Overview

URLtricocrocheetcetal.blogspot.de/search/label/VESTIDOS
IP 172.217.21.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-05 00:36:05 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (28)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (7) 344 No data No data 95.101.11.115
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-04 17:12:40 UTC 34.102.187.140
tricocrocheetcetal.blogspot.com (2) 0 2013-08-30 13:03:22 UTC 2015-09-20 09:52:21 UTC 172.217.21.161 Unknown ranking
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-12-04 17:22:24 UTC 142.250.74.132
tricocrocheetcetal.blogspot.de (1) 0 2014-05-07 00:07:30 UTC 2014-05-07 01:27:51 UTC 172.217.21.161 Unknown ranking
www.blogger.com (3) 8975 2012-05-22 07:35:03 UTC 2020-05-05 09:48:25 UTC 216.58.207.233
resources.blogblog.com (3) 13274 2018-07-01 19:33:30 UTC 2020-04-09 16:15:03 UTC 216.58.207.233
ww82.acessoriosparablogs.com.br (7) 0 No data No data 199.59.243.222 Unknown ranking
i3.cdn-image.com (5) 120650 2012-05-21 16:55:14 UTC 2020-04-23 03:23:27 UTC 23.33.119.25
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
text.glitter-graphics.net (6) 0 2012-09-29 20:56:01 UTC 2022-11-25 06:26:05 UTC 46.4.70.136 Domain (glitter-graphics.net) ranked at: 459498
lh3.googleusercontent.com (1) 66 2013-05-30 23:27:19 UTC 2020-05-01 19:11:58 UTC 142.250.74.97
dl3.glitter-graphics.net (1) 0 2012-09-09 16:34:01 UTC 2022-11-25 06:26:05 UTC 46.4.70.136 Domain (glitter-graphics.net) ranked at: 459498
ocsp.pki.goog (14) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
3.bp.blogspot.com (7) 11048 2013-07-04 04:18:40 UTC 2020-05-14 03:02:58 UTC 142.250.74.161
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.38.146.2
iyfbodn.com (4) 147548 2021-06-29 18:15:40 UTC 2022-12-04 15:39:30 UTC 208.91.196.46
pagead2.googlesyndication.com (2) 101 2021-02-20 15:52:05 UTC 2022-12-04 18:15:34 UTC 142.250.74.66
4.bp.blogspot.com (8) 11215 2013-05-06 20:18:52 UTC 2020-05-06 03:21:52 UTC 142.250.74.65
apis.google.com (2) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 172.217.21.174
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
acessoriosparablogs.com.br (1) 0 2012-10-02 03:54:11 UTC 2022-12-01 23:39:57 UTC 46.8.8.100 Unknown ranking
2.bp.blogspot.com (6) 11071 2013-07-04 03:01:31 UTC 2020-04-28 02:17:39 UTC 142.250.74.161
img34.glitterfy.com (1) 0 2017-02-01 13:18:50 UTC 2022-11-25 14:49:09 UTC 208.71.34.181 Unknown ranking
translate.google.com (1) 1156 2012-05-30 01:30:32 UTC 2020-04-26 20:04:42 UTC 216.58.211.14
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-04 17:12:39 UTC 34.117.237.239
1.bp.blogspot.com (8) 8403 2013-05-06 20:18:52 UTC 2020-05-14 01:22:22 UTC 142.250.74.65
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-05 2 tricocrocheetcetal.blogspot.de/search/label/VESTIDOS Malware
2022-12-05 2 tricocrocheetcetal.blogspot.com/search/label/VESTIDOS Malware
2022-12-05 2 tricocrocheetcetal.blogspot.com/js/cookienotice.js Malware
2022-12-05 2 ww82.acessoriosparablogs.com.br/_fd Malware
2022-12-05 2 ww82.acessoriosparablogs.com.br/_zc Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.217.21.161
Date UQ / IDS / BL URL IP
2023-02-03 20:34:14 +0000 0 - 0 - 1 sjuedo.blogspot.sk/?m=1 172.217.21.161
2023-02-03 20:22:22 +0000 0 - 0 - 2 eeoeoleoeea.blogspot.com/?m=0 172.217.21.161
2023-02-03 20:21:03 +0000 0 - 0 - 4 uhohstinkyaustralian.blogspot.com/2022/06/*?m=1 172.217.21.161
2023-02-03 20:16:14 +0000 0 - 0 - 2 porxvi.blogspot.com/2023/01/z.html 172.217.21.161
2023-02-03 19:36:53 +0000 0 - 0 - 3 howtogetaacebadgeinbeeswarmsimulator.blogspot.li/ 172.217.21.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-02-03 20:46:12 +0000 0 - 1 - 0 download-installer.cdn.mozilla.net/pub/firefo (...) 34.117.35.28
2023-02-03 20:35:22 +0000 0 - 0 - 1 wawplus.com/?subscribe=627635 35.214.181.47
2023-02-03 20:34:14 +0000 0 - 0 - 1 sjuedo.blogspot.sk/?m=1 172.217.21.161
2023-02-03 20:31:51 +0000 0 - 0 - 0 docs.google.com/presentation/d/1BTXCJNwPgbSA0 (...) 142.250.74.110
2023-02-03 20:28:18 +0000 0 - 0 - 7 infocanadapost.com/ 34.98.99.30


Last 2 reports on domain: tricocrocheetcetal.blogspot.de
Date UQ / IDS / BL URL IP
2022-12-10 22:53:30 +0000 0 - 0 - 5 tricocrocheetcetal.blogspot.de/search/label/C (...) 172.217.21.161
2022-12-05 00:36:05 +0000 0 - 0 - 5 tricocrocheetcetal.blogspot.de/search/label/V (...) 172.217.21.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-26 10:34:51 +0000 0 - 0 - 6 demo.hscbc.co.uk/ 199.59.243.222
2023-01-26 10:28:00 +0000 0 - 0 - 4 93north.ca/ 66.96.161.146
2023-01-26 02:51:32 +0000 0 - 0 - 1 kbt-store.com/goccnflqykv/FF/O1/2b8o3OdC.zip 173.208.96.44
2023-01-14 04:22:15 +0000 0 - 10 - 11 walmar.asia/ 199.59.243.222
2023-01-05 03:16:15 +0000 0 - 0 - 2 annaninaricci.com/ 66.96.149.21

JavaScript

Executed Scripts (28)

Executed Evals (0)

Executed Writes (5)
#1 JavaScript::Write (size: 208) - SHA256: cd1ac417af7a6d1ff0448b0273c29134887f4e9fbecf50cea31042c6dc8b3a1d
< div id = "aswift_0_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:300px;height:250px;"
data - ad - slot = "4844769918" > < /div>
#2 JavaScript::Write (size: 208) - SHA256: c974ef378023621f037337c771e179b975fda25b090097d3c3e938a9dc4a89c1
< div id = "aswift_1_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:250px;height:250px;"
data - ad - slot = "6321503114" > < /div>
#3 JavaScript::Write (size: 208) - SHA256: 4b671dc1c3c6cb77fba918772fc1c994b905df0c72444e1a79643c1904fe189d
< div id = "aswift_2_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:250px;height:250px;"
data - ad - slot = "4947344712" > < /div>
#4 JavaScript::Write (size: 208) - SHA256: 2d722b7a295f2743855da3ecb151da84b60696fac60f6fac2ce6d08c036fdbc9
< div id = "aswift_3_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:300px;height:250px;"
data - ad - slot = "4844769918" > < /div>
#5 JavaScript::Write (size: 208) - SHA256: be14041f6623bb342fcf6deb883be7be2766f91bc4d67319f58bea9e9d297ba2
< div id = "aswift_4_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:250px;height:250px;"
data - ad - slot = "6321503114" > < /div>


HTTP Transactions (104)


Request Response
                                        
                                            GET /search/label/VESTIDOS HTTP/1.1 
Host: tricocrocheetcetal.blogspot.de
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.217.21.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://tricocrocheetcetal.blogspot.com/search/label/VESTIDOS
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 00:35:54 GMT
Expires: Mon, 05 Dec 2022 00:35:54 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 197
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   197
Md5:    245e662fd7c39decbb0e34ef8ff633f9
Sha1:   b128298c0a0669236a4cc391195b9495af10a183
Sha256: 70ecbc6f11473808e0f5fb891ccc4d17d5201ca41f9834807b66d3740f1c6aaa

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 05 Dec 2022 04:37:09 GMT
Date: Mon, 05 Dec 2022 00:35:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=124750
Date: Mon, 05 Dec 2022 00:35:54 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:15:04 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 00:20:10 GMT
cache-control: public,max-age=3600
age: 944
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2409
Expires: Mon, 05 Dec 2022 01:16:03 GMT
Date: Mon, 05 Dec 2022 00:35:54 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 0TcS384fFFtwbAkl5OIlHKy+QifvgVeIPOXOdyTZMvh/9Ew2udutvllj0Gq16oORxeUBNYL4LSU=
x-amz-request-id: YWJTD3QTZN181VMA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 23:47:10 GMT
age: 2924
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Dec 2022 00:35:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /search/label/VESTIDOS HTTP/1.1 
Host: tricocrocheetcetal.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Mon, 05 Dec 2022 00:35:54 GMT
Date: Mon, 05 Dec 2022 00:35:54 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 25 Nov 2022 12:15:30 GMT
ETag: W/"b3c226801ff9dac855d0cbc7451831788801f70a200571bba05432da53e53207"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 30289
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2754), with CR, LF line terminators
Size:   30289
Md5:    d3e47793d627f0092a6a3deb7f08367e
Sha1:   304bdf85701f2f61f2eb1f589cb8620a8e192ade
Sha256: 2eaa3fb9ade5f9e67529fe61d8d80d49aada01c93c2853ee06aa04fe1c4d062e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /pagead/show_ads.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.66
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Mon, 05 Dec 2022 00:35:55 GMT
Expires: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: private, max-age=3600
ETag: 1870728659742758671
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36160
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (3577)
Size:   36160
Md5:    8370cbaca62d11e3e508e6d57ed7e718
Sha1:   5f798fefeb0fdb223828111783968e0faf4894e6
Sha256: a6880acfe9add094dfe0fce1f32f3b5a9ac2b32b1bd7a8b75ffefe2b1e3a23ed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scripts/neve.js HTTP/1.1 
Host: acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.8.8.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Set-Cookie: sv=1; Domain=acessoriosparablogs.com.br; Expires=Tue, 05 Dec 2023 00:35:55 GMT; Max-Age=300
Date: Mon, 05 Dec 2022 00:35:55 GMT
Content-Length: 59


--- Additional Info ---
Magic:  ASCII text
Size:   59
Md5:    839736f5d5855469a58b6fc556cd250c
Sha1:   137297c4dab78e4c5c4a15d11737be0c1fcb9f61
Sha256: d0524453b0a6fa6e5f2d2065e3584f4f30c49baf393944cba71992f022c3f4b5
                                        
                                            GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
age: 442082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35959)
Size:   7776
Md5:    5aa2d3297bdc86bc81322aedecbb5e79
Sha1:   1c0a3c007e41726e167e79b70ddea76198650884
Sha256: feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
                                        
                                            GET /img/icon18_email.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:21 GMT
expires: Tue, 06 Dec 2022 14:19:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 01:54:20 GMT
age: 468994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 13\012- data
Size:   164
Md5:    36b9f993db1b953f3b9b08040aaf9af4
Sha1:   18248661b307586dc291fd2dff4bb59cf7579475
Sha256: 1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
                                        
                                            GET /_m8Mg90EUVS0/SjD90Pk4PnI/AAAAAAAABnc/esxbRjAqIBQ/w72-h72-p-k-no-nu/xale+em+croche+de+grampo+2.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="xale em croche de grampo 2.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3156
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v677"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3156
Md5:    9120c92abb0ecfc91fec892cf44ece0c
Sha1:   0dc36d44ec7950a0fa2dc422579a457ae123bcbb
Sha256: b92fc93b7e7dbf0d7c0e0c32450d365607eb36d954583df2a780a2ac4a694d7e
                                        
                                            GET /_m8Mg90EUVS0/TI1_lolCowI/AAAAAAAAF2c/7BiRuKETwMw/S220-s80/Eu..jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Eu..jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2056
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1767"
Age: 24


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 44x80, components 3\012- data
Size:   2056
Md5:    0bfba6a35dabf71aec3c782b86731469
Sha1:   a51101dd44153ed3b7be8279b4374942347d55e5
Sha256: 0fc70879cf4aac3faa27b62d69eec107d9f107243b24e9c7254d0ef3368ac759
                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:01 GMT
expires: Tue, 06 Dec 2022 14:19:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 19:53:31 GMT
age: 469014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18\012- data
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 05 Dec 2022 00:35:55 GMT
expires: Mon, 05 Dec 2022 00:35:55 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1279)
Size:   20984
Md5:    7ac44ef24e267df17ff72f195b252806
Sha1:   62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
                                        
                                            GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1 
Host: translate.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         216.58.211.14
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Dec 2022 00:35:55 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

                                        
                                            GET /_m8Mg90EUVS0/TOgbnnkH-bI/AAAAAAAAGXY/o9rRBn4pUCw/S250/SELO%2BQUE%2BGANHEI%2BDO%2BBLOG%2BIDENTIDADE%2BPELO%2BPLANETA..jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="SELO QUE GANHEI DO BLOG IDENTIDADE PELO PLANETA..jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 25132
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1976"
Age: 24


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 206x250, components 3\012- data
Size:   25132
Md5:    e816d8e321d60c8b7b752199c51241af
Sha1:   35fb9c8137fc66041a4d0fa10d0887ba94bdeb4a
Sha256: fbd0f3c3fae70451459b12813626182451dc77888735194d1e233d91fdba15c1
                                        
                                            GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
age: 499946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56726
Md5:    1217c8e34acb09c7cea97bae4d386ea1
Sha1:   55ee17703d0a7710943e93913bacb49220d98b4b
Sha256: c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: tricocrocheetcetal.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/search/label/VESTIDOS

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Mon, 12 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 04 Dec 2022 21:56:58 GMT
Age: 24


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /-E0WtYgSRN9U/UYgwb6lSa2I/AAAAAAAAJ5M/m0x5n-m68Xw/s379/minha%2Bamiga%2Boculta%2Bda%2Bgang.%253B%253B%253B%253B%253B.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="minha amiga oculta da gang.;;;;;.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 43769
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2794"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 284x379, components 3\012- data
Size:   43769
Md5:    e88351626742f1b98260d71fff17f08d
Sha1:   5f159764689943be1d3ee3034b9d6e30b89a3e14
Sha256: 5e2cb2788131f5e7308277f98427dce3109cb191b3832fde335e0d9e1c57d844
                                        
                                            GET /-QcE6MsOpcKY/Vnp6ohWZzDI/AAAAAAAAHAI/z9-SElVIObo/s72-c/20151216_112914.jpg HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.97
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="20151216_112914.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1391
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1c03"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   1391
Md5:    3f740fa3b5be449d28a6b960ce5fc4c8
Sha1:   542dd1bbafe75be01d6dcfd78f5b7b1922d12bb3
Sha256: ef024da657bee529887fabf3e3566c4a4e7b14cc17d9c5b3360d74af8f1c18cf
                                        
                                            GET /-XRWSS01wL1o/TyMpsju8PpI/AAAAAAAAJLQ/93s3lbRCFvM/s300/selo-com-texto.gif HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 403 Forbidden
Content-Type: image/png
                                        
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 1017
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   1017
Md5:    969e595182a947c7fdaaef4a34401760
Sha1:   390d35939d67b781893925474d5f9f7919058a5f
Sha256: 6c5d650b05794f0ef093ee85e3507023162c4dddcbdd9ed34002b82bb567d8f7
                                        
                                            GET /_m8Mg90EUVS0/Sn9epOwRxmI/AAAAAAAACjQ/LNIHmq_F0_A/s400/vestido+lindinho.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido lindinho.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 25144
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 293x400, components 3\012- data
Size:   25144
Md5:    fe007c792990c50bccea141fb995cee6
Sha1:   c5c1578161e53802b20f886969d607f7a80c1972
Sha256: 0c753144fc86664afa5bdd327618fda4e50307a8f483b4ef14f29c43ecfed5b6
                                        
                                            GET /_m8Mg90EUVS0/TJM8bFeYnXI/AAAAAAAAF3s/udZq9KA50cs/S250/nossa+foto.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="nossa foto.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 17540
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v177b"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 188x250, components 3\012- data
Size:   17540
Md5:    6018c432d9b80d53d97e88e42fd4b82b
Sha1:   78a4e45c355e7ae590ac37767f32209f0b042802
Sha256: 68f865c9694d2d8c91ca41a29744e10757a237cb8951132a16d312ce8b2d79c3
                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.66
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 04 Dec 2022 10:29:51 GMT
Expires: Sun, 18 Dec 2022 10:29:51 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 50764


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.217.21.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:47:40 GMT
expires: Wed, 29 Nov 2023 19:47:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
age: 449295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   57794
Md5:    813b15c3004464f6bd39fd0773b04757
Sha1:   bd2218fe1e647f61132aad70d29cd91fd0416f26
Sha256: 446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
                                        
                                            GET /_m8Mg90EUVS0/Sm-s1r0GHXI/AAAAAAAACWU/fXr7qrHXKM8/w72-h72-p-k-no-nu/sapato+pronto+no+p%C3%A9.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sapato pronto no p_.jpg";filename*=UTF-8''sapato%20pronto%20no%20p%C3%A9.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2910
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2910
Md5:    f46e937c3534cc1a196e436648db0cc1
Sha1:   d6fcfa1838cdaa2772566359636d61cc8e922b4a
Sha256: 7ff7f4de7c9905f04de69a6db8919342e9a62b710af92f5e43968ffe9cac8b28
                                        
                                            GET /empty.gif HTTP/1.1 
Host: dl3.glitter-graphics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.4.70.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
ETag: "3553513617"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 67
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0


--- Additional Info ---
Magic:  GIF image data, version 89a, 10 x 10\012- data
Size:   67
Md5:    27f18e003c57386f21ebae558a76e8fa
Sha1:   f2679e2214077903efe5591b900e8c3cad70b0a1
Sha256: d36c2582bc9c9c3689797a276c9c6358dc5217a89291aa0772d4f3ec12eda0f5
                                        
                                            GET /-5UJMQSdzp2w/U8uORcUPCnI/AAAAAAAAVmM/X9jN-qCxNOM/s72-c/bean-+bag1.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.65
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="bean- bag1.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3546
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:35:31 GMT
expires: Tue, 06 Dec 2022 00:35:31 GMT
cache-control: public, max-age=86400, no-transform
etag: "v5663"
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3546
Md5:    5e0f5bf40868aebc1184c46bb7c33bf2
Sha1:   980496e8922672958e6b3add636135274b738631
Sha256: 71481136ac49e4745f537219bfc875cc7b1d95e1d5c76df7cd03d463d9ba934a
                                        
                                            GET /_m8Mg90EUVS0/Sn9hf7SGJ3I/AAAAAAAACjo/e5bfwloN5Og/s400/vestido+gracioso.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido gracioso.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 37844
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Age: 24


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 279x400, components 3\012- data
Size:   37844
Md5:    0519ca6443fa766772297cf53ce3e94a
Sha1:   08adb2788474792d0953aec7c9f223c3add86672
Sha256: 23321bf7f0cb8883d69c225b0ada250f17dc6bcd386a8fa7a582c9d7ad17c52d
                                        
                                            GET /_m8Mg90EUVS0/Sznk7_vkFbI/AAAAAAAAENg/sdyKe3DCgDw/s400/meu+vestido+xadrez+de+perto.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="meu vestido xadrez de perto.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 43044
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v10d8"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google, copyright=COPYRIGHT, 2009], baseline, precision 8, 400x300, components 3\012- data
Size:   43044
Md5:    a1cec664abfc50dd222bff0c00e23e5a
Sha1:   4dedd6f1a7913ad3f03e0ebecf7a3556c34931a1
Sha256: 727ff43e961e8133f7e53073151552ba3841870457462d5fc09a1f381a557dfa
                                        
                                            GET /_m8Mg90EUVS0/Sn9f-lO7kPI/AAAAAAAACjY/mNIs9ghwo7s/s400/vestido_buzios.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido_buzios.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 46530
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 278x400, components 3\012- data
Size:   46530
Md5:    d260074e082f2746739ae67592e7eab3
Sha1:   66899ff314054b508c2d1d654e0ce528450b4cd4
Sha256: 2e99d619c7a00e4d1b608a28cabda7fb431115bd5fbc77aa7855882cfe1d40e4
                                        
                                            GET /blogblog/data/1kt/watermark/post_background_birds.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 103
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 16:18:33 GMT
expires: Tue, 06 Dec 2022 16:18:33 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 17:52:28 GMT
age: 461842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 10 x 10, 8-bit colormap, non-interlaced\012- data
Size:   103
Md5:    7928cb1e4fb733117a1479c289f29d92
Sha1:   bd1bbe65951f64f44ec85910877dabd35c6dbc07
Sha256: 8a44923efeda7708df28a77f7e01bb10be3831d112891172950fe8c2d6b2566e
                                        
                                            GET /_m8Mg90EUVS0/TN3CbhOwY6I/AAAAAAAAGN8/qQMmSHXON7s/S250/selo-vila-artesao-vertical.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="selo-vila-artesao-vertical.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 58652
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v18df"
Age: 24


--- Additional Info ---
Magic:  PNG image data, 147 x 209, 8-bit/color RGBA, non-interlaced\012- data
Size:   58652
Md5:    5a19dc10adbc6bf1d042d32b8e952355
Sha1:   caa20768e55a939f41acd4d607c80971e8dce48f
Sha256: 2f3beb5b376f56e2da50ef1623b448575cc1aeec433abba0d286a32cc1461e5b
                                        
                                            GET /img/share_buttons_20_3.png HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:28:12 GMT
expires: Tue, 06 Dec 2022 17:28:12 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 14:52:29 GMT
age: 457663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   5080
Md5:    ad9999106d5f550920b586e8e1704e5a
Sha1:   93fd02c51166402a41f96509cd0ca3fb917877dd
Sha256: 3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
                                        
                                            GET /-6ys-gGHfMxw/UYgrboXJ0sI/AAAAAAAAJ3Q/VPd-AIuaUtM/s300/Millene%2Be%2BPrsicila...jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Millene e Prsicila...jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 30194
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4059"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 300x282, components 3\012- data
Size:   30194
Md5:    27516b9c39fb04cedc345c744ee7774c
Sha1:   d35850772632633217080cf3595c7ee74bcb5b8e
Sha256: 2f9537b5326b0fe7ea847028cd6adf9258d053c52a8c8bd05d08e2481f1bfdd6
                                        
                                            GET /_m8Mg90EUVS0/Sn9btBNwgbI/AAAAAAAACiw/i_1YR6OJnJM/s400/vestido+branco.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido branco.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 39383
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 286x400, components 3\012- data
Size:   39383
Md5:    6bc6df892b58bdd9e676f43e01f9b159
Sha1:   6799714e6c10a11aa375f00fa0e2acb06c4d9ee3
Sha256: 79baf798c7fdebc837e60b51c32f4552f0773a5c3fbab260c348c5368f88a6e0
                                        
                                            GET /_m8Mg90EUVS0/Sz1SFA2kfOI/AAAAAAAAERw/t9FRpGrzbdA/S226/brasil+bate+cora%C3%A7%C3%A3o.gif HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /hearty/l.gif HTTP/1.1 
Host: text.glitter-graphics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.4.70.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
ETag: "2583434261"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2543
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 43\012- data
Size:   2543
Md5:    bc442e4c87564a16e3fdba8182f1e025
Sha1:   cb08c41f3571c8ae951fb744ba70abec3586dd18
Sha256: b499e45fa2d241f9e5007c07a530c74612b59ab8846af11c4eeeaa64f38aa512
                                        
                                            GET /hearty/z.gif HTTP/1.1 
Host: text.glitter-graphics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.4.70.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
ETag: "152884244"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2803
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0


--- Additional Info ---
Magic:  GIF image data, version 89a, 27 x 29\012- data
Size:   2803
Md5:    ab419263fd23adabfb6c338c303e45d6
Sha1:   a654d9505f99ac436bccff363a0b97b1a71b4b2c
Sha256: 3af6a962b3761251b465fb8fbf706795e922863a1a783d366c2926c99e56be6e
                                        
                                            GET /hearty/c.gif HTTP/1.1 
Host: text.glitter-graphics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.4.70.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
ETag: "3284456469"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2728
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0


--- Additional Info ---
Magic:  GIF image data, version 89a, 23 x 31\012- data
Size:   2728
Md5:    3181fab9b7a60adde1c3b07d9ce78bb0
Sha1:   ad73dd310ca7f441e59953e68ee512fd746311fe
Sha256: 3aadf8ff9198626b7c395d6cb644e8cbbf3a31544d6b79b5126b3853fe545f91
                                        
                                            GET /_m8Mg90EUVS0/SoyoSHu2cCI/AAAAAAAACoU/Sk5a4KiKAg8/w72-h72-p-k-no-nu/cestinhos+de+croche+endurecido.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="cestinhos de croche endurecido.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3454
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3454
Md5:    e11bd4b08f59141240a1cc0e95c6ec2a
Sha1:   d612abd8912462cbb0fca26cd00b22082f765468
Sha256: 9a34acdc0892fb1236c219dab2c52340c6d6a7c4e5328682e91dc0200426f634
                                        
                                            GET /hearty/a.gif HTTP/1.1 
Host: text.glitter-graphics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.4.70.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
ETag: "4136932373"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2818
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0


--- Additional Info ---
Magic:  GIF image data, version 89a, 27 x 31\012- data
Size:   2818
Md5:    6345645471bb925e53cd01c9a8d03993
Sha1:   0536a4dd6efe3113f43c82ca84ab829de3c7e288
Sha256: a54dd458cec60dbf719755db3e4af06079740dcaaccc9f75cada133dc1649a00
                                        
                                            GET /_m8Mg90EUVS0/TAqkKrN62RI/AAAAAAAAFM8/B1Za1wUbT9U/w72-h72-p-k-no-nu/P1011341.JPG HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="P1011341.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2508
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v14cf"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2508
Md5:    b06e1b4df20b860ffd4b00452fe147ca
Sha1:   655d450a68729f96d9239034dad98f2cebac4f27
Sha256: 3510bb0ec8881d852f57eb00df4561262f9ee03656200214b029adec98a189d5
                                        
                                            GET /hearty/u.gif HTTP/1.1 
Host: text.glitter-graphics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.4.70.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
ETag: "1452577812"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2818
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0


--- Additional Info ---
Magic:  GIF image data, version 89a, 31 x 30\012- data
Size:   2818
Md5:    4e3640c898573e301c759e03cb510679
Sha1:   003b6264640756000f01612d068b018b54c11f59
Sha256: f58601d9c2f9493c4f15e3556ab4ff43421bd36d02ab708cc1af9eb36fd5be5e
                                        
                                            GET /hearty/i.gif HTTP/1.1 
Host: text.glitter-graphics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         46.4.70.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
ETag: "2953057301"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2512
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 46\012- data
Size:   2512
Md5:    376f02b3848369339ccb93dbeb3914b0
Sha1:   cdb8e21ce40596e9980fb6508eaf3c38923a9f34
Sha256: 08b277246cc1465bc222987094e63dd9b4077c57965e6a08e72dd06ddd4f4922
                                        
                                            GET /_m8Mg90EUVS0/SgnIM60eB_I/AAAAAAAAA7k/6yT4BqAF16o/s400/boneca+com+cestinha+de+la.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="boneca com cestinha de la.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 29034
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v28ae"
Age: 23


--- Additional Info ---
Magic:  GIF image data, version 89a, 219 x 251\012- data
Size:   29034
Md5:    aba7c64178b2095e55433885d45e39bb
Sha1:   634ef2cc3f06fa11b4b4617da217881802d89f41
Sha256: 0b39f11438fd8378f1c12a4616f9e475d2b8027de85b872b260af44aa8d364a2
                                        
                                            GET /-IrsJhdGxlkc/U0C9Dsp2_CI/AAAAAAAAEeY/WsaESoJrKDk/s72-c/tercera+fiesta+001.JPG HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="tercera fiesta 001.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3172
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11f0"
Age: 24


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3172
Md5:    0d2f9ebd933cb5056e2efb4fa195b34e
Sha1:   8839bfaaa84f7159e3ecce6735f806668f5b8c99
Sha256: 55ce204b718f24b6e5a666a97c3f72204fbc09399dc3215565d22dcda1aea728
                                        
                                            GET /-2_z8qRpleak/X6w6NKo5D9I/AAAAAAABKpA/nT9Vpaz1-lsVMAGn7zObFGeF2t0eo87FgCPcBGAsYHg/s72-c/IMG_20201107_163931643%257E2.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.65
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
etag: "v12a90"
expires: Tue, 06 Dec 2022 00:35:55 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20201107_163931643~2.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:35:55 GMT
server: fife
content-length: 3396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3396
Md5:    780fa7444ab2dcc7d801bf0ee2a0e90e
Sha1:   3d18bcbe74d127e7767b7a300a5c78ee920482e5
Sha256: f5568a5cb2d8a56ce47a2ab8775325f49716182347b5ad7c2c12df47e0bdda90
                                        
                                            GET /_6XTToLOjoOo/SZNgh7TgmOI/AAAAAAAAAYs/R7KHbyEi5DM/s72-c/Selo_da_Rose.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.65
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Selo_da_Rose.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2868
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:35:55 GMT
expires: Thu, 24 Nov 2022 14:34:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v18b"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2868
Md5:    5e1e957221315c44ed5dd5b88a2392bd
Sha1:   c58fe162f04389668b4e4a219a9ec5b544594c44
Sha256: 93e0f01efbf5d6fb11bd28ea626d0b98d10f0cc9d0fb7ed918ccb745bfd26968
                                        
                                            GET /-4gnW9NPr3LA/UxtbsoF4_zI/AAAAAAAAQE0/e6hc5C--Svg/s72-c/meus+carteiras+com+caixinha+de+leite..jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="meus carteiras com caixinha de leite..jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3988
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4f72"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3988
Md5:    15de869e302983f338cfcf79cbfb20b8
Sha1:   ab5a6edb6dc8513fd41b8ac638e76472bb31c8de
Sha256: c47f1ef229e87541d24e2366068082cc93fde1ac9d4c1d7f448820c69fca29d5
                                        
                                            GET /-PWzw4GrCwQ8/UnKR3xUi3gI/AAAAAAAAEcg/TYaziQhuIOc/s72-c/Foto0722.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Foto0722.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4713
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11c9"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4713
Md5:    5ee4861d9c18582049fdbcd363a8e95a
Sha1:   1f8e9253f25d5f1b62ec2e8d49d27a47d7875909
Sha256: f89a89056d846277a54a6ce5489449a385ac313ae82540307ad41ccab570c01f
                                        
                                            GET /-7QbwRz7UQW8/Ue9AOHL20MI/AAAAAAAAQlg/PK7UuhVpMSw/s72-c/00.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="00.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4936
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:55 GMT
Expires: Tue, 29 Nov 2022 05:06:43 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v466f"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4936
Md5:    e988516466c9bd96abdf6e0a539b11eb
Sha1:   d8a906d51446f7fd1bb12a767432d0c98edcff1c
Sha256: 8e73e149267049ec2aa6065a802458ed39e36762816918e1f080a3eae9fa5bf8
                                        
                                            GET /_m8Mg90EUVS0/Sznk7SMDBdI/AAAAAAAAENY/FXwSAcov6jU/s400/meu+vestido+xadrez.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v10d6"
Expires: Tue, 06 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="meu vestido xadrez.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 49344
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google, copyright=COPYRIGHT, 2009], baseline, precision 8, 400x300, components 3\012- data
Size:   49344
Md5:    40d42d0eae22945f5ee188c461096863
Sha1:   31b87eeca6a3c7aa1551f7410d4288d3c16f6d3c
Sha256: b497853c84a8fa5f3bf81d60eeb91dfdae9cdfe11a15ec1761a0cc852dc06b6c
                                        
                                            GET /-qeLO8CRZ0zQ/UOmFBeYEFLI/AAAAAAABBWg/SS_jC7r8tQM/s72-c/flowers_byLittleWoolie_viaAndreaGuimBlog.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="flowers_byLittleWoolie_viaAndreaGuimBlog.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4953
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Sat, 03 Dec 2022 20:26:24 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 24
ETag: "v10568"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4953
Md5:    3367fa1053135c6a3a0403d0f46ea295
Sha1:   517941f6df613dfbecfd368865877391eaf995cf
Sha256: c2934d813dcf39d0e850548488dcac520621fb25eeca0e46f35ec3fcd330284e
                                        
                                            GET /_m8Mg90EUVS0/Sn9c0OEJSlI/AAAAAAAACjA/0zT0MWx09xY/s400/que+lindoo.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="que lindoo.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 42090
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Age: 24


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 316x400, components 3\012- data
Size:   42090
Md5:    0d0ee75ddf2a8527a6028ceef179f250
Sha1:   0826cbf78aba15e789cf166c3285523632b95a5e
Sha256: 05d6d929677023c7723774a8b85f40cda71dcfffb2b5058f0f90dfad9b96c2c4
                                        
                                            GET /_m8Mg90EUVS0/SjLcgCziOUI/AAAAAAAABss/YtbLSrcXv_E/w72-h72-p-k-no-nu/XALE+TEAR+DE+PREGOS.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v6cb"
Expires: Tue, 06 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="XALE TEAR DE PREGOS.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 4035
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4035
Md5:    646aa3270cfee02d73ca64261c46cbe6
Sha1:   89f4497cd283f5b3205c24bc368b943ee15acad9
Sha256: eea88b9e121a3d9d74c81893d895f25259f29226a14c0e5de47baf76d2e06aa0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /160/glitterfy-flpbk0922151354023734.gif HTTP/1.1 
Host: img34.glitterfy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/

search
                                         208.71.34.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: Apache
Last-Modified: Tue, 24 Jul 2012 22:39:53 GMT
ETag: "3230790-1f58e-4c59b0a77c4c9"
Accept-Ranges: bytes
Content-Length: 128398
Connection: close


--- Additional Info ---
Magic:  GIF image data, version 89a, 188 x 250\012- data
Size:   36426
Md5:    b84aed9b627edbaa328acb539e0631de
Sha1:   88d48cef14425b926d54a37e25cf67b803a3b520
Sha256: 971850fc27d75c5bc2ff7d8cbdb330e0eab73c91975c76d869130a1531dfefd9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 1617
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2621
Cache-Control: max-age=119677
Date: Mon, 05 Dec 2022 00:35:55 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:50:32 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: ww82.acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:35:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b; expires=Mon, 05-Dec-2022 00:50:55 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_tCbnsqLY/UVypx5WofFWvpm/IkPY5Kmo9sDbuyjepSwgL/3KP64Tid63G+TZt4X/adQAn1cufOItJ1i3VDbMWA==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1552), with no line terminators
Size:   1110
Md5:    914c3b432b6a8f0d0ef55056357e790c
Sha1:   8acc38eed67166c855fada6d78bb26f0dede5120
Sha256: ca35b5d2116c38c274115c6a1968391a29be29afe3cf9f026fc1abd64a8e2798
                                        
                                            GET /js/parking.2.100.2.js HTTP/1.1 
Host: ww82.acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Last-Modified: Mon, 14 Nov 2022 17:46:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (65536), with no line terminators
Size:   22285
Md5:    239c79e8ead12ade233b4b98f3a1d68d
Sha1:   ebb33fbc73ffa07c517270874bef61576c7aecf6
Sha256: 148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Dacp+BadyZCeeTUZTlS96g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MX9PM+P0vPIjgo2NcSode9wlR0k=

                                        
                                            POST /_fd HTTP/1.1 
Host: ww82.acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.acessoriosparablogs.com.br/
Content-Type: application/json
Origin: http://ww82.acessoriosparablogs.com.br
Connection: keep-alive
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b
Content-Length: 0

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: openresty
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Dec 2022 00:35:56 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b; expires=Mon, 05-Dec-2022 00:50:56 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (693), with no line terminators
Size:   487
Md5:    8b46029c48e4bf88c132e25360dd5bf5
Sha1:   2526efe6e56b5e0d7c60a75b22c5fd6b18469033
Sha256: abac071635ea41aa35bee51b396523d493305fd8ab03510e25450b04a36da8f2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /px.gif?ch=1&rn=10.658161007290209 HTTP/1.1 
Host: ww82.acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /px.gif?ch=2&rn=10.658161007290209 HTTP/1.1 
Host: ww82.acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ww82.acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-22.ec2.internal
Accept-Ranges: bytes

                                        
                                            POST /_zc HTTP/1.1 
Host: ww82.acessoriosparablogs.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.acessoriosparablogs.com.br/
Content-Type: application/json
Origin: http://ww82.acessoriosparablogs.com.br
Content-Length: 2265
Connection: keep-alive
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: openresty
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Dec 2022 00:35:56 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b; expires=Mon, 05-Dec-2022 00:50:56 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   168
Md5:    13f76040c6a87b2184386b0955ae354f
Sha1:   53bb86b25b49c6bfb2622166015ba27bf3102a3d
Sha256: b39094f15c3ec1fe8416a3be3bea4c9a46c67568bfc8fd522377662022192039

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 31030
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10031
Md5:    bb029b41d342a82250aef6d6f713be6e
Sha1:   cd754bb6094d2e456b95dce8daace45a0de8a121
Sha256: c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CYvQg9Tc0rQB9_DoDW4RoLx2GEdMSEaXViCY3qXbijd0P5mMSZWE6Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:35:27 GMT
age: 75630
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12830
Md5:    5d72fb8d20c29763234c2817b119d11b
Sha1:   d4924ec714f5157bcb2fddcb5f768188a3dd37dc
Sha256: e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hEiLpBd0Tubj3-Wgqh_jpK6XEekyrHfuQxpVD_JLlNSAQj41XK_1EA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:15 GMT
age: 9822
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6430
Md5:    3c36448c65274ebbe1eb21e3bf02385e
Sha1:   e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28
Sha256: 6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 08:10:52 GMT
age: 59105
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7853
Md5:    dafdb4fe91795a9e16baebb085ccd818
Sha1:   f5ed5d03e6969f81349ad78fde0e71390a4ed391
Sha256: f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _nGZrHCvmP-EKAQG20l1ayIftZ4spFGPuG--vyTpMhbNa9L3pIWhCA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
age: 10048
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3707
Md5:    d7bde76a4dbab17f37747e7da55ad924
Sha1:   56ee7aa6cf94570b1218ef6e767a7036d0b8900f
Sha256: bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6133
x-amzn-requestid: d2c60baf-1d2e-4b1f-9c08-2adf0aa458a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXHcPIAMFl5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-3ddc6f0428790a9d5f253825;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HVO2yJJggGy-dou69DXIb254DYhzLj31b9-lyIOyIvQAQGGqQfmSSg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:42 GMT
age: 76695
etag: "b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6133
Md5:    f3d863be9bd5d072e85b8976251ce342
Sha1:   b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140
Sha256: f188fb7575c4b8662acfe2a6682559d50a12430c116605391dd77257bc11a60b
                                        
                                            GET /?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue HTTP/1.1 
Host: iyfbodn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Upgrade-Insecure-Requests: 1

search
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:35:57 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_kbUZrheki4P9b0r9lRtINOK70GgyEo6hPw95RULRoFJHmWMoYwGdVtbFRWOjjrTFui0lcE2FX+YL8VXGubCRRw==
Keep-Alive: timeout=5, max=112
Connection: Keep-Alive
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2408), with CRLF, LF line terminators
Size:   7088
Md5:    c149c451180d2a8544ae3fe33910f539
Sha1:   01103526ec0be643e043fc55a3c67f4feda8f139
Sha256: 94ea72e5f83673566308fd8e3ff7b270901b95da0abda4bbc814fecb4d77e6a0
                                        
                                            GET /px.js?ch=1 HTTP/1.1 
Host: iyfbodn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue

search
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:35:57 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (346), with no line terminators
Size:   346
Md5:    f84f931c0dd37448e03f0dabf4e4ca9f
Sha1:   9c2c50edcf576453ccc07bf65668bd23c76e8663
Sha256: 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
                                        
                                            GET /px.js?ch=2 HTTP/1.1 
Host: iyfbodn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue

search
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:35:57 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=118
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (346), with no line terminators
Size:   346
Md5:    f84f931c0dd37448e03f0dabf4e4ca9f
Sha1:   9c2c50edcf576453ccc07bf65668bd23c76e8663
Sha256: 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
                                        
                                            GET /__media__/js/min.js?v2.3 HTTP/1.1 
Host: i3.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/

search
                                         23.33.119.25
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Wed, 22 Sep 2021 05:16:02 GMT
ETag: "614abc12-20f3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=79987
Expires: Mon, 05 Dec 2022 22:49:04 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Content-Length: 3050
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8349), with CRLF line terminators
Size:   3050
Md5:    683b827c961eb1a55ae52a5c42524a13
Sha1:   a1c0b96af389b99124cb42f1730d2dcb0f3dc3f4
Sha256: 58e12a35c892e412e904c69e12d13915c07afb320633925f41a493ebfc2ee053
                                        
                                            GET /__media__/pics/29590/bg1.png HTTP/1.1 
Host: i3.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/

search
                                         23.33.119.25
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Content-Length: 17986
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
ETag: "6380b223-4642"
Accept-Ranges: bytes
Cache-Control: public, max-age=65423
Expires: Mon, 05 Dec 2022 18:46:20 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 1730 x 988, 4-bit colormap, non-interlaced\012- data
Size:   17986
Md5:    825ccd29ac102fcadaf92b2343d5917b
Sha1:   24472e766cfac5b82a73b219796556a0a3702bd6
Sha256: 0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
                                        
                                            GET /__media__/pics/28905/arrrow.png HTTP/1.1 
Host: i3.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/

search
                                         23.33.119.25
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Content-Length: 283
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
ETag: "61d45d4b-11b"
Accept-Ranges: bytes
Cache-Control: public, max-age=19746
Expires: Mon, 05 Dec 2022 06:05:03 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 17 x 27, 8-bit colormap, non-interlaced\012- data
Size:   283
Md5:    80d42c82a6c37da90210fd60a2f36128
Sha1:   554ba7c84d2a27ecf3b1f29d03e62101936b54d8
Sha256: a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
                                        
                                            GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1 
Host: i3.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfbodn.com
Connection: keep-alive
Referer: http://iyfbodn.com/

search
                                         23.33.119.25
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Content-Length: 17264
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "600809b7-4370"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 17264, version 2.1\012- data
Size:   17264
Md5:    a43b107861b42ce1335e41e43d4e4d00
Sha1:   99bdb1cec4a68ebe29249c46fefefb6880d009e5
Sha256: a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2
                                        
                                            GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1 
Host: i3.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfbodn.com
Connection: keep-alive
Referer: http://iyfbodn.com/

search
                                         23.33.119.25
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Content-Length: 17312
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "600809b7-43a0"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 17312, version 2.1\012- data
Size:   17312
Md5:    bebe201d813feaad85a3e66607d0da3a
Sha1:   28b049502afa8e9db5340c1a92400591b39870e8
Sha256: 58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: iyfbodn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue

search
                                         208.91.196.46
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 05 Dec 2022 00:35:58 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
ntCoent-Length: 10
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Cache-Control: private
Content-Encoding: gzip
Content-Length: 30


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    c4609c83d6054d974c265b208bdc2a21
Sha1:   7e963e7185900347babd1f2797312c0ca21fa4ae
Sha256: 6cd85e3008758f2e06eeff9efdf9b4ad2981f6654f87918d155b0aced68d959a
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 05 Dec 2022 00:35:56 GMT
expires: Mon, 05 Dec 2022 00:35:56 GMT
cache-control: private, max-age=3600
etag: "16357369056098493250"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---