tricocrocheetcetal.blogspot.de/search/label/VESTIDOS
172.217.21.161302 Moved Temporarily 197 B URL HTTP/1.1 tricocrocheetcetal.blogspot.de/search/label/VESTIDOS
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 245e662fd7c39decbb0e34ef8ff633f9
b128298c0a0669236a4cc391195b9495af10a183
70ecbc6f11473808e0f5fb891ccc4d17d5201ca41f9834807b66d3740f1c6aaa
Analyzer Verdict Alert fortinet Malware
GET /search/label/VESTIDOS HTTP/1.1
Host: tricocrocheetcetal.blogspot.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://tricocrocheetcetal.blogspot.com/search/label/VESTIDOS
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 00:35:54 GMT
Expires: Mon, 05 Dec 2022 00:35:54 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 197
Server: GSE
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 05 Dec 2022 04:37:09 GMT
Date: Mon, 05 Dec 2022 00:35:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2627
Cache-Control: max-age=124750
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:54 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:15:04 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 00:20:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 944
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2409
Expires: Mon, 05 Dec 2022 01:16:03 GMT
Date: Mon, 05 Dec 2022 00:35:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0TcS384fFFtwbAkl5OIlHKy+QifvgVeIPOXOdyTZMvh/9Ew2udutvllj0Gq16oORxeUBNYL4LSU=
x-amz-request-id: YWJTD3QTZN181VMA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 23:47:10 GMT
age: 2924
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:35:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tricocrocheetcetal.blogspot.com/search/label/VESTIDOS
172.217.21.161200 OK 30 kB URL HTTP/1.1 tricocrocheetcetal.blogspot.com/search/label/VESTIDOS
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2754), with CR, LF line terminators
Hash d3e47793d627f0092a6a3deb7f08367e
304bdf85701f2f61f2eb1f589cb8620a8e192ade
2eaa3fb9ade5f9e67529fe61d8d80d49aada01c93c2853ee06aa04fe1c4d062e
Analyzer Verdict Alert fortinet Malware
GET /search/label/VESTIDOS HTTP/1.1
Host: tricocrocheetcetal.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Mon, 05 Dec 2022 00:35:54 GMT
Date: Mon, 05 Dec 2022 00:35:54 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 25 Nov 2022 12:15:30 GMT
ETag: W/"b3c226801ff9dac855d0cbc7451831788801f70a200571bba05432da53e53207"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 30289
Server: GSE
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.66200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (3577)
Hash 8370cbaca62d11e3e508e6d57ed7e718
5f798fefeb0fdb223828111783968e0faf4894e6
a6880acfe9add094dfe0fce1f32f3b5a9ac2b32b1bd7a8b75ffefe2b1e3a23ed
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Mon, 05 Dec 2022 00:35:55 GMT
Expires: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 1870728659742758671
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36160
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1e5e51fbc58282a2410de240a13bac3d
03e7151c23e4ed5efc5a4415fc5dcb01f0d5e019
ad20d69cf3f84ec6bee56a570acbce60d0ade6bdf201397a1de2417fed11b3fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
acessoriosparablogs.com.br/scripts/neve.js
46.8.8.100200 OK 59 B URL HTTP/1.1 acessoriosparablogs.com.br/scripts/neve.js
IP 46.8.8.100:0
Hash 839736f5d5855469a58b6fc556cd250c
137297c4dab78e4c5c4a15d11737be0c1fcb9f61
d0524453b0a6fa6e5f2d2065e3584f4f30c49baf393944cba71992f022c3f4b5
GET /scripts/neve.js HTTP/1.1
Host: acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Set-Cookie: sv=1; Domain=acessoriosparablogs.com.br; Expires=Tue, 05 Dec 2023 00:35:55 GMT; Max-Age=300
Date: Mon, 05 Dec 2022 00:35:55 GMT
Content-Length: 59
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 442082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_email.gif
216.58.207.233200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:21 GMT
expires: Tue, 06 Dec 2022 14:19:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 01:54:20 GMT
content-type: image/gif
age: 468994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/_m8Mg90EUVS0/SjD90Pk4PnI/AAAAAAAABnc/esxbRjAqIBQ/w72-h72-p-k-no-nu/xale+em+croche+de+grampo+2.jpg
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 3.bp.blogspot.com/_m8Mg90EUVS0/SjD90Pk4PnI/AAAAAAAABnc/esxbRjAqIBQ/w72-h72-p-k-no-nu/xale+em+croche+de+grampo+2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9120c92abb0ecfc91fec892cf44ece0c
0dc36d44ec7950a0fa2dc422579a457ae123bcbb
b92fc93b7e7dbf0d7c0e0c32450d365607eb36d954583df2a780a2ac4a694d7e
GET /_m8Mg90EUVS0/SjD90Pk4PnI/AAAAAAAABnc/esxbRjAqIBQ/w72-h72-p-k-no-nu/xale+em+croche+de+grampo+2.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="xale em croche de grampo 2.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3156
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v677"
Content-Type: image/jpeg
Age: 23
4.bp.blogspot.com/_m8Mg90EUVS0/TI1_lolCowI/AAAAAAAAF2c/7BiRuKETwMw/S220-s80/Eu..jpg
142.250.74.65200 OK 2.1 kB URL HTTP/1.1 4.bp.blogspot.com/_m8Mg90EUVS0/TI1_lolCowI/AAAAAAAAF2c/7BiRuKETwMw/S220-s80/Eu..jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 44x80, components 3\012- data
Hash 0bfba6a35dabf71aec3c782b86731469
a51101dd44153ed3b7be8279b4374942347d55e5
0fc70879cf4aac3faa27b62d69eec107d9f107243b24e9c7254d0ef3368ac759
GET /_m8Mg90EUVS0/TI1_lolCowI/AAAAAAAAF2c/7BiRuKETwMw/S220-s80/Eu..jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Eu..jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2056
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1767"
Content-Type: image/jpeg
Age: 24
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:01 GMT
expires: Tue, 06 Dec 2022 14:19:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 19:53:31 GMT
content-type: image/gif
age: 469014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 05 Dec 2022 00:35:55 GMT
expires: Mon, 05 Dec 2022 00:35:55 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14301 Moved Permanently 0 B URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Dec 2022 00:35:55 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
4.bp.blogspot.com/_m8Mg90EUVS0/TOgbnnkH-bI/AAAAAAAAGXY/o9rRBn4pUCw/S250/SELO%2BQUE%2BGANHEI%2BDO%2BBLOG%2BIDENTIDADE%2BPELO%2BPLANETA..jpg
142.250.74.65200 OK 25 kB URL HTTP/1.1 4.bp.blogspot.com/_m8Mg90EUVS0/TOgbnnkH-bI/AAAAAAAAGXY/o9rRBn4pUCw/S250/SELO%2BQUE%2BGANHEI%2BDO%2BBLOG%2BIDENTIDADE%2BPELO%2BPLANETA..jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 206x250, components 3\012- data
Hash e816d8e321d60c8b7b752199c51241af
35fb9c8137fc66041a4d0fa10d0887ba94bdeb4a
fbd0f3c3fae70451459b12813626182451dc77888735194d1e233d91fdba15c1
GET /_m8Mg90EUVS0/TOgbnnkH-bI/AAAAAAAAGXY/o9rRBn4pUCw/S250/SELO%2BQUE%2BGANHEI%2BDO%2BBLOG%2BIDENTIDADE%2BPELO%2BPLANETA..jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="SELO QUE GANHEI DO BLOG IDENTIDADE PELO PLANETA..jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 25132
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1976"
Content-Type: image/jpeg
Age: 24
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 499946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tricocrocheetcetal.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 tricocrocheetcetal.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: tricocrocheetcetal.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/search/label/VESTIDOS
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Mon, 12 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 04 Dec 2022 21:56:58 GMT
Content-Type: text/javascript
Age: 24
4.bp.blogspot.com/-E0WtYgSRN9U/UYgwb6lSa2I/AAAAAAAAJ5M/m0x5n-m68Xw/s379/minha%2Bamiga%2Boculta%2Bda%2Bgang.%253B%253B%253B%253B%253B.jpg
142.250.74.65200 OK 44 kB URL HTTP/1.1 4.bp.blogspot.com/-E0WtYgSRN9U/UYgwb6lSa2I/AAAAAAAAJ5M/m0x5n-m68Xw/s379/minha%2Bamiga%2Boculta%2Bda%2Bgang.%253B%253B%253B%253B%253B.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 284x379, components 3\012- data
Hash e88351626742f1b98260d71fff17f08d
5f159764689943be1d3ee3034b9d6e30b89a3e14
5e2cb2788131f5e7308277f98427dce3109cb191b3832fde335e0d9e1c57d844
GET /-E0WtYgSRN9U/UYgwb6lSa2I/AAAAAAAAJ5M/m0x5n-m68Xw/s379/minha%2Bamiga%2Boculta%2Bda%2Bgang.%253B%253B%253B%253B%253B.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="minha amiga oculta da gang.;;;;;.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 43769
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2794"
Content-Type: image/jpeg
Age: 23
lh3.googleusercontent.com/-QcE6MsOpcKY/Vnp6ohWZzDI/AAAAAAAAHAI/z9-SElVIObo/s72-c/20151216_112914.jpg
142.250.74.97200 OK 1.4 kB URL HTTP/1.1 lh3.googleusercontent.com/-QcE6MsOpcKY/Vnp6ohWZzDI/AAAAAAAAHAI/z9-SElVIObo/s72-c/20151216_112914.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3f740fa3b5be449d28a6b960ce5fc4c8
542dd1bbafe75be01d6dcfd78f5b7b1922d12bb3
ef024da657bee529887fabf3e3566c4a4e7b14cc17d9c5b3360d74af8f1c18cf
GET /-QcE6MsOpcKY/Vnp6ohWZzDI/AAAAAAAAHAI/z9-SElVIObo/s72-c/20151216_112914.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="20151216_112914.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1391
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1c03"
Content-Type: image/jpeg
Age: 23
4.bp.blogspot.com/-XRWSS01wL1o/TyMpsju8PpI/AAAAAAAAJLQ/93s3lbRCFvM/s300/selo-com-texto.gif
142.250.74.65403 Forbidden 1.0 kB URL HTTP/1.1 4.bp.blogspot.com/-XRWSS01wL1o/TyMpsju8PpI/AAAAAAAAJLQ/93s3lbRCFvM/s300/selo-com-texto.gif
IP 142.250.74.65:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 969e595182a947c7fdaaef4a34401760
390d35939d67b781893925474d5f9f7919058a5f
6c5d650b05794f0ef093ee85e3507023162c4dddcbdd9ed34002b82bb567d8f7
GET /-XRWSS01wL1o/TyMpsju8PpI/AAAAAAAAJLQ/93s3lbRCFvM/s300/selo-com-texto.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 403 Forbidden
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 1017
X-XSS-Protection: 0
3.bp.blogspot.com/_m8Mg90EUVS0/Sn9epOwRxmI/AAAAAAAACjQ/LNIHmq_F0_A/s400/vestido+lindinho.jpg
142.250.74.161200 OK 25 kB URL HTTP/1.1 3.bp.blogspot.com/_m8Mg90EUVS0/Sn9epOwRxmI/AAAAAAAACjQ/LNIHmq_F0_A/s400/vestido+lindinho.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 293x400, components 3\012- data
Hash fe007c792990c50bccea141fb995cee6
c5c1578161e53802b20f886969d607f7a80c1972
0c753144fc86664afa5bdd327618fda4e50307a8f483b4ef14f29c43ecfed5b6
GET /_m8Mg90EUVS0/Sn9epOwRxmI/AAAAAAAACjQ/LNIHmq_F0_A/s400/vestido+lindinho.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido lindinho.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 25144
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Content-Type: image/jpeg
Age: 23
2.bp.blogspot.com/_m8Mg90EUVS0/TJM8bFeYnXI/AAAAAAAAF3s/udZq9KA50cs/S250/nossa+foto.jpg
142.250.74.161200 OK 18 kB URL HTTP/1.1 2.bp.blogspot.com/_m8Mg90EUVS0/TJM8bFeYnXI/AAAAAAAAF3s/udZq9KA50cs/S250/nossa+foto.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 188x250, components 3\012- data
Hash 6018c432d9b80d53d97e88e42fd4b82b
78a4e45c355e7ae590ac37767f32209f0b042802
68f865c9694d2d8c91ca41a29744e10757a237cb8951132a16d312ce8b2d79c3
GET /_m8Mg90EUVS0/TJM8bFeYnXI/AAAAAAAAF3s/udZq9KA50cs/S250/nossa+foto.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="nossa foto.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 17540
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v177b"
Content-Type: image/jpeg
Age: 23
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 04 Dec 2022 10:29:51 GMT
Expires: Sun, 18 Dec 2022 10:29:51 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 50764
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:47:40 GMT
expires: Wed, 29 Nov 2023 19:47:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 449295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_m8Mg90EUVS0/Sm-s1r0GHXI/AAAAAAAACWU/fXr7qrHXKM8/w72-h72-p-k-no-nu/sapato+pronto+no+p%C3%A9.jpg
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 2.bp.blogspot.com/_m8Mg90EUVS0/Sm-s1r0GHXI/AAAAAAAACWU/fXr7qrHXKM8/w72-h72-p-k-no-nu/sapato+pronto+no+p%C3%A9.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f46e937c3534cc1a196e436648db0cc1
d6fcfa1838cdaa2772566359636d61cc8e922b4a
7ff7f4de7c9905f04de69a6db8919342e9a62b710af92f5e43968ffe9cac8b28
GET /_m8Mg90EUVS0/Sm-s1r0GHXI/AAAAAAAACWU/fXr7qrHXKM8/w72-h72-p-k-no-nu/sapato+pronto+no+p%C3%A9.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sapato pronto no p_.jpg";filename*=UTF-8''sapato%20pronto%20no%20p%C3%A9.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2910
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Content-Type: image/jpeg
Age: 23
dl3.glitter-graphics.net/empty.gif
46.4.70.136200 OK 67 B URL HTTP/1.1 dl3.glitter-graphics.net/empty.gif
IP 46.4.70.136:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 10 x 10\012- data
Hash 27f18e003c57386f21ebae558a76e8fa
f2679e2214077903efe5591b900e8c3cad70b0a1
d36c2582bc9c9c3689797a276c9c6358dc5217a89291aa0772d4f3ec12eda0f5
GET /empty.gif HTTP/1.1
Host: dl3.glitter-graphics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "3553513617"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 67
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0
4.bp.blogspot.com/-5UJMQSdzp2w/U8uORcUPCnI/AAAAAAAAVmM/X9jN-qCxNOM/s72-c/bean-+bag1.jpg
142.250.74.65200 OK 3.5 kB URL HTTP/2 4.bp.blogspot.com/-5UJMQSdzp2w/U8uORcUPCnI/AAAAAAAAVmM/X9jN-qCxNOM/s72-c/bean-+bag1.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5e0f5bf40868aebc1184c46bb7c33bf2
980496e8922672958e6b3add636135274b738631
71481136ac49e4745f537219bfc875cc7b1d95e1d5c76df7cd03d463d9ba934a
GET /-5UJMQSdzp2w/U8uORcUPCnI/AAAAAAAAVmM/X9jN-qCxNOM/s72-c/bean-+bag1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="bean- bag1.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3546
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:35:31 GMT
expires: Tue, 06 Dec 2022 00:35:31 GMT
cache-control: public, max-age=86400, no-transform
etag: "v5663"
content-type: image/jpeg
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/_m8Mg90EUVS0/Sn9hf7SGJ3I/AAAAAAAACjo/e5bfwloN5Og/s400/vestido+gracioso.jpg
142.250.74.161200 OK 38 kB URL HTTP/1.1 3.bp.blogspot.com/_m8Mg90EUVS0/Sn9hf7SGJ3I/AAAAAAAACjo/e5bfwloN5Og/s400/vestido+gracioso.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 279x400, components 3\012- data
Hash 0519ca6443fa766772297cf53ce3e94a
08adb2788474792d0953aec7c9f223c3add86672
23321bf7f0cb8883d69c225b0ada250f17dc6bcd386a8fa7a582c9d7ad17c52d
GET /_m8Mg90EUVS0/Sn9hf7SGJ3I/AAAAAAAACjo/e5bfwloN5Og/s400/vestido+gracioso.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido gracioso.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 37844
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Content-Type: image/jpeg
Age: 24
3.bp.blogspot.com/_m8Mg90EUVS0/Sznk7_vkFbI/AAAAAAAAENg/sdyKe3DCgDw/s400/meu+vestido+xadrez+de+perto.jpg
142.250.74.161200 OK 43 kB URL HTTP/1.1 3.bp.blogspot.com/_m8Mg90EUVS0/Sznk7_vkFbI/AAAAAAAAENg/sdyKe3DCgDw/s400/meu+vestido+xadrez+de+perto.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google, copyright=COPYRIGHT, 2009], baseline, precision 8, 400x300, components 3\012- data
Hash a1cec664abfc50dd222bff0c00e23e5a
4dedd6f1a7913ad3f03e0ebecf7a3556c34931a1
727ff43e961e8133f7e53073151552ba3841870457462d5fc09a1f381a557dfa
GET /_m8Mg90EUVS0/Sznk7_vkFbI/AAAAAAAAENg/sdyKe3DCgDw/s400/meu+vestido+xadrez+de+perto.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="meu vestido xadrez de perto.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 43044
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v10d8"
Content-Type: image/jpeg
Age: 23
3.bp.blogspot.com/_m8Mg90EUVS0/Sn9f-lO7kPI/AAAAAAAACjY/mNIs9ghwo7s/s400/vestido_buzios.jpg
142.250.74.161200 OK 46 kB URL HTTP/1.1 3.bp.blogspot.com/_m8Mg90EUVS0/Sn9f-lO7kPI/AAAAAAAACjY/mNIs9ghwo7s/s400/vestido_buzios.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 278x400, components 3\012- data
Hash d260074e082f2746739ae67592e7eab3
66899ff314054b508c2d1d654e0ce528450b4cd4
2e99d619c7a00e4d1b608a28cabda7fb431115bd5fbc77aa7855882cfe1d40e4
GET /_m8Mg90EUVS0/Sn9f-lO7kPI/AAAAAAAACjY/mNIs9ghwo7s/s400/vestido_buzios.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido_buzios.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 46530
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Content-Type: image/jpeg
Age: 23
resources.blogblog.com/blogblog/data/1kt/watermark/post_background_birds.png
216.58.207.233200 OK 103 B URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/post_background_birds.png
IP 216.58.207.233:0
File type PNG image data, 10 x 10, 8-bit colormap, non-interlaced\012- data
Hash 7928cb1e4fb733117a1479c289f29d92
bd1bbe65951f64f44ec85910877dabd35c6dbc07
8a44923efeda7708df28a77f7e01bb10be3831d112891172950fe8c2d6b2566e
GET /blogblog/data/1kt/watermark/post_background_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 103
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 16:18:33 GMT
expires: Tue, 06 Dec 2022 16:18:33 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 17:52:28 GMT
content-type: image/png
age: 461842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_m8Mg90EUVS0/TN3CbhOwY6I/AAAAAAAAGN8/qQMmSHXON7s/S250/selo-vila-artesao-vertical.png
142.250.74.161200 OK 59 kB URL HTTP/1.1 2.bp.blogspot.com/_m8Mg90EUVS0/TN3CbhOwY6I/AAAAAAAAGN8/qQMmSHXON7s/S250/selo-vila-artesao-vertical.png
IP 142.250.74.161:0
File type PNG image data, 147 x 209, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a19dc10adbc6bf1d042d32b8e952355
caa20768e55a939f41acd4d607c80971e8dce48f
2f3beb5b376f56e2da50ef1623b448575cc1aeec433abba0d286a32cc1461e5b
GET /_m8Mg90EUVS0/TN3CbhOwY6I/AAAAAAAAGN8/qQMmSHXON7s/S250/selo-vila-artesao-vertical.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="selo-vila-artesao-vertical.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 58652
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v18df"
Content-Type: image/png
Age: 24
www.blogger.com/img/share_buttons_20_3.png
216.58.207.233200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 216.58.207.233:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:28:12 GMT
expires: Tue, 06 Dec 2022 17:28:12 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 14:52:29 GMT
content-type: image/png
age: 457663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-6ys-gGHfMxw/UYgrboXJ0sI/AAAAAAAAJ3Q/VPd-AIuaUtM/s300/Millene%2Be%2BPrsicila...jpg
142.250.74.161200 OK 30 kB URL HTTP/1.1 2.bp.blogspot.com/-6ys-gGHfMxw/UYgrboXJ0sI/AAAAAAAAJ3Q/VPd-AIuaUtM/s300/Millene%2Be%2BPrsicila...jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 300x282, components 3\012- data
Hash 27516b9c39fb04cedc345c744ee7774c
d35850772632633217080cf3595c7ee74bcb5b8e
2f9537b5326b0fe7ea847028cd6adf9258d053c52a8c8bd05d08e2481f1bfdd6
GET /-6ys-gGHfMxw/UYgrboXJ0sI/AAAAAAAAJ3Q/VPd-AIuaUtM/s300/Millene%2Be%2BPrsicila...jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Millene e Prsicila...jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 30194
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4059"
Content-Type: image/jpeg
Age: 23
2.bp.blogspot.com/_m8Mg90EUVS0/Sn9btBNwgbI/AAAAAAAACiw/i_1YR6OJnJM/s400/vestido+branco.jpg
142.250.74.161200 OK 39 kB URL HTTP/1.1 2.bp.blogspot.com/_m8Mg90EUVS0/Sn9btBNwgbI/AAAAAAAACiw/i_1YR6OJnJM/s400/vestido+branco.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 286x400, components 3\012- data
Hash 6bc6df892b58bdd9e676f43e01f9b159
6799714e6c10a11aa375f00fa0e2acb06c4d9ee3
79baf798c7fdebc837e60b51c32f4552f0773a5c3fbab260c348c5368f88a6e0
GET /_m8Mg90EUVS0/Sn9btBNwgbI/AAAAAAAACiw/i_1YR6OJnJM/s400/vestido+branco.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="vestido branco.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 39383
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Content-Type: image/jpeg
Age: 23
4.bp.blogspot.com/_m8Mg90EUVS0/Sz1SFA2kfOI/AAAAAAAAERw/t9FRpGrzbdA/S226/brasil+bate+cora%C3%A7%C3%A3o.gif
142.250.74.65404 Not Found 832 B URL HTTP/1.1 4.bp.blogspot.com/_m8Mg90EUVS0/Sz1SFA2kfOI/AAAAAAAAERw/t9FRpGrzbdA/S226/brasil+bate+cora%C3%A7%C3%A3o.gif
IP 142.250.74.65:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_m8Mg90EUVS0/Sz1SFA2kfOI/AAAAAAAAERw/t9FRpGrzbdA/S226/brasil+bate+cora%C3%A7%C3%A3o.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
text.glitter-graphics.net/hearty/l.gif
46.4.70.136200 OK 2.5 kB URL HTTP/1.1 text.glitter-graphics.net/hearty/l.gif
IP 46.4.70.136:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 16 x 43\012- data
Hash bc442e4c87564a16e3fdba8182f1e025
cb08c41f3571c8ae951fb744ba70abec3586dd18
b499e45fa2d241f9e5007c07a530c74612b59ab8846af11c4eeeaa64f38aa512
GET /hearty/l.gif HTTP/1.1
Host: text.glitter-graphics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "2583434261"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2543
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0
text.glitter-graphics.net/hearty/z.gif
46.4.70.136200 OK 2.8 kB URL HTTP/1.1 text.glitter-graphics.net/hearty/z.gif
IP 46.4.70.136:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 27 x 29\012- data
Hash ab419263fd23adabfb6c338c303e45d6
a654d9505f99ac436bccff363a0b97b1a71b4b2c
3af6a962b3761251b465fb8fbf706795e922863a1a783d366c2926c99e56be6e
GET /hearty/z.gif HTTP/1.1
Host: text.glitter-graphics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "152884244"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2803
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0
text.glitter-graphics.net/hearty/c.gif
46.4.70.136200 OK 2.7 kB URL HTTP/1.1 text.glitter-graphics.net/hearty/c.gif
IP 46.4.70.136:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 23 x 31\012- data
Hash 3181fab9b7a60adde1c3b07d9ce78bb0
ad73dd310ca7f441e59953e68ee512fd746311fe
3aadf8ff9198626b7c395d6cb644e8cbbf3a31544d6b79b5126b3853fe545f91
GET /hearty/c.gif HTTP/1.1
Host: text.glitter-graphics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "3284456469"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2728
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0
1.bp.blogspot.com/_m8Mg90EUVS0/SoyoSHu2cCI/AAAAAAAACoU/Sk5a4KiKAg8/w72-h72-p-k-no-nu/cestinhos+de+croche+endurecido.jpg
142.250.74.65200 OK 3.5 kB URL HTTP/1.1 1.bp.blogspot.com/_m8Mg90EUVS0/SoyoSHu2cCI/AAAAAAAACoU/Sk5a4KiKAg8/w72-h72-p-k-no-nu/cestinhos+de+croche+endurecido.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e11bd4b08f59141240a1cc0e95c6ec2a
d612abd8912462cbb0fca26cd00b22082f765468
9a34acdc0892fb1236c219dab2c52340c6d6a7c4e5328682e91dc0200426f634
GET /_m8Mg90EUVS0/SoyoSHu2cCI/AAAAAAAACoU/Sk5a4KiKAg8/w72-h72-p-k-no-nu/cestinhos+de+croche+endurecido.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="cestinhos de croche endurecido.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3454
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Content-Type: image/jpeg
Age: 23
text.glitter-graphics.net/hearty/a.gif
46.4.70.136200 OK 2.8 kB URL HTTP/1.1 text.glitter-graphics.net/hearty/a.gif
IP 46.4.70.136:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 27 x 31\012- data
Hash 6345645471bb925e53cd01c9a8d03993
0536a4dd6efe3113f43c82ca84ab829de3c7e288
a54dd458cec60dbf719755db3e4af06079740dcaaccc9f75cada133dc1649a00
GET /hearty/a.gif HTTP/1.1
Host: text.glitter-graphics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "4136932373"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2818
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0
1.bp.blogspot.com/_m8Mg90EUVS0/TAqkKrN62RI/AAAAAAAAFM8/B1Za1wUbT9U/w72-h72-p-k-no-nu/P1011341.JPG
142.250.74.65200 OK 2.5 kB URL HTTP/1.1 1.bp.blogspot.com/_m8Mg90EUVS0/TAqkKrN62RI/AAAAAAAAFM8/B1Za1wUbT9U/w72-h72-p-k-no-nu/P1011341.JPG
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b06e1b4df20b860ffd4b00452fe147ca
655d450a68729f96d9239034dad98f2cebac4f27
3510bb0ec8881d852f57eb00df4561262f9ee03656200214b029adec98a189d5
GET /_m8Mg90EUVS0/TAqkKrN62RI/AAAAAAAAFM8/B1Za1wUbT9U/w72-h72-p-k-no-nu/P1011341.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="P1011341.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2508
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v14cf"
Content-Type: image/jpeg
Age: 23
text.glitter-graphics.net/hearty/u.gif
46.4.70.136200 OK 2.8 kB URL HTTP/1.1 text.glitter-graphics.net/hearty/u.gif
IP 46.4.70.136:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 31 x 30\012- data
Hash 4e3640c898573e301c759e03cb510679
003b6264640756000f01612d068b018b54c11f59
f58601d9c2f9493c4f15e3556ab4ff43421bd36d02ab708cc1af9eb36fd5be5e
GET /hearty/u.gif HTTP/1.1
Host: text.glitter-graphics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "1452577812"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2818
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0
text.glitter-graphics.net/hearty/i.gif
46.4.70.136200 OK 2.5 kB URL HTTP/1.1 text.glitter-graphics.net/hearty/i.gif
IP 46.4.70.136:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 15 x 46\012- data
Hash 376f02b3848369339ccb93dbeb3914b0
cdb8e21ce40596e9980fb6508eaf3c38923a9f34
08b277246cc1465bc222987094e63dd9b4077c57965e6a08e72dd06ddd4f4922
GET /hearty/i.gif HTTP/1.1
Host: text.glitter-graphics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "2953057301"
Last-Modified: Sat, 27 Feb 2021 17:26:32 GMT
Content-Length: 2512
Expires: Fri, 29 Mar 2024 00:35:55 GMT
Cache-Control: max-age=41472000
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: glig.net/1.0
1.bp.blogspot.com/_m8Mg90EUVS0/SgnIM60eB_I/AAAAAAAAA7k/6yT4BqAF16o/s400/boneca+com+cestinha+de+la.png
142.250.74.65200 OK 29 kB URL HTTP/1.1 1.bp.blogspot.com/_m8Mg90EUVS0/SgnIM60eB_I/AAAAAAAAA7k/6yT4BqAF16o/s400/boneca+com+cestinha+de+la.png
IP 142.250.74.65:0
File type GIF image data, version 89a, 219 x 251\012- data
Hash aba7c64178b2095e55433885d45e39bb
634ef2cc3f06fa11b4b4617da217881802d89f41
0b39f11438fd8378f1c12a4616f9e475d2b8027de85b872b260af44aa8d364a2
GET /_m8Mg90EUVS0/SgnIM60eB_I/AAAAAAAAA7k/6yT4BqAF16o/s400/boneca+com+cestinha+de+la.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="boneca com cestinha de la.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 29034
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v28ae"
Content-Type: image/gif
Age: 23
1.bp.blogspot.com/-IrsJhdGxlkc/U0C9Dsp2_CI/AAAAAAAAEeY/WsaESoJrKDk/s72-c/tercera+fiesta+001.JPG
142.250.74.65200 OK 3.2 kB URL HTTP/1.1 1.bp.blogspot.com/-IrsJhdGxlkc/U0C9Dsp2_CI/AAAAAAAAEeY/WsaESoJrKDk/s72-c/tercera+fiesta+001.JPG
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0d2f9ebd933cb5056e2efb4fa195b34e
8839bfaaa84f7159e3ecce6735f806668f5b8c99
55ce204b718f24b6e5a666a97c3f72204fbc09399dc3215565d22dcda1aea728
GET /-IrsJhdGxlkc/U0C9Dsp2_CI/AAAAAAAAEeY/WsaESoJrKDk/s72-c/tercera+fiesta+001.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="tercera fiesta 001.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3172
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11f0"
Content-Type: image/jpeg
Age: 24
1.bp.blogspot.com/-2_z8qRpleak/X6w6NKo5D9I/AAAAAAABKpA/nT9Vpaz1-lsVMAGn7zObFGeF2t0eo87FgCPcBGAsYHg/s72-c/IMG_20201107_163931643%257E2.jpg
142.250.74.65200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/-2_z8qRpleak/X6w6NKo5D9I/AAAAAAABKpA/nT9Vpaz1-lsVMAGn7zObFGeF2t0eo87FgCPcBGAsYHg/s72-c/IMG_20201107_163931643%257E2.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 780fa7444ab2dcc7d801bf0ee2a0e90e
3d18bcbe74d127e7767b7a300a5c78ee920482e5
f5568a5cb2d8a56ce47a2ab8775325f49716182347b5ad7c2c12df47e0bdda90
GET /-2_z8qRpleak/X6w6NKo5D9I/AAAAAAABKpA/nT9Vpaz1-lsVMAGn7zObFGeF2t0eo87FgCPcBGAsYHg/s72-c/IMG_20201107_163931643%257E2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v12a90"
expires: Tue, 06 Dec 2022 00:35:55 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20201107_163931643~2.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:35:55 GMT
server: fife
content-length: 3396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/_6XTToLOjoOo/SZNgh7TgmOI/AAAAAAAAAYs/R7KHbyEi5DM/s72-c/Selo_da_Rose.jpg
142.250.74.65200 OK 2.9 kB URL HTTP/2 1.bp.blogspot.com/_6XTToLOjoOo/SZNgh7TgmOI/AAAAAAAAAYs/R7KHbyEi5DM/s72-c/Selo_da_Rose.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5e1e957221315c44ed5dd5b88a2392bd
c58fe162f04389668b4e4a219a9ec5b544594c44
93e0f01efbf5d6fb11bd28ea626d0b98d10f0cc9d0fb7ed918ccb745bfd26968
GET /_6XTToLOjoOo/SZNgh7TgmOI/AAAAAAAAAYs/R7KHbyEi5DM/s72-c/Selo_da_Rose.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Selo_da_Rose.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2868
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:35:55 GMT
expires: Thu, 24 Nov 2022 14:34:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "v18b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-4gnW9NPr3LA/UxtbsoF4_zI/AAAAAAAAQE0/e6hc5C--Svg/s72-c/meus+carteiras+com+caixinha+de+leite..jpg
142.250.74.65200 OK 4.0 kB URL HTTP/1.1 1.bp.blogspot.com/-4gnW9NPr3LA/UxtbsoF4_zI/AAAAAAAAQE0/e6hc5C--Svg/s72-c/meus+carteiras+com+caixinha+de+leite..jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 15de869e302983f338cfcf79cbfb20b8
ab5a6edb6dc8513fd41b8ac638e76472bb31c8de
c47f1ef229e87541d24e2366068082cc93fde1ac9d4c1d7f448820c69fca29d5
GET /-4gnW9NPr3LA/UxtbsoF4_zI/AAAAAAAAQE0/e6hc5C--Svg/s72-c/meus+carteiras+com+caixinha+de+leite..jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="meus carteiras com caixinha de leite..jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3988
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4f72"
Content-Type: image/jpeg
Age: 23
2.bp.blogspot.com/-PWzw4GrCwQ8/UnKR3xUi3gI/AAAAAAAAEcg/TYaziQhuIOc/s72-c/Foto0722.jpg
142.250.74.161200 OK 4.7 kB URL HTTP/1.1 2.bp.blogspot.com/-PWzw4GrCwQ8/UnKR3xUi3gI/AAAAAAAAEcg/TYaziQhuIOc/s72-c/Foto0722.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5ee4861d9c18582049fdbcd363a8e95a
1f8e9253f25d5f1b62ec2e8d49d27a47d7875909
f89a89056d846277a54a6ce5489449a385ac313ae82540307ad41ccab570c01f
GET /-PWzw4GrCwQ8/UnKR3xUi3gI/AAAAAAAAEcg/TYaziQhuIOc/s72-c/Foto0722.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Foto0722.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4713
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:32 GMT
Expires: Tue, 06 Dec 2022 00:35:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11c9"
Content-Type: image/jpeg
Age: 23
1.bp.blogspot.com/-7QbwRz7UQW8/Ue9AOHL20MI/AAAAAAAAQlg/PK7UuhVpMSw/s72-c/00.jpg
142.250.74.65200 OK 4.9 kB URL HTTP/1.1 1.bp.blogspot.com/-7QbwRz7UQW8/Ue9AOHL20MI/AAAAAAAAQlg/PK7UuhVpMSw/s72-c/00.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e988516466c9bd96abdf6e0a539b11eb
d8a906d51446f7fd1bb12a767432d0c98edcff1c
8e73e149267049ec2aa6065a802458ed39e36762816918e1f080a3eae9fa5bf8
GET /-7QbwRz7UQW8/Ue9AOHL20MI/AAAAAAAAQlg/PK7UuhVpMSw/s72-c/00.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="00.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4936
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:55 GMT
Expires: Tue, 29 Nov 2022 05:06:43 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v466f"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/_m8Mg90EUVS0/Sznk7SMDBdI/AAAAAAAAENY/FXwSAcov6jU/s400/meu+vestido+xadrez.jpg
142.250.74.65200 OK 49 kB URL HTTP/1.1 4.bp.blogspot.com/_m8Mg90EUVS0/Sznk7SMDBdI/AAAAAAAAENY/FXwSAcov6jU/s400/meu+vestido+xadrez.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google, copyright=COPYRIGHT, 2009], baseline, precision 8, 400x300, components 3\012- data
Hash 40d42d0eae22945f5ee188c461096863
31b87eeca6a3c7aa1551f7410d4288d3c16f6d3c
b497853c84a8fa5f3bf81d60eeb91dfdae9cdfe11a15ec1761a0cc852dc06b6c
GET /_m8Mg90EUVS0/Sznk7SMDBdI/AAAAAAAAENY/FXwSAcov6jU/s400/meu+vestido+xadrez.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v10d6"
Expires: Tue, 06 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="meu vestido xadrez.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 49344
X-XSS-Protection: 0
4.bp.blogspot.com/-qeLO8CRZ0zQ/UOmFBeYEFLI/AAAAAAABBWg/SS_jC7r8tQM/s72-c/flowers_byLittleWoolie_viaAndreaGuimBlog.jpg
142.250.74.65200 OK 5.0 kB URL HTTP/1.1 4.bp.blogspot.com/-qeLO8CRZ0zQ/UOmFBeYEFLI/AAAAAAABBWg/SS_jC7r8tQM/s72-c/flowers_byLittleWoolie_viaAndreaGuimBlog.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3367fa1053135c6a3a0403d0f46ea295
517941f6df613dfbecfd368865877391eaf995cf
c2934d813dcf39d0e850548488dcac520621fb25eeca0e46f35ec3fcd330284e
GET /-qeLO8CRZ0zQ/UOmFBeYEFLI/AAAAAAABBWg/SS_jC7r8tQM/s72-c/flowers_byLittleWoolie_viaAndreaGuimBlog.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="flowers_byLittleWoolie_viaAndreaGuimBlog.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4953
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Sat, 03 Dec 2022 20:26:24 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 24
ETag: "v10568"
Content-Type: image/jpeg
3.bp.blogspot.com/_m8Mg90EUVS0/Sn9c0OEJSlI/AAAAAAAACjA/0zT0MWx09xY/s400/que+lindoo.jpg
142.250.74.161200 OK 42 kB URL HTTP/1.1 3.bp.blogspot.com/_m8Mg90EUVS0/Sn9c0OEJSlI/AAAAAAAACjA/0zT0MWx09xY/s400/que+lindoo.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 316x400, components 3\012- data
Hash 0d0ee75ddf2a8527a6028ceef179f250
0826cbf78aba15e789cf166c3285523632b95a5e
05d6d929677023c7723774a8b85f40cda71dcfffb2b5058f0f90dfad9b96c2c4
GET /_m8Mg90EUVS0/Sn9c0OEJSlI/AAAAAAAACjA/0zT0MWx09xY/s400/que+lindoo.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="que lindoo.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 42090
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:35:31 GMT
Expires: Tue, 06 Dec 2022 00:35:31 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5729"
Content-Type: image/jpeg
Age: 24
3.bp.blogspot.com/_m8Mg90EUVS0/SjLcgCziOUI/AAAAAAAABss/YtbLSrcXv_E/w72-h72-p-k-no-nu/XALE+TEAR+DE+PREGOS.jpg
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 3.bp.blogspot.com/_m8Mg90EUVS0/SjLcgCziOUI/AAAAAAAABss/YtbLSrcXv_E/w72-h72-p-k-no-nu/XALE+TEAR+DE+PREGOS.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 646aa3270cfee02d73ca64261c46cbe6
89f4497cd283f5b3205c24bc368b943ee15acad9
eea88b9e121a3d9d74c81893d895f25259f29226a14c0e5de47baf76d2e06aa0
GET /_m8Mg90EUVS0/SjLcgCziOUI/AAAAAAAABss/YtbLSrcXv_E/w72-h72-p-k-no-nu/XALE+TEAR+DE+PREGOS.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6cb"
Expires: Tue, 06 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="XALE TEAR DE PREGOS.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: fife
Content-Length: 4035
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img34.glitterfy.com/160/glitterfy-flpbk0922151354023734.gif
208.71.34.181200 OK 36 kB URL HTTP/1.1 img34.glitterfy.com/160/glitterfy-flpbk0922151354023734.gif
IP 208.71.34.181:0
File type GIF image data, version 89a, 188 x 250\012- data
Hash b84aed9b627edbaa328acb539e0631de
88d48cef14425b926d54a37e25cf67b803a3b520
971850fc27d75c5bc2ff7d8cbdb330e0eab73c91975c76d869130a1531dfefd9
GET /160/glitterfy-flpbk0922151354023734.gif HTTP/1.1
Host: img34.glitterfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:35:55 GMT
Server: Apache
Last-Modified: Tue, 24 Jul 2012 22:39:53 GMT
ETag: "3230790-1f58e-4c59b0a77c4c9"
Accept-Ranges: bytes
Content-Length: 128398
Connection: close
Content-Type: image/gif
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 1617
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2621
Cache-Control: max-age=119677
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:50:32 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww82.acessoriosparablogs.com.br/
199.59.243.222200 OK 1.1 kB URL HTTP/1.1 ww82.acessoriosparablogs.com.br/
IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1552), with no line terminators
Hash 914c3b432b6a8f0d0ef55056357e790c
8acc38eed67166c855fada6d78bb26f0dede5120
ca35b5d2116c38c274115c6a1968391a29be29afe3cf9f026fc1abd64a8e2798
GET / HTTP/1.1
Host: ww82.acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tricocrocheetcetal.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 05 Dec 2022 00:35:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b; expires=Mon, 05-Dec-2022 00:50:55 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_tCbnsqLY/UVypx5WofFWvpm/IkPY5Kmo9sDbuyjepSwgL/3KP64Tid63G+TZt4X/adQAn1cufOItJ1i3VDbMWA==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww82.acessoriosparablogs.com.br/js/parking.2.100.2.js
199.59.243.222200 OK 22 kB URL HTTP/1.1 ww82.acessoriosparablogs.com.br/js/parking.2.100.2.js
IP 199.59.243.222:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 239c79e8ead12ade233b4b98f3a1d68d
ebb33fbc73ffa07c517270874bef61576c7aecf6
148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
GET /js/parking.2.100.2.js HTTP/1.1
Host: ww82.acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 14 Nov 2022 17:46:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Dacp+BadyZCeeTUZTlS96g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MX9PM+P0vPIjgo2NcSode9wlR0k=
ww82.acessoriosparablogs.com.br/_fd
199.59.243.222200 OK 487 B URL HTTP/1.1 ww82.acessoriosparablogs.com.br/_fd
IP 199.59.243.222:0
File type ASCII text, with very long lines (693), with no line terminators
Hash 8b46029c48e4bf88c132e25360dd5bf5
2526efe6e56b5e0d7c60a75b22c5fd6b18469033
abac071635ea41aa35bee51b396523d493305fd8ab03510e25450b04a36da8f2
Analyzer Verdict Alert fortinet Malware
POST /_fd HTTP/1.1
Host: ww82.acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.acessoriosparablogs.com.br/
Content-Type: application/json
Origin: http://ww82.acessoriosparablogs.com.br
Connection: keep-alive
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Dec 2022 00:35:56 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b; expires=Mon, 05-Dec-2022 00:50:56 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww82.acessoriosparablogs.com.br/px.gif?ch=1&rn=10.658161007290209
199.59.243.222200 OK 42 B URL HTTP/1.1 ww82.acessoriosparablogs.com.br/px.gif?ch=1&rn=10.658161007290209
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=10.658161007290209 HTTP/1.1
Host: ww82.acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww82.acessoriosparablogs.com.br/px.gif?ch=2&rn=10.658161007290209
199.59.243.222200 OK 42 B URL HTTP/1.1 ww82.acessoriosparablogs.com.br/px.gif?ch=2&rn=10.658161007290209
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=10.658161007290209 HTTP/1.1
Host: ww82.acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww82.acessoriosparablogs.com.br/favicon.ico
199.59.243.222200 OK 0 B URL HTTP/1.1 ww82.acessoriosparablogs.com.br/favicon.ico
IP 199.59.243.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww82.acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 05 Dec 2022 00:35:56 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-22.ec2.internal
Accept-Ranges: bytes
ww82.acessoriosparablogs.com.br/_zc
199.59.243.222200 OK 168 B URL HTTP/1.1 ww82.acessoriosparablogs.com.br/_zc
IP 199.59.243.222:0
File type ASCII text, with no line terminators
Hash 13f76040c6a87b2184386b0955ae354f
53bb86b25b49c6bfb2622166015ba27bf3102a3d
b39094f15c3ec1fe8416a3be3bea4c9a46c67568bfc8fd522377662022192039
Analyzer Verdict Alert fortinet Malware
POST /_zc HTTP/1.1
Host: ww82.acessoriosparablogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.acessoriosparablogs.com.br/
Content-Type: application/json
Origin: http://ww82.acessoriosparablogs.com.br
Content-Length: 2265
Connection: keep-alive
Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Dec 2022 00:35:56 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b; expires=Mon, 05-Dec-2022 00:50:56 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 05 Dec 2022 01:25:14 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 31030
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CYvQg9Tc0rQB9_DoDW4RoLx2GEdMSEaXViCY3qXbijd0P5mMSZWE6Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:35:27 GMT
age: 75630
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c36448c65274ebbe1eb21e3bf02385e
e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28
6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hEiLpBd0Tubj3-Wgqh_jpK6XEekyrHfuQxpVD_JLlNSAQj41XK_1EA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:15 GMT
age: 9822
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafdb4fe91795a9e16baebb085ccd818
f5ed5d03e6969f81349ad78fde0e71390a4ed391
f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 08:10:52 GMT
age: 59105
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _nGZrHCvmP-EKAQG20l1ayIftZ4spFGPuG--vyTpMhbNa9L3pIWhCA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
age: 10048
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3d863be9bd5d072e85b8976251ce342
b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140
f188fb7575c4b8662acfe2a6682559d50a12430c116605391dd77257bc11a60b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6133
x-amzn-requestid: d2c60baf-1d2e-4b1f-9c08-2adf0aa458a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXHcPIAMFl5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-3ddc6f0428790a9d5f253825;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HVO2yJJggGy-dou69DXIb254DYhzLj31b9-lyIOyIvQAQGGqQfmSSg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:42 GMT
age: 76695
etag: "b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue
208.91.196.46200 OK 7.1 kB URL HTTP/1.1 iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue
IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2408), with CRLF, LF line terminators
Hash c149c451180d2a8544ae3fe33910f539
01103526ec0be643e043fc55a3c67f4feda8f139
94ea72e5f83673566308fd8e3ff7b270901b95da0abda4bbc814fecb4d77e6a0
GET /?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue HTTP/1.1
Host: iyfbodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:35:57 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_kbUZrheki4P9b0r9lRtINOK70GgyEo6hPw95RULRoFJHmWMoYwGdVtbFRWOjjrTFui0lcE2FX+YL8VXGubCRRw==
Keep-Alive: timeout=5, max=112
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked
iyfbodn.com/px.js?ch=1
208.91.196.46200 OK 346 B IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
GET /px.js?ch=1 HTTP/1.1
Host: iyfbodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:35:57 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Content-Type: application/javascript
iyfbodn.com/px.js?ch=2
208.91.196.46200 OK 346 B IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
GET /px.js?ch=2 HTTP/1.1
Host: iyfbodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:35:57 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=118
Connection: Keep-Alive
Content-Type: application/javascript
i3.cdn-image.com/__media__/js/min.js?v2.3
23.33.119.25200 OK 3.1 kB URL HTTP/1.1 i3.cdn-image.com/__media__/js/min.js?v2.3
IP 23.33.119.25:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (8349), with CRLF line terminators
Hash 683b827c961eb1a55ae52a5c42524a13
a1c0b96af389b99124cb42f1730d2dcb0f3dc3f4
58e12a35c892e412e904c69e12d13915c07afb320633925f41a493ebfc2ee053
GET /__media__/js/min.js?v2.3 HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 22 Sep 2021 05:16:02 GMT
ETag: "614abc12-20f3"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=79987
Expires: Mon, 05 Dec 2022 22:49:04 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Content-Length: 3050
Connection: keep-alive
i3.cdn-image.com/__media__/pics/29590/bg1.png
23.33.119.25200 OK 18 kB URL HTTP/1.1 i3.cdn-image.com/__media__/pics/29590/bg1.png
IP 23.33.119.25:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1730 x 988, 4-bit colormap, non-interlaced\012- data
Hash 825ccd29ac102fcadaf92b2343d5917b
24472e766cfac5b82a73b219796556a0a3702bd6
0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
GET /__media__/pics/29590/bg1.png HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 17986
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
ETag: "6380b223-4642"
Accept-Ranges: bytes
Cache-Control: public, max-age=65423
Expires: Mon, 05 Dec 2022 18:46:20 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
i3.cdn-image.com/__media__/pics/28905/arrrow.png
23.33.119.25200 OK 283 B URL HTTP/1.1 i3.cdn-image.com/__media__/pics/28905/arrrow.png
IP 23.33.119.25:0
ASN #20940 Akamai International B.V.
File type PNG image data, 17 x 27, 8-bit colormap, non-interlaced\012- data
Hash 80d42c82a6c37da90210fd60a2f36128
554ba7c84d2a27ecf3b1f29d03e62101936b54d8
a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
GET /__media__/pics/28905/arrrow.png HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 283
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
ETag: "61d45d4b-11b"
Accept-Ranges: bytes
Cache-Control: public, max-age=19746
Expires: Mon, 05 Dec 2022 06:05:03 GMT
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
23.33.119.25200 OK 17 kB URL HTTP/1.1 i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
IP 23.33.119.25:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 17264, version 2.1\012- data
Hash a43b107861b42ce1335e41e43d4e4d00
99bdb1cec4a68ebe29249c46fefefb6880d009e5
a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2
GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfbodn.com
Connection: keep-alive
Referer: http://iyfbodn.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/font-woff
Content-Length: 17264
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "600809b7-4370"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
23.33.119.25200 OK 17 kB URL HTTP/1.1 i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
IP 23.33.119.25:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 17312, version 2.1\012- data
Hash bebe201d813feaad85a3e66607d0da3a
28b049502afa8e9db5340c1a92400591b39870e8
58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b
GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfbodn.com
Connection: keep-alive
Referer: http://iyfbodn.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/font-woff
Content-Length: 17312
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "600809b7-43a0"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 00:35:57 GMT
Connection: keep-alive
iyfbodn.com/favicon.ico
208.91.196.46404 Not Found 30 B IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type ASCII text, with no line terminators
Hash c4609c83d6054d974c265b208bdc2a21
7e963e7185900347babd1f2797312c0ca21fa4ae
6cd85e3008758f2e06eeff9efdf9b4ad2981f6654f87918d155b0aced68d959a
GET /favicon.ico HTTP/1.1
Host: iyfbodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfbodn.com/?dn=acessoriosparablogs.com.br&pid=9POT3387I&pbsubid=ec0e4bb0-2f2b-c69e-c86d-1d8dc4b93a4b&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dacessoriosparablogs.com.br%26skipskenzo%3Dtrue
HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 00:35:58 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
ntCoent-Length: 10
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Cache-Control: private
Content-Encoding: gzip
Content-Length: 30
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww82.acessoriosparablogs.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 05 Dec 2022 00:35:56 GMT
expires: Mon, 05 Dec 2022 00:35:56 GMT
cache-control: private, max-age=3600
etag: "16357369056098493250"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2