN+7fbCnw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xAq/nhmkFMNrZ1QbxopBo3E8S/I=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cbcd8c53639a6546d9152b265b407f1f
f166ecb2a63e819c03ba476d2640a0b27838d7d4
3e69252575b020da03c0cf3b5734084cf9d73f44ecfa743b00e2976c53013b66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Last-Modified: Wed, 07 Dec 2022 10:38:10 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 21:47:55 GMT
expires: Wed, 06 Dec 2023 21:47:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 21:53:25 GMT
content-type: text/css
age: 49797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: text/javascript
age: 78827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:00:17 GMT
expires: Tue, 05 Dec 2023 21:00:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 139055
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
935soniasullivannews.blogspot.com/2022/09/antonio-costa-danca.html
200 OK 57 kB URL HTTP/2 935soniasullivannews.blogspot.com/2022/09/antonio-costa-danca.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6967)
Hash 9ca36c9205dbc5091752e211ab069c7b
6905738cf61bb419c24af716fee461e0e49012b9
d2f350461a9c6e8a75a076f68cc1f77674a1d50058d75e54950fca3d9870a39b
GET /2022/09/antonio-costa-danca.html HTTP/1.1
Host: 935soniasullivannews.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 07 Dec 2022 11:37:52 GMT
date: Wed, 07 Dec 2022 11:37:52 GMT
cache-control: private, max-age=0
last-modified: Tue, 06 Dec 2022 03:06:24 GMT
etag: W/"0a4c0fba361591315a475c1c00a9a3b236b6e5ba54198c9278dca9ae0928dc44"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 57204
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A400%2C900%2C700&ver=1.0.0
200 OK 663 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C900%2C700&ver=1.0.0
IP
Hash 91dd82f59191219311a69f04b2f789f6
5546bbe510f7a20671b1bde7faf87f7db5a428a5
562bb2bddccbb1b49112ebbe671d08896bd5d85c654ebed7083ac6a4458a6421
GET /css?family=Lato%3A400%2C900%2C700&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 11:37:52 GMT
date: Wed, 07 Dec 2022 11:37:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
IP
Hash ba79b6b17ffb170257d58e28e5843d30
71e29ce686ddcb0b1cf301fdc74c3eab4381e46f
07206d25dc2bd22954f2c205163a246db0c22aa16c6bc8429a97662c9b237882
GET /css?family=Source+Sans+Pro:400,700,700italic,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 11:37:52 GMT
date: Wed, 07 Dec 2022 11:37:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3222695235-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3222695235-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 9f2f688aec73940034a0266a2a6266da
af9875c8064027204827b311250191c87e55366e
a78a0cfbae13cfc525657e31c2033d5c0281c5fbec2cf3e493ff75a7e097a02a
GET /static/v1/widgets/3222695235-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56718
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 02:14:06 GMT
expires: Thu, 07 Dec 2023 02:14:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 00:52:16 GMT
content-type: text/javascript
age: 33826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Last-Modified: Wed, 07 Dec 2022 10:38:10 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 8b9dfba0080584dc34232315a4cb16b1
4a13da22d80871c18f1c3e7b2566d88d6fefa5d6
7edfbca1ae39a3de2752fac6b36c385461a5549bfbfd1ec55eb928d3563266e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5174
Cache-Control: max-age=132946
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Etag: "638fcb2c-117"
Expires: Fri, 09 Dec 2022 00:33:38 GMT
Last-Modified: Tue, 06 Dec 2022 23:07:24 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a09c1e3c4026f5558c9a4e294408096d
ca5d51a9e4dbacd3d4f0fd46c991790b8c64c10f
f7ad8d690e7a8600f0972864c71250c0a430c73ce78abb0f49bebcbdcefeae38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7AD8D690E7A8600F0972864C71250C0A430C73CE78ABB0F49BEBCBDCEFEAE38"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8616
Expires: Wed, 07 Dec 2022 14:01:29 GMT
Date: Wed, 07 Dec 2022 11:37:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3-testonly.googleusercontent.com/blogger_img_proxy/ANbyha2DaboRdJgMpLScKxyaU2T-bfw10oBNB_X82DmjNBC25RQK0Htw5KGU4ZMODP1gRcD9MBLZVvkdK8iv6gaKaZba8MpGxjw2up4Fzd0bDYtVCA
404 Not Found 1.7 kB URL HTTP/2 lh3-testonly.googleusercontent.com/blogger_img_proxy/ANbyha2DaboRdJgMpLScKxyaU2T-bfw10oBNB_X82DmjNBC25RQK0Htw5KGU4ZMODP1gRcD9MBLZVvkdK8iv6gaKaZba8MpGxjw2up4Fzd0bDYtVCA
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 90d33c129e5863a90d7712334abfcdb0
490f4a862cb3a431e27f27f1e38bc469889291fe
3a8f523300dabc45521557dea19908cd2ce3990f9435c2f74d329bccafecb6f4
GET /blogger_img_proxy/ANbyha2DaboRdJgMpLScKxyaU2T-bfw10oBNB_X82DmjNBC25RQK0Htw5KGU4ZMODP1gRcD9MBLZVvkdK8iv6gaKaZba8MpGxjw2up4Fzd0bDYtVCA HTTP/1.1
Host: lh3-testonly.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:37:53 GMT
server: sffe
content-length: 1693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
segopecelus.github.io/banner300.js
200 OK 257 B URL HTTP/2 segopecelus.github.io/banner300.js
IP
Hash a4de53eb697db0118c76e222f37c0dc4
abedb2654874a1d8dc81448e092cc5bd1cf67ab0
d1b8ee39d89eea1245517a93644fead9f889ef815e2aa5cc6c6498a0f43eb223
GET /banner300.js HTTP/1.1
Host: segopecelus.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Tue, 22 Nov 2022 22:04:51 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"637d4783-161"
expires: Wed, 07 Dec 2022 11:47:52 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: AD74:7D31:4039E1:42964D:63907B10
accept-ranges: bytes
date: Wed, 07 Dec 2022 11:37:53 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1669-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670413073.928177,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 63972e7fa3016ed53cb4e5bd50aa82ee3bc01301
content-length: 257
X-Firefox-Spdy: h2
segopecelus.github.io/stats-trending.js
200 OK 295 B URL HTTP/2 segopecelus.github.io/stats-trending.js
IP
Hash 525482081c83576d569bb6846c23f81a
78d50ab69a35c6d3912c024db4106eb924723073
6b019e4d7aa19998fd97f1919b2046920c87c36a240808326e42a10b57dbc501
GET /stats-trending.js HTTP/1.1
Host: segopecelus.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Tue, 22 Nov 2022 22:04:51 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"637d4783-1f6"
expires: Wed, 07 Dec 2022 11:47:53 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 7CB4:7F9F:40EFE1:4357CD:63907B10
accept-ranges: bytes
date: Wed, 07 Dec 2022 11:37:53 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1669-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670413073.934923,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 675ee2d9f0a267cc377991b24c274fbc6f3d0342
content-length: 295
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:11:08 GMT
expires: Wed, 06 Dec 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 66405
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 515311
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:00:18 GMT
expires: Fri, 01 Dec 2023 08:00:18 GMT
cache-control: public, max-age=31536000
age: 531455
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash ad828fc6bdc9b2e6b0760bb48077ab5c
30c26ebec63fdb366d6348cba18da6b1a802de74
875e93aac7873524bcd49bcab9e0b4f8524918673a709aa83032cb45b2ba6f20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1227
Cache-Control: max-age=135477
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "638fe47b-116"
Expires: Fri, 09 Dec 2022 01:15:50 GMT
Last-Modified: Wed, 07 Dec 2022 00:55:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:49 GMT
expires: Thu, 30 Nov 2023 19:28:49 GMT
cache-control: public, max-age=31536000
age: 576544
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.maria.pt/wp-content/uploads/fly-images/385124/Ant%C3%B3nio-Costa-dest-412x324-c.jpg
200 OK 23 kB URL HTTP/2 www.maria.pt/wp-content/uploads/fly-images/385124/Ant%C3%B3nio-Costa-dest-412x324-c.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 412x324, components 3\012- data
Hash 1abfbc205fb1d46ff0f08fa8786c63cd
0918931233dbd8c6ee78f54e01dc668d922e102e
822fc3b164fc9733e9b967651412521c269ab37fa4935e6ff10c61dc2cfae79c
GET /wp-content/uploads/fly-images/385124/Ant%C3%B3nio-Costa-dest-412x324-c.jpg HTTP/1.1
Host: www.maria.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: image/jpeg
content-length: 23063
etag: "5a17-5ef3a1d3263b7"
x-stx-level: default-as-is
x-stx-fetch: Wed, 07 Dec 2022 11:37:53 GMT
x-stx-custom: DEFAULTS
stx-be-ttl: 3600.000
x-stx-cdn: MISS
x-stx-ttl: 3600.000
x-stx-now: Wed, 07 Dec 2022 11:37:53 GMT
x-stx-type: OTHER
last-modified: Wed, 07 Dec 2022 11:37:48 GMT
strict-transport-security: max-age=15768000
x-forwarded-proto: https
cf-cache-status: MISS
expires: Wed, 07 Dec 2022 15:37:53 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8c9e95d1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash d8930f0cfab78a62f5695ccb45352ce0
1de8ba441851d0c3836cd2a75383ba03d03a55ae
017c3f9c56bd02e43bb11c33cf7d0c59d107bf36b326ba610af73e395d795e72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1108
Cache-Control: max-age=114093
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "638f916a-117"
Expires: Thu, 08 Dec 2022 19:19:26 GMT
Last-Modified: Tue, 06 Dec 2022 19:00:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
200 OK 67 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 61d3c0c0d35b4b4403a686057ae23869
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775cf8ca8985b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c54bb6c9aa6983f9d708504263d9fcee
0ed41a13d4667f443995517e93bc07d3aec1ef71
2d28c39b6653286542c3c2e9a13a1db3278982fc20e2b07eee5b45d4fb06180b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3338
Cache-Control: max-age=158425
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "639035e0-118"
Expires: Fri, 09 Dec 2022 07:38:18 GMT
Last-Modified: Wed, 07 Dec 2022 06:42:40 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 16 kB IP
Hash 219a0e81b0deeed96c41cd18053d168f
64bb0b0e6935a37f9b48c29b0731dc21824a40ce
3bfe6c0302df61d1f4aec3a8af2e461031fb3ffd9c658d052169a9b126446fa0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
snapwidget.com/embed/956730
200 OK 33 kB URL HTTP/2 snapwidget.com/embed/956730
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3087)
Hash 6c9cc7093256589cbb0f2b0904ee4a94
d1fea4e3e28d2e9b07602004861339cfaf163a41
ccbdc715a516c191b3f0fcbb6101a6f60afbda1c98e48a8ca205c1f5d9cad9f7
GET /embed/956730 HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=300
expires: Wed, 07 Dec 2022 11:39:29 GMT
x-robots-tag: all
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 11:37:29 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5eurErNMidbFuz7eH%2Fy5l224DDqBuj%2BsMj%2FdxBRyVGJBTsf7JjBll6ud6CVi2JYt0FFOAHwQQopo4RRlKISSVChr2FW%2BWfDbk5uzzYHaykWnxXHYcH5IXxjqf%2BObsDZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775cf8cabc5a1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.hiper.fm/wp-content/uploads/2022/09/jorge-corrula.jpg?mrf-size=m
200 OK 13 kB URL HTTP/2 www.hiper.fm/wp-content/uploads/2022/09/jorge-corrula.jpg?mrf-size=m
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f8512a9ccead93993278af4d25389c0
225c57c27da201ed1c071b003a3b05b05c87dc56
49b19fb1d2db9c153dda833de681a9d87fa5519a3fc6eeb420213dcc5eab2c60
GET /wp-content/uploads/2022/09/jorge-corrula.jpg?mrf-size=m HTTP/1.1
Host: www.hiper.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "U6NbbR7u7C7XTq+bA2O28a3b9JttmDYuuUCEAwtbXiY"
fastly-io-info: ifsz=94572 idim=1200x675 ifmt=jpeg ofsz=13062 odim=480x270 ofmt=webp
fastly-stats: io=1
server: nginx
x-b3-traceid-primal: 54001145c42042eb89c52bcb9cddfe5b
mrf-tech: CDN
accept-ranges: bytes
date: Wed, 07 Dec 2022 11:37:53 GMT
x-served-by: cache-lcy-eglc8600032-LCY, cache-bma1672-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1670413073.999882,VS0,VE357
cache-control: public, max-age=8640000, stale-if-error=2592000
vary: Accept, User-Agent
x-b3-traceid: 54001145c42042eb89c52bcb9cddfe5b
mrf-cache-status: MM
content-type: image/webp
content-length: 13062
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bordalo.observador.pt/v2/q:85/rs:fill:2000:1126/c:2000:1126:nowe:0:207/plain/https://s3.observador.pt/wp-content/uploads/2022/08/24132631/39032220.jpg
200 OK 214 kB URL HTTP/2 bordalo.observador.pt/v2/q:85/rs:fill:2000:1126/c:2000:1126:nowe:0:207/plain/https://s3.observador.pt/wp-content/uploads/2022/08/24132631/39032220.jpg
IP
File type JPEG image data, baseline, precision 8, 2000x1126, components 3\012- data
Size 214 kB (214233 bytes)
Hash 93ba155a6e13777c743fc5008b828807
686a3a86c4f33ea95aa8da451816567371b3f460
af6808f232975979e4c8d52086932b02c5e1793fbe0b86e3bf230a140a3b5f37
GET /v2/q:85/rs:fill:2000:1126/c:2000:1126:nowe:0:207/plain/https://s3.observador.pt/wp-content/uploads/2022/08/24132631/39032220.jpg HTTP/1.1
Host: bordalo.observador.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: image/jpeg
content-length: 214233
cache-control: public, max-age=31536000
content-disposition: inline; filename="39032220.jpg"
expires: Wed, 07 Dec 2022 12:37:53 GMT
x-country: NO
x-proudly-served-by: cordelia
x-proudly-transformed-with: bordalo-imgproxy
x-request-id: KMxGqZ_2ZMpJ6JhM0zWsw
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bQaEwzVIioCZtfhC6pTJwoEXvjKVXive3FHpn_l_-ADp14FxA-9-XA==
cf-cache-status: MISS
last-modified: Wed, 07 Dec 2022 11:37:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8XXlCkFHWp8we4NBNRbQe9Hr%2Fg6LazowL2KXnwATB5Gqa%2BPvQg2ID2Bx9hPR017LFM3%2FI3plpdOFxfZCaT28VNy6C979ecpJ8kZfsVViWpQ07tttqLikQiKte2VYG4pVMOFwcrabQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8ca29c4b512-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8938030ebccfa479bbb904a0d4a08f8b
f970fd51fe23c029847eabf98955d434da85e1f3
5e9bd2f71f72de984f868bc58fb06b0c25be99daf5af4d717e0c8de093c9be5e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:37:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 18:59:43 GMT
Expires: Tue, 13 Dec 2022 18:59:42 GMT
Etag: "f970fd51fe23c029847eabf98955d434da85e1f3"
Cache-Control: max-age=544308,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775cf8cb5f9b0b39-OSL
snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js
200 OK 6.9 kB URL HTTP/2 snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js
IP
File type ASCII text, with very long lines (2529), with no line terminators
Hash 96845613c4031eb06ff0bac3f99fb378
d0cba27905bd7ab9b11ae097b6a1460ad3cb2998
c38f64183a895bbc1e29ed2ff8403b0da460a23b8c077e85e79acda3eca8e8a7
GET /js/embed.vendor.min.2f17f0b14ee46c5a.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"635d1897-9e1"
last-modified: Sat, 29 Oct 2022 12:12:07 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1344491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N79Vl778Sxfm4C%2BZfCOghb6epWF0GRz7cBAm7FOdartVtgUWFdULvRm0MHrdQakeqzMrqXfVo5ul%2Bdl%2B4z%2FirrgyVNn5d4VUkPBxYkBEkYcAxqLtN68uU2QL1BWVT07l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775cf8cbbd9c1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
snapwidget.com/cdn-cgi/rum?
204 No Content 0 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 2795
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 11:37:53 GMT
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 775cf8cdaf9e1bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 9.9 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
File type ASCII text, with very long lines (17137)
Hash dd46e46f50102d765730597077a9d159
596435599babb3bc8dd41b32f538a732fc9a2821
08ba7dd196f8556f015ccdcfafd8c39924f6b06ae21f521c8f8e580ee97d38a2
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8cbfd3cb529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ac7e50e8f6faf955ed17cf5867c066d
1c1e9661e30aee9e7e410cf4ac3441b75f304aaf
632b62bff23a56dc8805601797fcc4da878b88ec120ab345c54548fac3b9fbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4405
Cache-Control: max-age=155198
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "6390251a-1d7"
Expires: Fri, 09 Dec 2022 06:44:31 GMT
Last-Modified: Wed, 07 Dec 2022 05:31:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ac7e50e8f6faf955ed17cf5867c066d
1c1e9661e30aee9e7e410cf4ac3441b75f304aaf
632b62bff23a56dc8805601797fcc4da878b88ec120ab345c54548fac3b9fbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2310
Cache-Control: max-age=153103
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "6390251a-1d7"
Expires: Fri, 09 Dec 2022 06:09:36 GMT
Last-Modified: Wed, 07 Dec 2022 05:31:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ac7e50e8f6faf955ed17cf5867c066d
1c1e9661e30aee9e7e410cf4ac3441b75f304aaf
632b62bff23a56dc8805601797fcc4da878b88ec120ab345c54548fac3b9fbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4405
Cache-Control: max-age=155198
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "6390251a-1d7"
Expires: Fri, 09 Dec 2022 06:44:31 GMT
Last-Modified: Wed, 07 Dec 2022 05:31:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ac7e50e8f6faf955ed17cf5867c066d
1c1e9661e30aee9e7e410cf4ac3441b75f304aaf
632b62bff23a56dc8805601797fcc4da878b88ec120ab345c54548fac3b9fbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2310
Cache-Control: max-age=153103
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "6390251a-1d7"
Expires: Fri, 09 Dec 2022 06:09:36 GMT
Last-Modified: Wed, 07 Dec 2022 05:31:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://draft.blogger.com/
Origin: https://draft.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://draft.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 11:37:53 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+891; expires=Fri, 06-Dec-2024 11:37:53 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 11:37:53 GMT
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c760bf273c0ad10efd0aaf607839ff6
86291e2a718ebd35126c2988eef711716cb727db
0484bb904ac3569ef157d232c8b0fab6e2327457c43b77653e7d11830eeaf3a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0484BB904AC3569EF157D232C8B0FAB6E2327457C43B77653E7D11830EEAF3A6"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7485
Expires: Wed, 07 Dec 2022 13:42:38 GMT
Date: Wed, 07 Dec 2022 11:37:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ac7e50e8f6faf955ed17cf5867c066d
1c1e9661e30aee9e7e410cf4ac3441b75f304aaf
632b62bff23a56dc8805601797fcc4da878b88ec120ab345c54548fac3b9fbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4405
Cache-Control: max-age=155198
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "6390251a-1d7"
Expires: Fri, 09 Dec 2022 06:44:31 GMT
Last-Modified: Wed, 07 Dec 2022 05:31:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://draft.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://draft.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 07 Dec 2022 11:37:53 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=LnM34nsFAiRXsSh8t9VhoE4AY-36Y7QUKIw2av01PSiBXRdy8dFOZtNYbihiPGE8IxjML9tNDAfbi7M26rtx1sXnl1cy-rQo_6D9Eg3v33w9fUST5vO1l9Bq-O9hK-SbcGAr-nBLExS42AY6fKJAtCsrXH5l6B1Z_6ShiHcoFtw; expires=Thu, 08-Jun-2023 11:37:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+557; expires=Fri, 06-Dec-2024 11:37:53 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 11:37:53 GMT
X-Firefox-Spdy: h2
scontent.cdninstagram.com/v/t51.2885-15/269751951_277845444315548_3618974636877083108_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHwyf9ST6KTSa4NFnWyNwVjquLJe-1AOJ2q4sl77UA4nVhF9E7xOI5zWX0-2_sfUCY&_nc_ohc=T_xAoRXpfacAX99i63s&_nc_oc=AQnwpSkP2__GqQ22oN4wRcuZ14embRwyME796QO5C68CW8BCXu0I2Us_LTR0qMfD7gA&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfCz5l6O9bowrvgrA07FeunKicCCt8hw38G3dfsUh0pUvw&oe=63960A67
200 OK 198 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/269751951_277845444315548_3618974636877083108_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHwyf9ST6KTSa4NFnWyNwVjquLJe-1AOJ2q4sl77UA4nVhF9E7xOI5zWX0-2_sfUCY&_nc_ohc=T_xAoRXpfacAX99i63s&_nc_oc=AQnwpSkP2__GqQ22oN4wRcuZ14embRwyME796QO5C68CW8BCXu0I2Us_LTR0qMfD7gA&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfCz5l6O9bowrvgrA07FeunKicCCt8hw38G3dfsUh0pUvw&oe=63960A67
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 198 kB (198291 bytes)
Hash 864f7647d5439c9c330c9331ea94bf0c
fa6395a4b4fe5f92ffb999f3d801a650c3fe2c36
4cdaed13602d43c54018b0b91b75b33b48749d8ec92aa7c673337ce990815c56
GET /v/t51.2885-15/269751951_277845444315548_3618974636877083108_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHwyf9ST6KTSa4NFnWyNwVjquLJe-1AOJ2q4sl77UA4nVhF9E7xOI5zWX0-2_sfUCY&_nc_ohc=T_xAoRXpfacAX99i63s&_nc_oc=AQnwpSkP2__GqQ22oN4wRcuZ14embRwyME796QO5C68CW8BCXu0I2Us_LTR0qMfD7gA&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfCz5l6O9bowrvgrA07FeunKicCCt8hw38G3dfsUh0pUvw&oe=63960A67 HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 19 Dec 2021 15:39:33 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 549129686
x-needle-checksum: 3585315655
content-digest: adler32=3585315655
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 198291
x-fb-trip-id: 2011651281
date: Wed, 07 Dec 2022 11:37:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent.cdninstagram.com/v/t51.2885-15/244052366_242723337818957_487001981621570713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEtaTgkZ8wXBlu-YL4c8VuVEAx6B4XSJkcQDHoHhdImR3AAm9zgV6zDOYIzm9CiYu0&_nc_ohc=oX30RfuMgm0AX-PqQN5&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfBqT6AWb7JbAw8S0gThuIRCxmLjl2WjDgr72SRsEjkfTg&oe=63954D5F
200 OK 173 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/244052366_242723337818957_487001981621570713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEtaTgkZ8wXBlu-YL4c8VuVEAx6B4XSJkcQDHoHhdImR3AAm9zgV6zDOYIzm9CiYu0&_nc_ohc=oX30RfuMgm0AX-PqQN5&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfBqT6AWb7JbAw8S0gThuIRCxmLjl2WjDgr72SRsEjkfTg&oe=63954D5F
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 173 kB (172726 bytes)
Hash 302dae2eb8ddcd13f322a4d485960049
f8e0419f41a234335029d49410dc7fc56524da2d
b3f40f0428d938013319a075526d995822884ebb9bdb1c1368a9ab50cee29a5b
GET /v/t51.2885-15/244052366_242723337818957_487001981621570713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEtaTgkZ8wXBlu-YL4c8VuVEAx6B4XSJkcQDHoHhdImR3AAm9zgV6zDOYIzm9CiYu0&_nc_ohc=oX30RfuMgm0AX-PqQN5&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfBqT6AWb7JbAw8S0gThuIRCxmLjl2WjDgr72SRsEjkfTg&oe=63954D5F HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 01 Oct 2021 10:43:36 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 388708087
x-needle-checksum: 2911320566
content-digest: adler32=2911320566
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 172726
x-fb-trip-id: 2011651281
date: Wed, 07 Dec 2022 11:37:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a09c1e3c4026f5558c9a4e294408096d
ca5d51a9e4dbacd3d4f0fd46c991790b8c64c10f
f7ad8d690e7a8600f0972864c71250c0a430c73ce78abb0f49bebcbdcefeae38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7AD8D690E7A8600F0972864C71250C0A430C73CE78ABB0F49BEBCBDCEFEAE38"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8616
Expires: Wed, 07 Dec 2022 14:01:29 GMT
Date: Wed, 07 Dec 2022 11:37:53 GMT
Connection: keep-alive
scontent.cdninstagram.com/v/t51.2885-15/308267587_1281003269393015_7290580284912778718_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEkK2fZW4YX1Oz0cVcW1Hck447gxrJHrr3jjuDGskeuveto3owNDjcYlKwyp9fHah4&_nc_ohc=Utl_A6_U-m4AX9WrhnM&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfAuFIOhyGsxnXfWAEHPQXIBIFPKDejjrcWb44wsnaI4vg&oe=63949F8C
200 OK 204 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/308267587_1281003269393015_7290580284912778718_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEkK2fZW4YX1Oz0cVcW1Hck447gxrJHrr3jjuDGskeuveto3owNDjcYlKwyp9fHah4&_nc_ohc=Utl_A6_U-m4AX9WrhnM&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfAuFIOhyGsxnXfWAEHPQXIBIFPKDejjrcWb44wsnaI4vg&oe=63949F8C
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 204 kB (204501 bytes)
Hash 45b55621e1551f8c09296be0ae3dfb42
d6b177f296013372ddf9cbe20f0faa4171c4fc40
619a654c895bbd3f87aaa1836f505d62ba538ce1e8c8cec224eb52e6f9b62e98
GET /v/t51.2885-15/308267587_1281003269393015_7290580284912778718_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEkK2fZW4YX1Oz0cVcW1Hck447gxrJHrr3jjuDGskeuveto3owNDjcYlKwyp9fHah4&_nc_ohc=Utl_A6_U-m4AX9WrhnM&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfAuFIOhyGsxnXfWAEHPQXIBIFPKDejjrcWb44wsnaI4vg&oe=63949F8C HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 23 Sep 2022 11:37:04 GMT
content-type: image/jpeg
x-needle-checksum: 3473014402
content-digest: adler32=3473014402
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 204501
x-fb-trip-id: 2011651281
date: Wed, 07 Dec 2022 11:37:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 07 Dec 2022 11:37:53 GMT
date: Wed, 07 Dec 2022 11:37:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4ac7e50e8f6faf955ed17cf5867c066d
1c1e9661e30aee9e7e410cf4ac3441b75f304aaf
632b62bff23a56dc8805601797fcc4da878b88ec120ab345c54548fac3b9fbea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2310
Cache-Control: max-age=153103
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Etag: "6390251a-1d7"
Expires: Fri, 09 Dec 2022 06:09:36 GMT
Last-Modified: Wed, 07 Dec 2022 05:31:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
snapwidget.com/js/embed.main.min.b61fafc5de1ae792.js
200 OK 228 kB URL HTTP/2 snapwidget.com/js/embed.main.min.b61fafc5de1ae792.js
IP
File type ASCII text, with very long lines (2862), with no line terminators
Size 228 kB (227740 bytes)
Hash da8ed990964d6ac1f66254c9b51c6357
201c78d239a1624b99b64b597f1fa5bb89ead16a
cdb736a340688344d291d571d70d4ecbee25604958ce0075100039be26780775
GET /js/embed.main.min.b61fafc5de1ae792.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"635d18e2-b2e"
last-modified: Sat, 29 Oct 2022 12:13:22 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1361103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZVXfhlDQFKgWedynoZ1yL6%2FPh8G9rVynfonZl0eI2Rt8%2FFJhGd63NFysCJTOs2huCJ9weKy85dMJUCBex5%2BsELKnKBokG2ukBQIU7Dek%2F540Ebm2a8UtfcSr8lgvWJG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775cf8cbbd9f1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
200 OK 198 kB URL HTTP/2 snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
IP
File type ASCII text, with very long lines (15866)
Size 198 kB (198149 bytes)
Hash 6554b75728a777f0e99ddedea17c51ae
8546f849e3846438faf6fd4e57833ae034cd431e
68a3395cbbf2a44d1db3d20ad7c214b2b399786aef825f43f490be8f3fa2e95a
GET /stylesheets/embed.style.min.307799cd3bc5b2ee.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=15975
etag: W/"635d1897-3e67"
last-modified: Sat, 29 Oct 2022 12:12:07 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1827989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMsVo4gX%2FxxYQ9baIhHqKQQdM3sw%2Ferpc7KQevHetGPC2%2FEyG8tMX9jXKsOwIloEPzzaM%2F3o3vlNW3iY%2FAijhFqpbBUhMCLubOGmGqcN%2B9fXPTiNcASugQUG6awDin8q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775cf8cbbd931bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
scontent.cdninstagram.com/v/t51.2885-15/306772431_2173143222863449_7278280663831954741_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEvG70__E4nLlFfvqCA_YY-sSArlx7buROxICuXHtu5E7rLk5_pOCpdAL5iLzoJYoM&_nc_ohc=kqRxNCkHFkAAX-6tZX2&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfCQDUc07ZFOH7Xr_fYoFOikNROgkuKF2RLdz1Iax0JRmw&oe=6394A072
200 OK 201 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/306772431_2173143222863449_7278280663831954741_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEvG70__E4nLlFfvqCA_YY-sSArlx7buROxICuXHtu5E7rLk5_pOCpdAL5iLzoJYoM&_nc_ohc=kqRxNCkHFkAAX-6tZX2&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfCQDUc07ZFOH7Xr_fYoFOikNROgkuKF2RLdz1Iax0JRmw&oe=6394A072
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 201 kB (201172 bytes)
Hash fed02588e27720fe9728e82af2048f69
257a51910e1536803fdea6c2a4ad58f89df9243e
9f6eb68aaff795ccd01dc5e0eb2d128321d763c7883c560b08728c7fea5e2d7f
GET /v/t51.2885-15/306772431_2173143222863449_7278280663831954741_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEvG70__E4nLlFfvqCA_YY-sSArlx7buROxICuXHtu5E7rLk5_pOCpdAL5iLzoJYoM&_nc_ohc=kqRxNCkHFkAAX-6tZX2&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AfCQDUc07ZFOH7Xr_fYoFOikNROgkuKF2RLdz1Iax0JRmw&oe=6394A072 HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 14 Sep 2022 00:44:10 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 12436044
x-needle-checksum: 2397077507
content-digest: adler32=2397077507
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 201172
x-fb-trip-id: 2011651281
date: Wed, 07 Dec 2022 11:37:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7480
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 11:37:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7480
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 11:37:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7480
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 11:37:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9f7b9c77a99173619ee85d0cfa8e2f8
05ba0fab4533b9837dd8558ffa5eb168e974d2b3
17184aca15041d2770fe14397fc0ab87e5f8e9f910b557031ba7fbf1349b0b9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 04d9e95d-563e-4258-934e-add82f95a638
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGysEDmIAMFSIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851aa-426e37fb562dc25b3449311b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RspslnJzOcAHAL--VTgFJkFxb1PvLM6OHJmJUsdOKocI5ZPmJSLdoA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:16:43 GMT
age: 15670
etag: "05ba0fab4533b9837dd8558ffa5eb168e974d2b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7480
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 11:37:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 53299
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FjScmvs74slr4Mr8vhQLRNh-88KqMx4L1FwNKdBwbUUPDuu1ivOuoQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:47:20 GMT
age: 49833
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 11102
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 48960
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 30132
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
Origin: https://draft.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 06:50:11 GMT
expires: Thu, 07 Dec 2023 06:50:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 17262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.highperformancedisplayformat.com/63ab83c16989526b5e066846a849db42/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/63ab83c16989526b5e066846a849db42/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 2d70de6eafc6da3abfcd8341aeb64ec5
a19e1026e37af5af63ebbf1ca5f043cc1643fcec
92cb62ec3a3d71986eea7fcdbdbc32d7277f32a288e9fca5d7264e37e40380be
Analyzer Verdict Alert quad9 Sinkholed
GET /63ab83c16989526b5e066846a849db42/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:37:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ce1add9b95ce7c389e1eb72555c95af3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 516530dfb96f8159efb0f14328ce3160
1044be93f8db8effc2cdc206513eaa7b7ad174c4
007b769ea6e03d694765abb34189093b55186a7c938de973992bf00d57c025c4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 11:37:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 21:33:00 GMT
Expires: Wed, 07 Dec 2022 21:33:00 GMT
ETag: "1044be93f8db8effc2cdc206513eaa7b7ad174c4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c2bc646545bfb8251d6d5061622e92f9
b14bf36b5bc259fe2429b8521f73f14703195fba
521f345ee743d506ed3b636023dbd6942238d94d7a0dbda7575c15eb659edfb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96091
Date: Wed, 07 Dec 2022 11:37:54 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 14:19:25 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kpEh8OLMw7ivE8AfcGoy-CDfwTz1WNl2EEdgQKcjGL13H9KPjXqEuw==
Age: 2901
i.ytimg.com/vi/oNpZnD5Fujs/hqdefault.jpg
200 OK 24 kB URL HTTP/2 i.ytimg.com/vi/oNpZnD5Fujs/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash b23035803fc807891144024be4549979
14906141184958b7d547310cb79b7f045d040b13
a415056c36bc419bc85e51c38fc3afd97f16d5f986c9dbec68957fcef8bfde47
GET /vi/oNpZnD5Fujs/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 24058
date: Wed, 07 Dec 2022 11:37:54 GMT
expires: Wed, 07 Dec 2022 13:37:54 GMT
cache-control: public, max-age=7200
etag: "1619361240"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 8b3a8479a00bb4f25ce0903dd8640c67
778acf6022f4a8a23aa5c62b0388ca4fbda7933c
b9ac4a6ba779db9cbe949e009893a61802f3020d3f6cda0ccc11439d4dd79333
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://935soniasullivannews.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=b5092e20-aa8e-4d15-8349-b34958c5919a:3:1; expires=Sat, 04 Dec 2032 11:37:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c2bc646545bfb8251d6d5061622e92f9
b14bf36b5bc259fe2429b8521f73f14703195fba
521f345ee743d506ed3b636023dbd6942238d94d7a0dbda7575c15eb659edfb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 5368, version 1.0\012- data
Hash a48b0f049358d7503c497abb4dcbc4d6
d764e136ada1fba8ec4d99994b179d984d7983b8
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:41:00 GMT
expires: Fri, 01 Dec 2023 16:41:00 GMT
cache-control: public, max-age=31536000
age: 500214
last-modified: Tue, 26 Apr 2022 15:56:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-9WM7CTGFE6w/YEIY4yiXrSI/AAAAAAAAKLA/KQ9KQqUFQ-omzPDInJqiorJHHIVvrSu2QCNcBGAsYHQ/s16000/play-button.png
200 OK 1.1 kB URL HTTP/2 1.bp.blogspot.com/-9WM7CTGFE6w/YEIY4yiXrSI/AAAAAAAAKLA/KQ9KQqUFQ-omzPDInJqiorJHHIVvrSu2QCNcBGAsYHQ/s16000/play-button.png
IP
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash de2695687c61ac28a8661f80ffc37218
1167b6872596d7f5e88b40f384fc3d93094c4e59
9e0bd49fdf4f9288d62ce1417c4b25a29de9efaa4cb2c50797be11d56d41237b
GET /-9WM7CTGFE6w/YEIY4yiXrSI/AAAAAAAAKLA/KQ9KQqUFQ-omzPDInJqiorJHHIVvrSu2QCNcBGAsYHQ/s16000/play-button.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="play-button.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1054
x-xss-protection: 0
date: Wed, 07 Dec 2022 10:35:09 GMT
expires: Sun, 06 Nov 2022 03:01:39 GMT
cache-control: public, max-age=86400, no-transform
age: 3765
etag: "v28b1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thumbs.web.sapo.io/?W=1200&H=630&delay_optim=1&tv=1&crop=center&bottom_overlay=https%3A%2F%2Fmag.sapo.pt%2Fassets%2Fimg%2Flifestyle-sapo%2Ffacebook-overlay.png&epic=YzhmwcgU2yOFyjzCxRzJcb55C9bmw+tmOu6WubjxzxVT4JV2x6vb/QuslPV+ErvaHAgwA/fcObLX93t0qEupTF/z5/PLfvOdURRTOWD/h/euCM4=
200 OK 109 kB URL HTTP/2 thumbs.web.sapo.io/?W=1200&H=630&delay_optim=1&tv=1&crop=center&bottom_overlay=https%3A%2F%2Fmag.sapo.pt%2Fassets%2Fimg%2Flifestyle-sapo%2Ffacebook-overlay.png&epic=YzhmwcgU2yOFyjzCxRzJcb55C9bmw+tmOu6WubjxzxVT4JV2x6vb/QuslPV+ErvaHAgwA/fcObLX93t0qEupTF/z5/PLfvOdURRTOWD/h/euCM4=
IP
ASN #3243 Servicos De Comunicacoes E Multimedia S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x630, components 3\012- data
Size 109 kB (108693 bytes)
Hash 86306b56b14e52f126e4ec85e624e34c
ab3494c842732832005872c03c4b362127c9ae6e
fa158a1fd7fc83abc02276807f3ad52c106a584dda6169420b57ff71ca7667db
GET /?W=1200&H=630&delay_optim=1&tv=1&crop=center&bottom_overlay=https%3A%2F%2Fmag.sapo.pt%2Fassets%2Fimg%2Flifestyle-sapo%2Ffacebook-overlay.png&epic=YzhmwcgU2yOFyjzCxRzJcb55C9bmw+tmOu6WubjxzxVT4JV2x6vb/QuslPV+ErvaHAgwA/fcObLX93t0qEupTF/z5/PLfvOdURRTOWD/h/euCM4= HTTP/1.1
Host: thumbs.web.sapo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:54 GMT
content-type: image/jpeg
content-length: 108693
x-cache-throttle: 500
etag: "771efbef9f8fc8afb5bb75c957f27471"
thumbs-ver: 5.0.0
last-modified: Wed, 07 Dec 2022 11:37:54 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
thumbs: OK
thumbs-id: eExiEQEkRDlC
cache-control: max-age=60
x-servedby: utils05
server: Stratus/7 (11133aa)
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: pragma
access-control-max-age: 1728000
x-cache: MISS
x-cache-rid: PIC-B03/3972503815H2.1/4423
x-cache-oid: 734941b78cb479682c2fbcd2a815d6c8
x-cache-lookup: 0.661s
x-cache-ttl: 30
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
snapwidget.com/images/icons/pinterest.png
200 OK 756 B URL HTTP/2 snapwidget.com/images/icons/pinterest.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b30ba1581d3678592f9b6cebd717541b
44b1cb8f9c9cf3538d898b124bcaf82e266b8f42
7dc79f6bdde5b8c889a4f614a1626a609c571105818684c512aa8eb271be73dd
GET /images/icons/pinterest.png HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:54 GMT
content-type: image/webp
content-length: 756
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2467
content-disposition: inline; filename="pinterest.webp"
vary: Accept
etag: "6368c46e-9a3"
last-modified: Mon, 07 Nov 2022 08:40:14 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1347313
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgKWB4SGHOx%2BWJhEeZiLiHNJTCj5%2B%2BwXvzK%2FCQsyOazABMwhORt%2FnQ6njNAcTS%2BSRK%2FbdzRhHkxTC7lgJZWUPFKjmvT%2BLABwQfVG%2FN8M%2F6JWUj2ttsogojdEv6KAdjrE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775cf8d42d2f1bfe-OSL
X-Firefox-Spdy: h2
www.atelevisao.com/wp-content/uploads/2022/09/jorge-corrula-danca-antonio-costa.jpg.webp
200 OK 90 kB URL HTTP/2 www.atelevisao.com/wp-content/uploads/2022/09/jorge-corrula-danca-antonio-costa.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b3ebbd3613f531e823c83ad63ef952db
08f5848fc88a48bf04182366ee75fbf953c23fb6
25e7b8968eb6f98c3f4f5eda176db9c695399ebd270b740cc9aed3d32daa9de0
GET /wp-content/uploads/2022/09/jorge-corrula-danca-antonio-costa.jpg.webp HTTP/1.1
Host: www.atelevisao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: image/webp
etag: "6312272b-15e7a"
last-modified: Fri, 02 Sep 2022 15:54:19 GMT
server-timing: i;dur=0, d;dur=95, r;dur=0
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
x-powered-by: centminmod
x-request-id: CF-775cf8ca6fe31c16-ARN
x-xss-protection: 1; mode=block
cache-control: max-age=1800
cl-cache: MISS
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8ca6fe31c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
snapwidget.com/images/icons/facebook.png
200 OK 648 B URL HTTP/2 snapwidget.com/images/icons/facebook.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 54e9168996419eada721e6ca83b9866e
9a98cbd3f57f7cb3017e0ed1a4c4356094c0c2fb
4d1a80126c4bacaa62d2c046fd95b1378b5b874582f0ac4a7c453ff5cd1d33d7
GET /images/icons/facebook.png HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:54 GMT
content-type: image/webp
content-length: 648
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2222
content-disposition: inline; filename="facebook.webp"
vary: Accept
etag: "635d17b2-8ae"
last-modified: Sat, 29 Oct 2022 12:08:18 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2364378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Gp%2BAv70EUVZYZuVYmx%2BXa8QIi9Z5p9LHZJQYKGSB%2BCRkK%2B24hUBqYwb4tNHLpQxRNOCkwWum6RH1oIrUDlz5ZrSSOnm8P30dmnW47a5zpCvyGAx42RR038%2Bmv98ZOoR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775cf8d42d2a1bfe-OSL
X-Firefox-Spdy: h2
static.globalnoticias.pt/jn/image.jpg?brand=JN&type=generate&guid=c02f9e9d-620d-4000-bcd8-46ba8175fe92&w=744&h=495&t=20220901092539
200 OK 42 kB URL HTTP/2 static.globalnoticias.pt/jn/image.jpg?brand=JN&type=generate&guid=c02f9e9d-620d-4000-bcd8-46ba8175fe92&w=744&h=495&t=20220901092539
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14, description=O primeiro-ministro de Portugal, Ant\303\263nio Costa (C), ACOMPANHADO PELA recebido pela ministra dos Neg\303\263cios Estrangeiros e Coope, manufacturer=Canon, model=Canon EOS 5D Mark II, orientation=upper-left, xresolution=526, yresolution=534, resolutionunit=2, software=Adobe Photoshop 23.4 (Windows), datetime=2022:09:01 00:08:27], baseline, precision 8, 744x495, components 3\012- data
Hash 0ac38d8c4e15537cd260c08b82b31e45
47d3e28f21d7647249a479c01300163eec8e68eb
8857e1ab5359395df60d7373e7c116b727db39c31a113757e95cad669b134155
GET /jn/image.jpg?brand=JN&type=generate&guid=c02f9e9d-620d-4000-bcd8-46ba8175fe92&w=744&h=495&t=20220901092539 HTTP/1.1
Host: static.globalnoticias.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3
date: Wed, 07 Dec 2022 11:37:54 GMT
content-type: image/jpeg
x-powered-by: ASP.NET
expires: Wed, 07 Dec 2022 12:31:54 GMT
cache-name: rc04-oneit, rc04-oneit
server-name: ISB02, gngra05
cache-control: max-age=3240, public
X-Firefox-Spdy: h2
snapwidget.com/cdn-cgi/rum?
204 No Content 0 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 2708
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 11:37:54 GMT
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 775cf8d54e0d1bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/commons/4/4e/Monroecirca1953.jpg
200 OK 751 kB URL HTTP/2 upload.wikimedia.org/wikipedia/commons/4/4e/Monroecirca1953.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2008x2951, components 3\012- data
Size 751 kB (751245 bytes)
Hash 059f216496ffdb2e469d380516abf650
378659ea62721ed03345a55f4e8c98f20f3c00fe
0fa067bb37e40779c25a35aa647a7c65dc931bf4004742597d5db002974bc16b
GET /wikipedia/commons/4/4e/Monroecirca1953.jpg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 09:24:43 GMT
etag: 059f216496ffdb2e469d380516abf650
server: ATS/9.1.3
content-type: image/jpeg
content-length: 751245
x-object-meta-sha1base36: 6hhqy6flm0vgintgnj4vqf8g3azg0e6
last-modified: Wed, 27 Jan 2021 17:15:03 GMT
age: 7991
x-cache: cp3051 hit, cp3061 hit/19
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3061"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4272427aec58f70a2189081cf08dd45a
4aafd88bba141908524806f443d4e8dfdcb5f816
3921b739fe40043d4c63c0e7c480cacad9480c5bb56166349c5cd1b7657516b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3921B739FE40043D4C63C0E7C480CACAD9480C5BB56166349C5CD1B7657516B2"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14512
Expires: Wed, 07 Dec 2022 15:39:47 GMT
Date: Wed, 07 Dec 2022 11:37:55 GMT
Connection: keep-alive
www.discoverlosangeles.com/sites/default/files/images/2019-02/Marilyn%20Monroe%20Seven%20Year%20Itch.jpg
200 OK 41 kB URL HTTP/2 www.discoverlosangeles.com/sites/default/files/images/2019-02/Marilyn%20Monroe%20Seven%20Year%20Itch.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1091x1091, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 48f12e88a13742758253e7ddccddafcf
0662f4e4f7a20ed8d925e1e22036355fbb385453
13d22bfdf5784b291c3667db43a7046b51e30891e37841b20879ead952d64a2c
GET /sites/default/files/images/2019-02/Marilyn%20Monroe%20Seven%20Year%20Itch.jpg HTTP/1.1
Host: www.discoverlosangeles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/webp
etag: "LjFyhRJRcShcYuS8e2MNIk8O4TIZ4URCYrdMHy6e+vo"
expires: Sat, 28 Oct 2023 07:07:52 GMT
fastly-io-info: ifsz=146342 idim=1091x1091 ifmt=jpeg ofsz=41398 odim=1091x1091 ofmt=webp
fastly-stats: io=1
server: nginx
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe2-b-68b654c78d-jhpkl
x-styx-req-id: 12f7964a-55c6-11ed-b7bc-0e4299fed338
strict-transport-security: max-age=300
accept-ranges: bytes
date: Wed, 07 Dec 2022 11:37:55 GMT
age: 3558603
x-served-by: cache-chi-klot8100079-CHI, cache-chi-klot8100078-CHI, cache-bma1667-BMA
x-cache: HIT, HIT, HIT
x-cache-hits: 1, 73, 1
x-timer: S1670413075.449433,VS0,VE2
vary: Accept
content-length: 41398
X-Firefox-Spdy: h2
www.hollywoodreporter.com/wp-content/uploads/2022/08/Marilyn-The-Untold-Story-Still-Catharine-Hicks-Everett-TSDMATH_EC011-H-2022.jpg?w=800
200 OK 71 kB URL HTTP/2 www.hollywoodreporter.com/wp-content/uploads/2022/08/Marilyn-The-Untold-Story-Still-Catharine-Hicks-Everett-TSDMATH_EC011-H-2022.jpg?w=800
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eacd1d626743c7bcb5320e33981f55c1
0f427043867bf33ab3e568ac87bb4cb8b9814d03
1ce3c79506368fd0978b0241661923bf54a06ed44ab8103feba5765f3f2f01a3
GET /wp-content/uploads/2022/08/Marilyn-The-Untold-Story-Still-Catharine-Hicks-Everett-TSDMATH_EC011-H-2022.jpg?w=800 HTTP/1.1
Host: www.hollywoodreporter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 11:37:55 GMT
content-type: image/webp
content-length: 71346
last-modified: Mon, 05 Dec 2022 09:42:41 GMT
expires: Tue, 05 Dec 2023 09:42:41 GMT
etag: "7205ace8852a2c5f"
vary: Accept
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
x-rq: arn1 109 27 443
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3d1bfda0172115a51af3f89c37ef8d8b
1c61157902dd2b14156fb9186465b67ebde024a5
0f75bd3611715f3fd05acd3fb75af8e0a6cb3bee84f5616c0cb22b73c6ea896e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F75BD3611715F3FD05ACD3FB75AF8E0A6CB3BEE84F5616C0CB22B73C6EA896E"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16913
Expires: Wed, 07 Dec 2022 16:19:48 GMT
Date: Wed, 07 Dec 2022 11:37:55 GMT
Connection: keep-alive
foundfroshelves.com/watch.193087098054.js?key=63ab83c16989526b5e066846a849db42&kw=%5B%22antonio%22%2C%22costa%22%2C%22dan%C3%A7a%22%2C%22-%22%2C%22sonia%22%2C%22sullivan%22%2C%22news%22%5D&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F2022%2F09%2Fantonio-costa-danca.html&tz=0&dev=e&res=12.1055&uuid=
307 Temporary Redirect 0 B URL HTTP/1.1 foundfroshelves.com/watch.193087098054.js?key=63ab83c16989526b5e066846a849db42&kw=%5B%22antonio%22%2C%22costa%22%2C%22dan%C3%A7a%22%2C%22-%22%2C%22sonia%22%2C%22sullivan%22%2C%22news%22%5D&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F2022%2F09%2Fantonio-costa-danca.html&tz=0&dev=e&res=12.1055&uuid=
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.193087098054.js?key=63ab83c16989526b5e066846a849db42&kw=%5B%22antonio%22%2C%22costa%22%2C%22dan%C3%A7a%22%2C%22-%22%2C%22sonia%22%2C%22sullivan%22%2C%22news%22%5D&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F2022%2F09%2Fantonio-costa-danca.html&tz=0&dev=e&res=12.1055&uuid= HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://935soniasullivannews.blogspot.com
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:37:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://935soniasullivannews.blogspot.com
Access-Control-Allow-Origin: https://935soniasullivannews.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://foundfroshelves.com/watch.193087098054.js?key=63ab83c16989526b5e066846a849db42&kw=%5B%22antonio%22%2C%22costa%22%2C%22dan%C3%A7a%22%2C%22-%22%2C%22sonia%22%2C%22sullivan%22%2C%22news%22%5D&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F2022%2F09%2Fantonio-costa-danca.html&tz=0&dev=e&res=12.1055&uuid=&shu=b9f3fa69d944668a4fda64b91523b89792cee5027413acd76a01ab6601dc8460086e2a4356ce524e213419a49cf0ba2c721a6486e045d7dafdf95d840ed818c5f9e83e245b4680bb7faabfbfaf82d154a3ee2165778445f2d3ee1431c7&pst=1670413135&rmtc=t
Set-Cookie: u_pl=16262693; expires=Thu, 08 Dec 2022 11:37:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjY5MywiayI6IjYzYWI4M2MxNjk4OTUyNmI1ZTA2Njg0NmE4NDlkYjQyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTM4NjUzLCJwaWQiOjMwODE3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFuamRybmRhaWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly85MzVzb25pYXN1bGxpdmFubmV3cy5ibG9nc3BvdC5jb20vMjAyMi8wOS9hbnRvbmlvLWNvc3RhLWRhbmNhLmh0bWwifX0.0yLSIlH_Y7XLK0gSP2GEaATVjIs3T-_neoEp9NADf84; expires=Wed, 07 Dec 2022 11:38:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6296cd842c9d7cc422eb994ec681931
Strict-Transport-Security: max-age=0; includeSubdomains
foundfroshelves.com/watch.193087098054.js?key=63ab83c16989526b5e066846a849db42&kw=%5B%22antonio%22%2C%22costa%22%2C%22dan%C3%A7a%22%2C%22-%22%2C%22sonia%22%2C%22sullivan%22%2C%22news%22%5D&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F2022%2F09%2Fantonio-costa-danca.html&tz=0&dev=e&res=12.1055&uuid=&shu=b9f3fa69d944668a4fda64b91523b89792cee5027413acd76a01ab6601dc8460086e2a4356ce524e213419a49cf0ba2c721a6486e045d7dafdf95d840ed818c5f9e83e245b4680bb7faabfbfaf82d154a3ee2165778445f2d3ee1431c7&pst=1670413135&rmtc=t
200 OK 642 B URL HTTP/1.1 foundfroshelves.com/watch.193087098054.js?key=63ab83c16989526b5e066846a849db42&kw=%5B%22antonio%22%2C%22costa%22%2C%22dan%C3%A7a%22%2C%22-%22%2C%22sonia%22%2C%22sullivan%22%2C%22news%22%5D&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F2022%2F09%2Fantonio-costa-danca.html&tz=0&dev=e&res=12.1055&uuid=&shu=b9f3fa69d944668a4fda64b91523b89792cee5027413acd76a01ab6601dc8460086e2a4356ce524e213419a49cf0ba2c721a6486e045d7dafdf95d840ed818c5f9e83e245b4680bb7faabfbfaf82d154a3ee2165778445f2d3ee1431c7&pst=1670413135&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 8431589ac3493bbaa0a0bb5cec82e194
cbafb631bacf260f4d0c0d4bdcb1f9c915ac6450
5fc5836a19dcf8133517403ff7b54d0c8569711c52d810a0645d9f4e8d89c804
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.193087098054.js?key=63ab83c16989526b5e066846a849db42&kw=%5B%22antonio%22%2C%22costa%22%2C%22dan%C3%A7a%22%2C%22-%22%2C%22sonia%22%2C%22sullivan%22%2C%22news%22%5D&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F2022%2F09%2Fantonio-costa-danca.html&tz=0&dev=e&res=12.1055&uuid=&shu=b9f3fa69d944668a4fda64b91523b89792cee5027413acd76a01ab6601dc8460086e2a4356ce524e213419a49cf0ba2c721a6486e045d7dafdf95d840ed818c5f9e83e245b4680bb7faabfbfaf82d154a3ee2165778445f2d3ee1431c7&pst=1670413135&rmtc=t HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://935soniasullivannews.blogspot.com
Referer: https://935soniasullivannews.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16262693; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjY5MywiayI6IjYzYWI4M2MxNjk4OTUyNmI1ZTA2Njg0NmE4NDlkYjQyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTM4NjUzLCJwaWQiOjMwODE3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFuamRybmRhaWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly85MzVzb25pYXN1bGxpdmFubmV3cy5ibG9nc3BvdC5jb20vMjAyMi8wOS9hbnRvbmlvLWNvc3RhLWRhbmNhLmh0bWwifX0.0yLSIlH_Y7XLK0gSP2GEaATVjIs3T-_neoEp9NADf84
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:37:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://935soniasullivannews.blogspot.com
Access-Control-Allow-Origin: https://935soniasullivannews.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprc34dbbdda2cafb4b2a4d0912ac98eecdf=2717340; expires=Thu, 08 Dec 2022 13:37:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 11:37:55 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 11:37:55 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 08 Dec 2022 11:37:55 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 08 Dec 2022 11:37:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad5b40723ef3288b40dba278a7336a02
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3dc5678143fcb36d70a78fa51cbc42ad
5ee7f2ecdd362e508ed8c30d56e372ef947d8abe
cad4a9c6997a4c79d7804c33608226552cbcbac4ede57af80d8c1276078b00a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CAD4A9C6997A4C79D7804C33608226552CBCBAC4EDE57AF80D8C1276078B00A2"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15545
Expires: Wed, 07 Dec 2022 15:57:01 GMT
Date: Wed, 07 Dec 2022 11:37:56 GMT
Connection: keep-alive
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16262693
200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16262693
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 199136ccb943f6fb6a0ca9ed7be28482
fa50199ce2413a40a885337f9926c638828b2557
8d7381c913b031312217faa28d3c3684384e1cae87aa15805da8f81424373577
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16262693 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 11:37:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Thu, 08 Dec 2022 11:37:56 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNjI2OTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly85MzVzb25pYXN1bGxpdmFubmV3cy5ibG9nc3BvdC5jb20vIn19.YnXG9hUG4rjSER84BJ-RfWxkuzluvPG_KG57Ww7w6do; expires=Wed, 07 Dec 2022 11:38:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 27855cb66250341b2c5764adf5b8fefd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
snapwidget.com/cdn-cgi/rum?
204 No Content 0 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 541
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 11:37:56 GMT
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 775cf8e068861bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
snapwidget.com/cdn-cgi/rum?
204 No Content 0 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 565
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 11:37:56 GMT
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 775cf8e068941bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
snapwidget.com/cdn-cgi/rum?
204 No Content 0 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 541
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 11:37:56 GMT
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 775cf8e078971bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?shu=245855be1202b7255739bcde1ad4c0a4e92700fcb15b92305f006e1e84fc577cf2b82d107df1602c7a4c0f18dc9027aba034540a4d3d4244d59cd4f6800fc6b510e5b0671597f5ead269fba01a6c71f4e8c3403b003ea590b1a048e7d4f597&pst=1670413136&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F&psid=16262693
302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=245855be1202b7255739bcde1ad4c0a4e92700fcb15b92305f006e1e84fc577cf2b82d107df1602c7a4c0f18dc9027aba034540a4d3d4244d59cd4f6800fc6b510e5b0671597f5ead269fba01a6c71f4e8c3403b003ea590b1a048e7d4f597&pst=1670413136&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F&psid=16262693
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=245855be1202b7255739bcde1ad4c0a4e92700fcb15b92305f006e1e84fc577cf2b82d107df1602c7a4c0f18dc9027aba034540a4d3d4244d59cd4f6800fc6b510e5b0671597f5ead269fba01a6c71f4e8c3403b003ea590b1a048e7d4f597&pst=1670413136&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2F935soniasullivannews.blogspot.com%2F&psid=16262693 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNjI2OTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly85MzVzb25pYXN1bGxpdmFubmV3cy5ibG9nc3BvdC5jb20vIn19.YnXG9hUG4rjSER84BJ-RfWxkuzluvPG_KG57Ww7w6do; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 11:37:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://us.muchnow.net/postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2
Set-Cookie: pdhtkv=true; expires=Thu, 08 Dec 2022 11:37:56 GMT
uncs=1; expires=Thu, 08 Dec 2022 11:37:56 GMT
pdhtkv28=true; expires=Thu, 08 Dec 2022 11:37:56 GMT
uncs28=1; expires=Thu, 08 Dec 2022 11:37:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d623aab3913c1e0c498e2384e7a87cd3
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ff1a5ea61543981af853142cada1bd3
9d74b8defed7dfdd4f4fbff23508f3ada7d958fe
8e6728fd70bd1dac5ed0836fe0ae87d204deb13e58e91bb72345ee93c86e2433
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E6728FD70BD1DAC5ED0836FE0AE87D204DEB13E58E91BB72345EE93C86E2433"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18890
Expires: Wed, 07 Dec 2022 16:52:47 GMT
Date: Wed, 07 Dec 2022 11:37:57 GMT
Connection: keep-alive
us.muchnow.net/postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2
200 OK 2.1 kB URL HTTP/2 us.muchnow.net/postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cf89b4d2b7e999c108dbdc7f8862aac4
75b6690853340f56beb3573a5bb78541ce31a026
3bfc61cfb3ae3fd5106ef86bcf918703c6b61c513804649c04ad16675b5d32da
GET /postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2 HTTP/1.1
Host: us.muchnow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Wed, 07 Dec 2022 11:37:57 GMT
content-type: text/html;charset=UTF-8
content-length: 2089
X-Firefox-Spdy: h2
us.muchnow.net/postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2&token=a15d2119222874d7d01fd68d10b3f8b3&timezone=0&iframe_test=false&webdriver_test=false
302 Found 0 B URL HTTP/2 us.muchnow.net/postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2&token=a15d2119222874d7d01fd68d10b3f8b3&timezone=0&iframe_test=false&webdriver_test=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2&token=a15d2119222874d7d01fd68d10b3f8b3&timezone=0&iframe_test=false&webdriver_test=false HTTP/1.1
Host: us.muchnow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us.muchnow.net/postback/click?key=v2-1670413076774-4-9875-999800-9818db6d-8b08-5c61-f90e-df2815e398d2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Wed, 07 Dec 2022 11:37:57 GMT
content-length: 0
set-cookie: platform_user_id=desktop:b9ce734ea0955fdbdaef46d4d37c6039
platform_user_id_3rd_party=desktop:b9ce734ea0955fdbdaef46d4d37c6039; SameSite=None; Secure; Max-Age=31556952
location: https://www.pricecomparedeals.com/no-no
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 44e86adb8a5ef30564363bac468aef23
24963d3ecd4909e80035d11e07d2ed3676b8430c
69c888e2549af0e0e60fb555aee5de8aae9f07824b44fd7d022e4abf851b9f20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6442
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:57 GMT
Etag: "639042ad-118"
Last-Modified: Wed, 07 Dec 2022 09:50:35 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 16 kB IP
Hash e846a36fb85fe4d5e342d084d2a29b95
e6c8f52c68b8db2e0b111eacca342d1ddf345b7b
df54cc3b7c08dd1a962f268345d4f7960367a8b4e513b52685113b5b7580aed2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6442
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:57 GMT
Etag: "639042ad-118"
Last-Modified: Wed, 07 Dec 2022 09:50:35 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
cdn.dealsfor.life/23x9/GG201910181329540253000000000000_bandeira_noruega.jpg
200 OK 389 B URL HTTP/2 cdn.dealsfor.life/23x9/GG201910181329540253000000000000_bandeira_noruega.jpg
IP
File type PNG image data, 23 x 9, 8-bit/color RGB, non-interlaced\012- data
Hash 3985c40fe38e6b8cb2b7de1b2987cffe
7c0328120073e47ffe990c218a3318c8edd675c5
c82d89e379fa3c6a82fcf1b943144c7f61f007828904ff2beccfe127396e9369
GET /23x9/GG201910181329540253000000000000_bandeira_noruega.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:57 GMT
content-type: image/png
content-length: 389
x-amz-id-2: IiusZnti6Fc7BErGOmKVn5uyZZ1stcsC2EzgNj+4XO4RSAaDs23tubfUnp2QwmDDN7MmZncjAhM=
x-amz-request-id: 5V2P1FFTF27KNSDX
last-modified: Thu, 28 Nov 2019 03:36:17 GMT
etag: "3985c40fe38e6b8cb2b7de1b2987cffe"
cache-control: max-age=86400
cf-cache-status: HIT
age: 6289
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsU33PZTOV9VDpA6ftxexVfiFWwX32qZakdZNjeEvlmY3JE92q5LfL1Eu74OZTcn0GVX4t8TqgHZEfeS7ncZdXBnIZCXbSfOdz2gB7pRkVVprqWoJ2liUpCMaSZtZrZdA9EoMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8e8f980b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 17 kB IP
Hash e58d76c76f3cb58c20c11176c93b7123
01cab13c64cfe0598d75d9a8833a191f3c69bfe1
b5b729d3dc78c245a7b71c1c05e08536b362b5e0a10b0dce3bac4809fce21301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4263
Cache-Control: max-age=162623
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:57 GMT
Etag: "639042ad-118"
Expires: Fri, 09 Dec 2022 08:48:20 GMT
Last-Modified: Wed, 07 Dec 2022 07:37:17 GMT
Server: ECS (amb/6B95)
X-Cache: HIT
Content-Length: 280
cdn.dealsfor.life/630x525/GG202006090803570037000000000000_elektronics-v1.jpg
200 OK 37 kB URL HTTP/2 cdn.dealsfor.life/630x525/GG202006090803570037000000000000_elektronics-v1.jpg
IP
File type JPEG image data, baseline, precision 8, 630x525, components 3\012- data
Hash 7f936cedd7e479eb865f1bfe1c63e945
4088966128f5171f9750dfd5f83ed2f8c517090e
cf3f17e5d372b10391a1ec46de26be3e83ca3c37f22d6103aee48e6d210d906a
GET /630x525/GG202006090803570037000000000000_elektronics-v1.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:57 GMT
content-type: image/jpeg
content-length: 36766
x-amz-id-2: IMq+Sz4LUZ8TzgKFeRC0y762GUTn0rNSWCEjpr4iZLOb0//ZFbRumy9jOX7Bs0XWmwExjRcUDY8=
x-amz-request-id: G0SNKTHS1EEHKAYY
last-modified: Tue, 09 Jun 2020 08:22:04 GMT
etag: "7f936cedd7e479eb865f1bfe1c63e945"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp05GOh4Azd9EMRs5QpxVwv7sRH%2FdpleeaHsCLi1kyq8oVpeR%2BNzMelCYsPesIS2Xtvlw1VtwKxKfW5VG%2F4XwLLEzkUVteWRwcGj8TEUN0TFu4juWa1QeQU3ggN80dPbWU2jFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8e8f97db523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/420x210/GG202006050826060263000000000000_travel.jpg
200 OK 18 kB URL HTTP/2 cdn.dealsfor.life/420x210/GG202006050826060263000000000000_travel.jpg
IP
File type JPEG image data, baseline, precision 8, 420x210, components 3\012- data
Hash d2e157616b039f93a4dc696b5b96938e
6e0e4a332b81a4388915f206f73d58dcde204b29
2cf032115b870ef9a2790db489949898c24d39f8b8e93ce82fe59adc9255405e
GET /420x210/GG202006050826060263000000000000_travel.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:57 GMT
content-type: image/jpeg
content-length: 17960
x-amz-id-2: +jmNAUjjBw2hbB920mmdDVmSVrE7+aPyB7OpV4R5urq4cwxHFTmHcVfVf5hvJ9rh0pVjldA4qQQ=
x-amz-request-id: G0SS5X69TG09BDGC
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "d2e157616b039f93a4dc696b5b96938e"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rl6gq4Q%2FO6nJFc4QL9Ou8RsUjES94BqM8ht9dECyqUEUb7UWeg4B3y2mgrty1qHLK2nkTAcpUgl43eNYrByF9cUPpG1GMkAfL7yCWa3jGMGSCU8D2Z481Gcqq8YlD7hsfU4pQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8e8f982b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/210x210/GG202006090809160963000000000000_decoration.jpg
200 OK 13 kB URL HTTP/2 cdn.dealsfor.life/210x210/GG202006090809160963000000000000_decoration.jpg
IP
File type JPEG image data, baseline, precision 8, 210x210, components 3\012- data
Hash a950c8fffccbf994e7eab4cbdc4afc79
0ae9de6c62eb474f9fc1d3fe74240c92d555711b
c430a67352d95e657b6f81cee177cb771a9b8b289a66043021386d8b069f20e1
GET /210x210/GG202006090809160963000000000000_decoration.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:57 GMT
content-type: image/jpeg
content-length: 12794
x-amz-id-2: 6wnXaESSMB4fqASE7N+8ehTPOVbYvW3DlTDmjNmF7ppTk38+FuY2X/Q4Cz9O3q+wkmPY2nIV5dQ=
x-amz-request-id: G0SH0AH2J6PTJ52B
last-modified: Tue, 09 Jun 2020 08:22:03 GMT
etag: "a950c8fffccbf994e7eab4cbdc4afc79"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcpsSBn5lVH7a3qEnulWAvKEFSiBapGyTTizFWirHMx9lDpinCVtMw30YEbe8E9NoRwvNJSR0ONHsI25dvYOEJIgEJgs1OONcPG9vqKg%2BC9HSNvjQS6HCUModu1U4cW9DY5%2BYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8e8f983b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/630x315/GG202006050817010094000000000000_fashion.jpg
200 OK 25 kB URL HTTP/2 cdn.dealsfor.life/630x315/GG202006050817010094000000000000_fashion.jpg
IP
File type JPEG image data, baseline, precision 8, 630x315, components 3\012- data
Hash e4f10f00dbdfc76dac0b06e12e76dd81
4b016a4493756924b8fb40a9f1391d1378c07cf3
a8bef644a63472bb106be50ae79c3eaf5e10d49f1f8c207564036e07b01781d9
GET /630x315/GG202006050817010094000000000000_fashion.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:57 GMT
content-type: image/jpeg
content-length: 25059
x-amz-id-2: SFrxRe2sKqmtTHg2kUJx1wbyxEhgFybnCJYi5BNqrVrAbwkmvZEFyZiJuduYcLWF5JD3QgkVXHc=
x-amz-request-id: G0SVY3EKCWSRK22K
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "e4f10f00dbdfc76dac0b06e12e76dd81"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTWXnZJb%2F21GRvZPiDa%2BNcW3VdUm5xCHEfmnZnYMHOero3vQxSmwjRUyjalnWcrjsgFnFZ409BFDC2SrWmcYFte8s7jxsDPYkxPcCsnVcUaxl7hYhs4sXYEOPsWGXt6PXUnaxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8e8f981b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 32 kB IP
Hash 5fc8ec53c7581f47d94017acc9309e27
b75cd8c916f6c74ef6bfee6c1f5b75d74fb5049c
61743eaddd75f2644c17e7330a9bfd9547c9507c21b9c283856c6dc1c7c67e21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3343
Cache-Control: max-age=91482
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:57 GMT
Etag: "638f3060-117"
Expires: Thu, 08 Dec 2022 13:02:39 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 596 B IP
File type Applesoft BASIC program data, first line number 23\012- data
Hash 83261ae138ed3204508364ebff487621
6f4bd9d913a8d23ac28dc51a2f82be9904bff428
04031934082e2f4428884f14a402a1f74bc35fab07dff386a606c116372aa443
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2666
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:57 GMT
Etag: "639042ad-118"
Last-Modified: Wed, 07 Dec 2022 10:53:31 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 44e86adb8a5ef30564363bac468aef23
24963d3ecd4909e80035d11e07d2ed3676b8430c
69c888e2549af0e0e60fb555aee5de8aae9f07824b44fd7d022e4abf851b9f20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4263
Cache-Control: max-age=162623
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:57 GMT
Etag: "639042ad-118"
Expires: Fri, 09 Dec 2022 08:48:20 GMT
Last-Modified: Wed, 07 Dec 2022 07:37:17 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash ca0163b98fe08400ca256eab5d2c4aa6
9f98a05573d6618a68e19da6f9b323bff4383193
49dc62f616be2b0f8db1221efc5885d66e53c5d96633d4fffb9f98a153bc40c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:58 GMT
Last-Modified: Wed, 07 Dec 2022 10:43:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 280 B IP
Hash 44e86adb8a5ef30564363bac468aef23
24963d3ecd4909e80035d11e07d2ed3676b8430c
69c888e2549af0e0e60fb555aee5de8aae9f07824b44fd7d022e4abf851b9f20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158359
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "639042ad-118"
Expires: Fri, 09 Dec 2022 07:37:17 GMT
Last-Modified: Wed, 07 Dec 2022 07:37:17 GMT
Server: nginx
Content-Length: 280
www.pricecomparedeals.com/no-no
200 OK 43 kB URL HTTP/2 www.pricecomparedeals.com/no-no
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1238), with CRLF, LF line terminators
Hash 2701676b4728a79974dc2e52c32e2143
bf7d9d922904749c689447987565c71cba6f36a8
f955ec62d5013cfc026cd5f05bb237e62a4e121fd413081e84837983112573b4
GET /no-no HTTP/1.1
Host: www.pricecomparedeals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.muchnow.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:57 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=1800
cf-cache-status: HIT
age: 4156
last-modified: Wed, 07 Dec 2022 10:28:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKoDqFHsXHLsPaupqmCVuzZdPHRv8jMBXymet2PuJrqoQi%2BAjsjG9F6CzTqFGhDXUHXHorSy1G%2FkY5%2FEH0KxwrS5Q6mc49HNoKlEqmHRLtggWFOH%2FIF0Ua2pIPvkmmwm8jwujnCSAzZt%2B3Vk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775cf8e7ecd40af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064\012- data
Hash 462806316fea535a6a57651bc2b000b0
80644191098f863f25be27841c0d92c452cf2327
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:58 GMT
content-type: font/woff2
content-length: 74348
x-amz-id-2: EwPApTJPtTNPc4Qd081RMNH4it4R60RVonUkKH0YHLXbctI3fPAIIiFdUgYsEw4vW3oNTFxs26iBOuHAOZCXSg==
x-amz-request-id: 3RE04NK9XWFDRHS3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 73492
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDQAWNiGGq8G3l2Q9JDS%2BXsMhiTv2ji%2F9NYhf4kVd4T7Hnaov8ItS%2BlTyigMYoCWuNbIftHT0zDb5NINnfOu9DR9RearKC6WQ8GuojOeHcZMpBVfINgaa2Sg42ORVt1UdqxESDUa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775cf8ea49167529-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 146717
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3569
Cache-Control: max-age=94245
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 13:48:43 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js
200 OK 11 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js
IP
Hash a6b326016064f0489155361aad3d5528
d5fc772d481b45e9e99f7ca885ea91b831398f8f
2ac176abc082318c53d46e3c145829ab7eb9ea50528d158cba075da7781b39ef
GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 5e65ba7f42ffe25a69d9ee1bd8157371
etag: "d1f9195df47b2f7a962fd4a37daa5b26"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 07 Dec 2022 11:51:40 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 02rTMa0M4AxdcmGS8rjJ1A==
x-fb-debug: 5x/0ykjtvYuLn87u1lhRL7Z7zJMwtXZ/rp1G2Rlc6ryiFFu1n06HcTq8+uv/MHiwcSe8Nh4aU5mmV5udvAyVqQ==
content-length: 1685
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 11:37:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4875
Cache-Control: max-age=95551
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:10:29 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Open+Sans:400,600,800
200 OK 108 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600,800
IP
Size 108 kB (108492 bytes)
Hash a0961f0ef21f6cf065932bf8bc87c771
b18822ddfa85820b73d286464a2990211fbdde47
0ed13e583bab4093d53a9e9dbc48a35ca5614310fc9b71aea48c50a8993e3c51
GET /css?family=Open+Sans:400,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 11:37:58 GMT
date: Wed, 07 Dec 2022 11:37:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c18bea46572f04d59e30d85faebca393
0e2691ee60e7e095c7c55ac0eab08aecd262ac32
00b2b19c184712f69aa80844f3250abf8c30d00886c61513e2b61ed212106319
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "6390484b-1d7"
Last-Modified: Wed, 07 Dec 2022 11:28:25 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wOP03Xt2w5hbv14jeH2CoLu9jmj-keJQzBW-Uq0Xl1DQamsggbM5mA==
Age: 573
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c18bea46572f04d59e30d85faebca393
0e2691ee60e7e095c7c55ac0eab08aecd262ac32
00b2b19c184712f69aa80844f3250abf8c30d00886c61513e2b61ed212106319
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163040
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "6390484b-1d7"
Expires: Fri, 09 Dec 2022 08:55:18 GMT
Last-Modified: Wed, 07 Dec 2022 08:01:15 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PJ-olxpSlmCy77v4XdK-8XdseVFsS05ru-vXpkOZnAs0H3icbYzQAQ==
Age: 3243
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c18bea46572f04d59e30d85faebca393
0e2691ee60e7e095c7c55ac0eab08aecd262ac32
00b2b19c184712f69aa80844f3250abf8c30d00886c61513e2b61ed212106319
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165892
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "6390484b-1d7"
Expires: Fri, 09 Dec 2022 09:42:50 GMT
Last-Modified: Wed, 07 Dec 2022 08:01:15 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EufFWOKUfjvruR0QYGZgYF-tMXupmGz3CcnXbeQ6-xxSCapBKJN2kA==
Age: 6095
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c18bea46572f04d59e30d85faebca393
0e2691ee60e7e095c7c55ac0eab08aecd262ac32
00b2b19c184712f69aa80844f3250abf8c30d00886c61513e2b61ed212106319
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160063
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "6390484b-1d7"
Expires: Fri, 09 Dec 2022 08:05:41 GMT
Last-Modified: Wed, 07 Dec 2022 08:01:15 GMT
Server: ECS (dcb/7F80)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tpDjAWyUizr1hxeCPd2licBiVP4AVLKZZf7MFW_XZbU82uzsBvylMw==
Age: 266
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c18bea46572f04d59e30d85faebca393
0e2691ee60e7e095c7c55ac0eab08aecd262ac32
00b2b19c184712f69aa80844f3250abf8c30d00886c61513e2b61ed212106319
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161384
Date: Wed, 07 Dec 2022 11:37:58 GMT
Etag: "6390484b-1d7"
Expires: Fri, 09 Dec 2022 08:27:42 GMT
Last-Modified: Wed, 07 Dec 2022 08:01:15 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o5eMQT5EsmBsyHMtlT-5DT5_c_LY9TlnpMivpqEsAMqOxgtBAgNzSQ==
Age: 1587
img.tttcdn.com/product/xy/500/500/p/gu1/C/6/C9310-6/C9310-6-1-ff2d-hxmX.jpg
200 OK 84 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/C/6/C9310-6/C9310-6-1-ff2d-hxmX.jpg
IP
Hash 892d4a9c1e8403dca8432e08ecc139bb
ee4094491a31879a4b885200d59035a9b6410ead
3e54bfe0795f89be17788effc587e19bc7bafa986ac51119217ab30fd0bd518a
GET /product/xy/500/500/p/gu1/C/6/C9310-6/C9310-6-1-ff2d-hxmX.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 80814
x-amz-id-2: gRLNSCRVPgK2LgkidWRS2fRtUlD+UQNWz/a6MT1yIdOMcNejnjqr+3tDMxIw3WeKXA+DqYvHhFg=
x-amz-request-id: B0RVT4BF7XBY25QT
date: Wed, 30 Nov 2022 01:08:08 GMT
last-modified: Mon, 28 Oct 2019 11:05:56 GMT
etag: "798264f305449a64b2b8460dd6843fc3"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KEkHuUbyGbJCsjX2On2rqmOIjCIZ7jAZIOudFzyszWwjb3ax93Q_SQ==
age: 642591
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/P/W/PAA0621W/PAA0621W-1-fc59-oHC3.jpg
200 OK 36 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/P/W/PAA0621W/PAA0621W-1-fc59-oHC3.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57841c6dfcda20efe0aa442e86ee8fa7
da9ffde8a0a3b8971c2efce9db232fc4cc6a9e99
e7372cc4734516b1836d4e8522fee9d1f267d72d9d6f1ec6d91e224126a6b1c5
GET /product/xy/500/500/p/gu1/P/W/PAA0621W/PAA0621W-1-fc59-oHC3.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 35874
x-amz-id-2: fTQFXPJz1Bg7vqsqgSeAdX+e6xRTD0dtAwWmJ+I1E8FlPpfmD7+w6+ZB/B+lGNzx+eaHixkNBtc=
x-amz-request-id: H6S0JHD98VQ46CJ5
date: Tue, 15 Nov 2022 00:46:29 GMT
last-modified: Fri, 18 Oct 2019 13:33:47 GMT
etag: "57841c6dfcda20efe0aa442e86ee8fa7"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ImUYhp9Ifqp1192cltILS2UQ4QzfMmJ6bjC1xtLoadZHFv6a7ZxU7Q==
age: 1939890
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/E/8/E17018/E17018-1-52e0-XWgX.jpg
200 OK 14 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/E/8/E17018/E17018-1-52e0-XWgX.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f70ab4d9b41bbafaac5514fa12f467a
3ab5632b39817c7feb5e64a0ab660329840a0357
1b4d70168fe2a181f98631958d46c6d640613464726e2d94cb9fc0db3ee95454
GET /product/xy/500/500/p/gu1/E/8/E17018/E17018-1-52e0-XWgX.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 13466
x-amz-id-2: FZiYVCn0N3GvvpGIxqFtpLh94ZbZ29K12p4UhQbfbgaoYTJh4yTdyRG+2uR/4BkouQc8dCpoBbc=
x-amz-request-id: H6S0HHCK4V0G96BV
date: Tue, 15 Nov 2022 00:46:29 GMT
last-modified: Wed, 19 May 2021 11:09:54 GMT
etag: "9f70ab4d9b41bbafaac5514fa12f467a"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Rt_q87Djd6hYfpOml1-uXO8Hie8f6r4FahOYyDDYWjHKZUrxMMUSA==
age: 1939890
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/I/5/I3115/I3115-1-fa63-RCae.jpg
200 OK 36 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/I/5/I3115/I3115-1-fa63-RCae.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce9cdb9d68c4194263b0d5a7fbb17902
8a14110fae4e86697e469a5760854dfb983376f4
0b119b667a28869a85382b9c7d7f9d68010372265fe9cca9f2c005cfb2046130
GET /product/xy/500/500/p/gu1/I/5/I3115/I3115-1-fa63-RCae.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 36328
x-amz-id-2: jPFYqqqmTvjkjiRvpa9zc4Mq21ph4mv+grLEEF+0OweMRzEH6r7PUIabve2Z7Y7U3sSkL4hkYPU=
x-amz-request-id: HQRZ33K16E8Z8TYE
date: Fri, 11 Nov 2022 00:29:37 GMT
last-modified: Sat, 10 Mar 2018 11:14:10 GMT
etag: "ce9cdb9d68c4194263b0d5a7fbb17902"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GEbNdDkqPuMZRw8dD8KODPvA1vxRGeUNDK3C1HY7nInGwGgVb1dIDg==
age: 2286502
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/Y/R/Y15105R/Y15105R-1-8d79-zaHg.jpg
200 OK 37 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/Y/R/Y15105R/Y15105R-1-8d79-zaHg.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2862e8fc6d77ea9f65ea2cc5a0d4d36
92851afd468fe9e68736bd33ea83a8f5a445365a
f41013080ce32f804f1934f8b7a1e6e518d78391203a13d15678b78e7ac008b8
GET /product/xy/500/500/p/gu1/Y/R/Y15105R/Y15105R-1-8d79-zaHg.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 36618
x-amz-id-2: S9Wtwfb2kZzdGLJpVuJ5MRTVDXpgLHUp3AYaBhLHYSOwf2/5uL88PUqUaYLy+9YWE/2GeNZAkk4=
x-amz-request-id: VQ7YBXV7TCZF53E4
date: Mon, 05 Dec 2022 00:24:28 GMT
last-modified: Tue, 28 Apr 2020 12:12:14 GMT
etag: "f2862e8fc6d77ea9f65ea2cc5a0d4d36"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MG3IHjxOcHrK6FR9VTFTIkhH8NUKuko91frnQPP0XlQv_Zin2lyq5A==
age: 213211
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/E/1/E12559-1/E12559-1-1-2442-ac7c.jpg
200 OK 43 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/E/1/E12559-1/E12559-1-1-2442-ac7c.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c13f56e6ff3437114ecdf6684862a72b
daa0460ca4e6219350698403956fbad2fc7a8847
5c6690474de8ddac8cf9c044d63ea29e6dd1de9c69074636a6a93b016f309e15
GET /product/xy/500/500/p/gu1/E/1/E12559-1/E12559-1-1-2442-ac7c.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 42916
x-amz-id-2: lO9rEQ41Q6Z4dYVDxrppSn3rYq32C3f5ic8tPLyt0vq50vUD6Z9xovNaJFZFAkXKC/KEBQgnU6s=
x-amz-request-id: PCYHHRX4PWVJW10H
date: Fri, 02 Dec 2022 00:32:44 GMT
last-modified: Tue, 28 Jul 2020 11:12:41 GMT
etag: "c13f56e6ff3437114ecdf6684862a72b"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JLzTXuTqATLh9UGZ-8f1zJspO9ezbwf0g4o9WmZUjf2NrAFzZJ4e9g==
age: 471915
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/K/3/K13672-3/K13672-3-1-9a78-Z0lc.jpg
200 OK 52 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/K/3/K13672-3/K13672-3-1-9a78-Z0lc.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef919781362085a2b4a660accc192a4d
4f8eba8cb72bb8e82f2d12079c1c92ce1a0c1a06
3a59c017d2331fa5c78397b50bef6322c6d2b764c56ab536251d136d5cbc320b
GET /product/xy/500/500/p/gu1/K/3/K13672-3/K13672-3-1-9a78-Z0lc.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 52540
x-amz-id-2: g/aJF4P1ynPNLf/ciLpTai9QGwt1Jl/rSGBDrUcAAWmUPocAYDLS6JSIuf+gdcfJfabBwiquQEE=
x-amz-request-id: KEVC6HF0NCXBCG6Y
date: Mon, 14 Nov 2022 01:10:23 GMT
last-modified: Fri, 20 Mar 2020 12:58:04 GMT
etag: "ef919781362085a2b4a660accc192a4d"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f1nIyT-2dgazSobBELJgEnIRJW1wxCGF_qca0pR3o_wzR82_EEc4KQ==
age: 2024856
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/H/4/H39850-4/H39850-4-1-bd3e-T4is.jpg
200 OK 29 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/H/4/H39850-4/H39850-4-1-bd3e-T4is.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3ec8c6ddbeab4b604b141c21b84bb656
10750ef253cc08587c51e8e8af8ac2748b4608ff
cab1838e9b3b200ee39c95e744b19bd4a0f24e08567eab9e300dbad615aad6d1
GET /product/xy/500/500/p/gu1/H/4/H39850-4/H39850-4-1-bd3e-T4is.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 28882
x-amz-id-2: LT5nG0cAS5HaGjafiO1hLCzZujvtcG3Hmk9t604X/peHfPoudS1tRwrn7SyiSRExSeKEN6wnLd8=
x-amz-request-id: E3QXAJYK9S0VZNSC
date: Fri, 25 Nov 2022 00:37:57 GMT
last-modified: Fri, 02 Apr 2021 01:52:38 GMT
etag: "3ec8c6ddbeab4b604b141c21b84bb656"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yOul6cbcEtpMga_jtNx_entaz45IyUnWNU0oowzDGeCxmf0ju4R8WQ==
age: 1076402
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/K/8/K6418/K6418-1-c58d-eQL9.jpg
200 OK 18 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/K/8/K6418/K6418-1-c58d-eQL9.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9731e09d11a1418c77bd5bb782290db9
d04a0d7940766ffded00e40dc4ed7fe617f9f37e
4a8e9f08f9a62392c57c0d8d3d4416d27d099d358c63406dbcc1fd9bcabf62bc
GET /product/xy/500/500/p/gu1/K/8/K6418/K6418-1-c58d-eQL9.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 17968
x-amz-id-2: S0I435Zp0tZD9xbhimEad4IJTlfhb1uruHkuZzrcmiqgCK7GDnzcR60hr0q43nCs+1FXlTu2CvE=
x-amz-request-id: 1RHARMZSZFTZWKQY
date: Thu, 01 Dec 2022 00:25:28 GMT
last-modified: Mon, 23 Apr 2018 10:11:23 GMT
etag: "9731e09d11a1418c77bd5bb782290db9"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3oVqJgqEVX00EllfDauaYTsibtZWCMTSbcUOGyHi8BKUJjF9UZ3pGA==
age: 558751
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/K/5/K6325/K6325-1-d9a4-2Qda.jpg
200 OK 12 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/K/5/K6325/K6325-1-d9a4-2Qda.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash efd7cd4e81662cc5682187cd3389559a
e2e59d0f2ed9ca6a682aedfcc093265295cdaeba
1ec0c198d503ac6cf4c439bb0832b132a60b96ea841df671e6c2b69f7934ab96
GET /product/xy/500/500/p/gu1/K/5/K6325/K6325-1-d9a4-2Qda.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 12408
x-amz-id-2: a0lF6Or1Gp2KBQ/Mxc8F5iY0uyuJ4dKSxX/NxMeh6y+HjiFCfSCJpaQPUlqtfgbh2aaoPojYoPU=
x-amz-request-id: JSZY0F1PR9XR2EXJ
date: Fri, 02 Dec 2022 01:23:09 GMT
last-modified: Fri, 06 Apr 2018 08:43:35 GMT
etag: "efd7cd4e81662cc5682187cd3389559a"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rbGzTsQBi4R6f76S6AxqSU78vkSZDLGwCVwixWKbX_4Zxq_zOxNd2w==
age: 468890
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=https%3A%2F%2Fus.muchnow.net%2F&if=false&ts=1670413078327&sw=1280&sh=1024&at=
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=https%3A%2F%2Fus.muchnow.net%2F&if=false&ts=1670413078327&sw=1280&sh=1024&at=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=https%3A%2F%2Fus.muchnow.net%2F&if=false&ts=1670413078327&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 11:37:58 GMT
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:52 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15857320
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775cf8c968eab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
snapwidget.com/stylesheets/embed.grid.min.4069f6f840f9102b.css
200 OK 0 B URL HTTP/2 snapwidget.com/stylesheets/embed.grid.min.4069f6f840f9102b.css
IP
GET /stylesheets/embed.grid.min.4069f6f840f9102b.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:37:53 GMT
content-type: text/css
cf-bgj: minify
etag: W/"635d18ae-899"
last-modified: Sat, 29 Oct 2022 12:12:30 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1827964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8rPBSLjk9ANw4y9nNkl6uUlHQ1OrYtlIlMVPnrWgwhiAyBiGE5SSiBPELSqT4huywxmHt3VirbDRS5T2tjU6%2BK6BY0%2B3cGCyVj%2Fv2JBmxAmADqSo1zYluvBAqnFBKgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775cf8cbbd971bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
alphanewscall.com/wp-content/uploads/2022/09/Marilyn-Monroes-Net-Worth.jpg
200 OK 0 B URL HTTP/1.1 alphanewscall.com/wp-content/uploads/2022/09/Marilyn-Monroes-Net-Worth.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/uploads/2022/09/Marilyn-Monroes-Net-Worth.jpg HTTP/1.1
Host: alphanewscall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://935soniasullivannews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:37:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 30 Sep 2022 04:19:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
142.250.74.161
104.18.29.9
93.184.220.29
213.13.25.43
149.202.60.198
31.13.72.53
52.28.211.11
23.36.76.226
188.114.99.234