Overview

URLlaura-pieces-of-beauty.blogspot.ru/2012/02/skin79-bb-cleanser-o2-bubble.html
IP 172.217.21.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 20:58:52 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (25)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (4) 344 No data No data 23.36.77.32
www.blogger.com (4) 8975 2012-05-22 07:35:03 UTC 2020-05-05 09:48:25 UTC 216.58.207.233
3.bp.blogspot.com (7) 11048 2013-07-04 04:18:40 UTC 2020-05-14 03:02:58 UTC 142.250.74.161
1.bp.blogspot.com (4) 8403 2013-05-06 20:18:52 UTC 2020-05-14 01:22:22 UTC 142.250.74.161
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-30 04:48:28 UTC 216.58.207.228
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-30 04:54:31 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-30 06:05:46 UTC 142.250.74.74
apis.google.com (2) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 216.58.207.238
resources.blogblog.com (1) 13274 2018-07-01 19:33:30 UTC 2020-04-09 16:15:03 UTC 216.58.207.233
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.238.202.79
2.bp.blogspot.com (4) 11071 2013-07-04 03:01:31 UTC 2020-04-28 02:17:39 UTC 142.250.74.161
4.bp.blogspot.com (3) 11215 2013-05-06 20:18:52 UTC 2020-05-06 03:21:52 UTC 142.250.74.161
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-30 05:55:04 UTC 142.250.74.3 Domain (gstatic.com) ranked at: 540
laura-pieces-of-beauty.blogspot.ru (1) 0 2014-03-15 15:12:02 UTC 2015-10-20 00:01:50 UTC 172.217.21.161 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239
ocsp.pki.goog (11) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-11-30 06:13:30 UTC 216.58.207.194
play.google.com (1) 34 2018-05-12 00:28:37 UTC 2022-11-30 05:25:41 UTC 216.58.207.238
laura-pieces-of-beauty.blogspot.com (3) 0 2013-12-04 13:10:39 UTC 2015-10-22 04:08:17 UTC 172.217.21.161 Unknown ranking
adserver.juicyads.com (2) 36249 2012-05-21 13:14:28 UTC 2022-11-29 23:37:02 UTC 185.94.236.245
www.blogblog.com (1) 28878 2012-05-22 07:35:04 UTC 2020-05-06 23:24:00 UTC 216.58.207.233
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 laura-pieces-of-beauty.blogspot.ru/2012/02/skin79-bb-cleanser-o2-bubble.html Malware
2022-11-30 2 laura-pieces-of-beauty.blogspot.com/2012/02/skin79-bb-cleanser-o2-bubble.html Malware
2022-11-30 2 laura-pieces-of-beauty.blogspot.com/js/cookienotice.js Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.217.21.161
Date UQ / IDS / BL URL IP
2023-02-05 10:17:59 +0000 0 - 0 - 1 murielecamac.blogspot.com/2012/07 172.217.21.161
2023-02-05 09:57:47 +0000 0 - 0 - 1 skooooz.blogspot.com/2012/12/josh-hutcherson.html 172.217.21.161
2023-02-05 09:51:13 +0000 0 - 0 - 4 tendiatefen1982.blogspot.ba/ 172.217.21.161
2023-02-05 09:49:32 +0000 0 - 0 - 3 flamingoimpossibleobby.blogspot.it/ 172.217.21.161
2023-02-05 09:47:49 +0000 0 - 0 - 4 swerodlori1980.blogspot.ie/ 172.217.21.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-02-05 10:33:19 +0000 0 - 0 - 0 www.youtube.com/watch?v=jDRKjLXUKeU 142.250.74.46
2023-02-05 10:32:40 +0000 3 - 0 - 0 ddsaditetyegoldswa.blogspot.com/2017/02/blanc (...) 142.250.74.1
2023-02-05 10:27:12 +0000 0 - 28 - 0 www.newsandpromotions.com/special-offer/ 35.227.209.77
2023-02-05 10:23:23 +0000 0 - 0 - 1 www.snikhers.com/pp/signin/ 34.174.86.106
2023-02-05 10:22:38 +0000 0 - 0 - 2 perfil-josianeoliveira-2022.blogspot.jp/ 142.250.74.1


Last 5 reports on domain: laura-pieces-of-beauty.blogspot.ru
Date UQ / IDS / BL URL IP
2023-01-12 00:43:15 +0000 0 - 0 - 3 laura-pieces-of-beauty.blogspot.ru/search/lab (...) 172.217.21.161
2023-01-05 06:07:01 +0000 0 - 0 - 3 laura-pieces-of-beauty.blogspot.ru/search/lab (...) 142.250.74.161
2023-01-04 04:35:59 +0000 0 - 0 - 3 laura-pieces-of-beauty.blogspot.ru/search/lab (...) 172.217.21.161
2022-12-30 23:22:36 +0000 0 - 0 - 3 laura-pieces-of-beauty.blogspot.ru/search/lab (...) 172.217.21.161
2022-12-23 19:29:42 +0000 0 - 0 - 3 laura-pieces-of-beauty.blogspot.ru/search/lab (...) 172.217.21.161


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-04 05:51:51 +0000 0 - 0 - 2 estelaraziel.blogspot.com/search/label/Elle%2 (...) 216.58.207.193

JavaScript

Executed Scripts (55)

Executed Evals (5)
#1 JavaScript::Eval (size: 22) - SHA256: 662748d1507b16ab56d1bceff58b8302eb43f21ce0de70b24b21b8ef39aeff35
0,
function(L) {
    nv(2, L)
}
#2 JavaScript::Eval (size: 64) - SHA256: 9908576f4e1cce70106175d94488f9071022d3485f8a8ccf0655b399b318a7c4
0,
function(L, T, g) {
    (T = (g = a((T = a(L), L)), L).K[T] && Q(T, L), Z)(g, L, T)
}
#3 JavaScript::Eval (size: 15576) - SHA256: d4be0587aacd19697ae508209e99aa30536e2b75393db507b1cd329131d8e19c
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var E = function(n) {
            return n
        },
        T = function(n, I) {
            if ((I = (n = null, e.trustedTypes), !I) || !I.createPolicy) return n;
            try {
                n = I.createPolicy("bg", {
                    createHTML: E,
                    createScript: E,
                    createScriptURL: E
                })
            } catch (L) {
                e.console && e.console.error(L.message)
            }
            return n
        },
        e = this || self;
    (0, eval)(function(n, I) {
        return (I = T()) && 1 === n.eval(I.createScript("1")) ? function(L) {
            return I.createScript(L)
        } : function(L) {
            return "" + L
        }
    }(e)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var y,nv=function(n,E,I,e){for(e=(I=a(E),0);0<n;n--)e=e<<8|z(E);Z(I,E,e)},c=function(n,E,I,e,X,L){if(n.N.length){(n.R=(n.R&&0(),true),n).rY=E;try{e=n.Z(),n.G=e,n.I=0,n.Y=e,L=Ia(E,n),X=n.Z()-n.Y,n.D+=X,X<(I?0:10)||0>=n.l--||(X=Math.floor(X),n.F.push(254>=X?X:254))}finally{n.R=false}return L}},iN=function(n,E,I){if((I=typeof n,"object")==I)if(n){if(n instanceof Array)return"array";if(n instanceof Object)return I;if((E=Object.prototype.toString.call(n),"[object Window]")==E)return"object";if("[object Array]"==E||"number"==typeof n.length&&"undefined"!=typeof n.splice&&"undefined"!=typeof n.propertyIsEnumerable&&!n.propertyIsEnumerable("splice"))return"array";if("[object Function]"==E||"undefined"!=typeof n.call&&"undefined"!=typeof n.propertyIsEnumerable&&!n.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==I&&"undefined"==typeof n.call)return"object";return I},m=function(n,E){n.N.splice(0,0,E)},Lv=function(n,E){return(n=n.create().shift(),E.S).create().length||E.v.create().length||(E.v=void 0,E.S=void 0),n},P=function(n,E,I,e,X,L){if(!E.U){if(3<(I=(0==((L=void 0,I&&I[0]===r)&&(n=I[1],L=I[2],I=void 0),X=Q(19,E),X).length&&(e=Q(117,E)>>3,X.push(n,e>>8&255,e&255),void 0!=L&&X.push(L&255)),n="",I&&(I.message&&(n+=I.message),I.stack&&(n+=":"+I.stack)),Q(504,E)),I)){E.L=(L=(n=(I-=(n=n.slice(0,(I|0)-3),n.length|0)+3,EK(n)),E.L),E);try{G(E,446,f(2,n.length).concat(n),9)}finally{E.L=L}}Z(504,E,I)}},b=function(n,E,I){n[Z(I,E,n),ev]=2796},Tl=function(n,E){(E.push(n[0]<<24|n[1]<<16|n[2]<<8|n[3]),E.push(n[4]<<24|n[5]<<16|n[6]<<8|n[7]),E).push(n[8]<<24|n[9]<<16|n[10]<<8|n[11])},gN=function(n,E,I,e){G(n,(I=(e=a(n),a(n)),I),f(E,Q(e,n)))},Xn=function(n,E){if(E=(n=q.trustedTypes,null),!n||!n.createPolicy)return E;try{E=n.createPolicy("bg",{createHTML:x0,createScript:x0,createScriptURL:x0})}catch(I){q.console&&q.console.error(I.message)}return E},aa=function(n,E,I,e){return(e=O[n.substring(0,3)+"_"])?e(n.substring(3),E,I):wN(E,n)},DU=function(n,E,I,e){try{e=n[((E|0)+2)%3],n[E]=(n[E]|0)-(n[((E|0)+1)%3]|0)-(e|0)^(1==E?e<<I:e>>>I)}catch(X){throw X;}},Q=function(n,E){if(void 0===(E=E.K[n],E))throw[r,30,n];if(E.value)return E.create();return E.create(1*n*n+-43*n+-56),E.prototype},ZU=function(n,E,I,e,X,L){for(e=(L=(I=((X=a((E=n[zl]||{},n)),E.TW=a(n),E).P=[],n.L==n)?(z(n)|0)-1:1,a(n)),0);e<I;e++)E.P.push(a(n));for(E.A=Q(X,n);I--;)E.P[I]=Q(E.P[I],n);return E.Kv=Q(L,n),E},Mi=function(n,E,I,e,X){G(n,(((e=Q((X=a((e=(I=E&4,E&=3,a(n)),n)),e),n),I)&&(e=EK(""+e)),E)&&G(n,X,f(2,e.length)),X),e)},EK=function(n,E,I,e,X){for(X=E=(n=n.replace(/\\r\\n/g,"\\n"),I=[],0);X<n.length;X++)e=n.charCodeAt(X),128>e?I[E++]=e:(2048>e?I[E++]=e>>6|192:(55296==(e&64512)&&X+1<n.length&&56320==(n.charCodeAt(X+1)&64512)?(e=65536+((e&1023)<<10)+(n.charCodeAt(++X)&1023),I[E++]=e>>18|240,I[E++]=e>>12&63|128):I[E++]=e>>12|224,I[E++]=e>>6&63|128),I[E++]=e&63|128);return I},O,a=function(n,E){if(n.S)return Lv(n.v,n);return(E=h(8,n,true),E&128)&&(E^=128,n=h(2,n,true),E=(E<<2)+(n|0)),E},A=function(n,E){E.T=((E.T?E.T+"~":"E:")+n.message+":"+n.stack).slice(0,2048)},mC=function(n,E,I,e,X){if((I=n[0],I)==N)E.l=25,E.u(n);else if(I==k){X=n[1];try{e=E.T||E.u(n)}catch(L){A(L,E),e=E.T}X(e)}else if(I==uN)E.u(n);else if(I==l)E.u(n);else if(I==WU){try{for(e=0;e<E.C.length;e++)try{X=E.C[e],X[0][X[1]](X[2])}catch(L){}}catch(L){}(0,n[1])(function(L,T){E.o(L,true,T)},(E.C=[],function(L){(m(E,(L=!E.N.length,[cU])),L)&&c(E,true,false)}))}else{if(I==H)return e=n[2],Z(264,E,n[6]),Z(98,E,e),E.u(n);I==cU?(E.F=[],E.K=null,E.X=[]):I==ev&&"loading"===q.document.readyState&&(E.h=function(L,T){function g(){T||(T=true,L())}q.document.addEventListener("DOMContentLoaded",(T=false,g),F),q.addEventListener("load",g,F)})}},F={passive:true,capture:true},wN=function(n,E){return n(function(I){I(E)}),[function(){return E}]},x0=function(n){return n},sK=function(n,E){Z(169,n,(n.mu.push(n.K.slice()),n.K[169]=void 0,E))},v=function(n,E,I,e,X,L,T,g,x){if(I.L=(T=(x=(g=(L=0<(E||I.I++,I).W&&I.R&&I.rY&&1>=I.B&&!I.S&&!I.h&&(!E||1<I.J-e)&&0==document.hidden,(X=4==I.I)||L)?I.Z():I.G,g)-I.G,x>>14),I.H&&(I.H^=T*(x<<2)),I.j+=T,T)||I.L,X||L)I.I=0,I.G=g;if(!L||g-I.Y<I.W-(n?255:E?5:2))return false;return I.h=((Z((n=Q(E?117:169,(I.J=e,I)),169),I,I.O),I).N.push([uN,n,E?e+1:e]),B),true},Ia=function(n,E,I,e){for(;E.N.length;){e=(E.h=null,E).N.pop();try{I=mC(e,E)}catch(X){A(X,E)}if(n&&E.h){n=E.h,n(function(){c(E,true,true)});break}}return I},Q6=function(n,E,I,e){return Q((Z(169,(rN(n,(e=Q(169,n),n.X&&e<n.O?(Z(169,n,n.O),sK(n,E)):Z(169,n,E),I)),n),e),98),n)},bN=function(n,E,I,e,X){for(e=(I.xv=((I.uV=((I.aN=I[k],I).zW=V6,tI),I).Lv=Y0({get:function(){return this.concat()}},I.g),J[I.g](I.Lv,{value:{value:{}}})),0),X=[];128>e;e++)X[e]=String.fromCharCode(e);c(I,true,(m(I,(m(I,(m(I,(Z(6,(b(function(L,T,g,x,w,D){v(false,true,L,T)||(w=ZU(L.L),T=w.P,D=w.A,g=T.length,x=w.Kv,w=w.TW,T=0==g?new x[D]:1==g?new x[D](T[0]):2==g?new x[D](T[0],T[1]):3==g?new x[D](T[0],T[1],T[2]):4==g?new x[D](T[0],T[1],T[2],T[3]):2(),Z(w,L,T))},(Z(446,I,R((b(function(L,T,g,x,w,D){if(!v(true,true,L,T)){if((D=(w=Q((T=(g=(D=a(L),T=a(L),a(L)),w=a(L),Q)(T,L),w),L),Q(D,L)),L=Q(g,L),"object")==iN(D)){for(x in g=[],D)g.push(x);D=g}for(x=0,g=D.length,L=0<L?L:1;x<g;x+=L)T(D.slice(x,(x|0)+(L|0)),w)}},I,((b(function(L){nv(4,L)},(b(function(L,T,g,x,w,D,M){for(x=(T=(g=Q((D=a(L),w=dN(L),M="",157),L),g.length),0);w--;)x=((x|0)+(dN(L)|0))%T,M+=X[g[x]];Z(D,L,M)},I,(Z(409,(I.cV=(Z(373,I,[160,(b(function(L,T,g,x){Z((x=Q((g=(T=a((g=(x=a(L),a(L)),L)),Q(g,L)),x),L),T),L,x[g])},(b(function(L,T,g,x,w){Z((w=(g=(g=a((x=(T=a(L),a(L)),L)),w=a(L),Q)(g,L),x=Q(x,L),Q(w,L)),T),L,PU(x,w,L,g))},I,(b(function(L,T,g,x,w){for(x=(w=(g=dN((T=a(L),L)),[]),0);x<g;x++)w.push(z(L));Z(T,L,w)},I,(b(function(L){gN(L,1)},(b(function(L,T,g,x){!v(false,true,L,T)&&(T=ZU(L),x=T.Kv,g=T.A,L.L==L||g==L.S0&&x==L)&&(Z(T.TW,L,g.apply(x,T.P)),L.G=L.Z())},(b(function(L,T,g,x){Z((g=Q((T=a((g=a(L),L)),x=Q(T,L),g),L),T),L,x+g)},(Z(19,I,(b(function(L,T,g){Z((g=(T=a(L),a(L)),T=Q(T,L),T=iN(T),g),L,T)},I,(b(function(L,T,g,x){Z((T=a((x=(g=a(L),a(L)),L)),T),L,Q(g,L)||Q(x,L))},I,(b(function(L,T){L=(T=a(L),Q)(T,L.L),L[0].removeEventListener(L[1],L[2],F)},(b(function(L,T,g){v(false,true,L,T)||(T=a(L),g=a(L),Z(g,L,function(x){return eval(x)}(Gl(Q(T,L.L)))))},I,(b(function(L){Mi(L,3)},I,(b(function(L,T,g){0!=(g=(g=(T=a(L),a(L)),Q)(g,L),Q(T,L))&&Z(169,L,g)},(Z(426,I,(b(function(L,T,g,x,w){x=(T=Q((g=(w=(T=(x=a(L),g=a(L),a)(L),a(L)),Q(g,L)),w=Q(w,L),T),L),Q)(x,L.L),0!==x&&(T=PU(T,1,L,w,x,g),x.addEventListener(g,T,F),Z(426,L,[x,g,T]))},(Z((b(function(L){gN(L,4)},(b(function(L,T,g,x){Z((x=(T=(x=a(L),a(L)),g=a(L),T=Q(T,L),Q(x,L)),g),L,x in T|0)},(Z(258,(Z(504,(Z(98,I,(b(function(){},I,(b(function(L,T,g,x){Z((T=z((x=a(L),L)),g=a(L),g),L,Q(x,L)>>>T)},I,(b(function(L,T,g){Z((g=(T=a(L),a(L)),g),L,""+Q(T,L))},I,(b(function(L,T){sK((T=Q(a(L),L),L.L),T)},I,(b(function(L,T,g,x,w,D,M,W,t,p,V,u){function U(Y,d){for(;g<Y;)u|=z(L)<<g,g+=8;return u>>=(d=u&(1<<(g-=Y,Y))-1,Y),d}for(w=(x=(g=(V=a(L),u=0),M=(U(3)|0)+1,U(5)),[]),D=T=0;D<x;D++)W=U(1),w.push(W),T+=W?0:1;for(p=(D=(T=((T|0)-1).toString(2).length,0),[]);D<x;D++)w[D]||(p[D]=U(T));for(T=0;T<x;T++)w[T]&&(p[T]=a(L));for(t=[];M--;)t.push(Q(a(L),L));b(function(Y,d,y6,C,S){for(C=(y6=[],S=[],0);C<x;C++){if(d=p[C],!w[C]){for(;d>=S.length;)S.push(a(Y));d=S[d]}y6.push(d)}(Y.S=fv(t.slice(),Y),Y).v=fv(y6,Y)},L,V)},I,(b(function(L,T,g,x){if(x=L.mu.pop()){for(g=z(L);0<g;g--)T=a(L),x[T]=L.K[T];L.K=(x[504]=(x[19]=L.K[19],L).K[504],x)}else Z(169,L,L.O)},(b(function(L){Mi(L,4)},I,(b(function(L,T,g,x){(x=(g=a((T=a(L),L)),a(L)),L.L==L)&&(g=Q(g,L),x=Q(x,L),Q(T,L)[g]=x,226==T&&(L.i=void 0,2==g&&(L.H=h(32,L,false),L.i=void 0)))},I,(b(function(L,T,g,x){T=(g=a((T=(x=a(L),a(L)),L)),x=Q(x,L),Q)(T,L),Z(g,L,+(x==T))},I,(Z(90,((Z(117,(((I.l=25,(I.T=void 0,(e=window.performance||{},(I.v=(I.XU=0,void 0),I.K=[],I).rY=(I.X=[],(I.O=0,I.W=0,I).N=[],I.H=(I.mu=[],I.R=false,void 0),I.B=0,false),I).S=void 0,I.F=[],I).j=(I.Y=0,I.V=void 0,I.G=0,I.D=0,1),I).pv=(I.J=8001,(I.I=void 0,I.h=(I.S0=function(L){this.L=L},null),I.L=(I.C=[],I),I).U=false,(I.i=void 0,e).timeOrigin||(e.timing||{}).navigationStart||0),Z)(169,I,0),I),0),I).Yv=0,I),[]),111)),292)),Z(184,I,353),170)),I),382),286)),390)),281)),7)),326)),{})),I),2048),I),[0,0,0]),I),44),I),84),207),I,q),I),396),0)),I),323),177)),442)),I),81),376)),433)),[])),I),14),I),222),I),347),287)),50)),I),123),0),0]),0),I),I),205)),I),432),I).vV=0,215)),4))),I),228),I),0),[ev])),[l,n])),[WU,E])),true))},R=function(n,E){for(E=[];n--;)E.push(255*Math.random()|0);return E},f=function(n,E,I,e){for(e=(I=(n|0)-1,[]);0<=I;I--)e[(n|0)-1-(I|0)]=E>>8*I&255;return e},Y0=function(n,E){return J[E](J.prototype,{splice:n,floor:n,pop:n,stack:n,document:n,call:n,length:n,prototype:n,parent:n,console:n,propertyIsEnumerable:n,replace:n})},Z=function(n,E,I){if(169==n||117==n)E.K[n]?E.K[n].concat(I):E.K[n]=fv(I,E);else{if(E.U&&226!=n)return;373==n||446==n||90==n||19==n||258==n?E.K[n]||(E.K[n]=pv(118,E,I,n)):E.K[n]=pv(81,E,I,n)}226==n&&(E.H=h(32,E,false),E.i=void 0)},qi=function(n,E,I,e){function X(){}return{invoke:(e=aa((I=void 0,n),function(L){X&&(E&&B(E),I=L,X(),X=void 0)},!!E)[0],function(L,T,g,x){function w(){I(function(D){B(function(){L(D)})},g)}if(!T)return T=e(g),L&&L(T),T;I?w():(x=X,X=function(){(x(),B)(w)})})}},OK=function(n,E,I){if(3==n.length){for(I=0;3>I;I++)E[I]+=n[I];for(I=[13,8,13,12,16,(n=0,5),3,10,15];9>n;n++)E[3](E,n%3,I[n])}},K=function(n,E,I){I=this;try{bN(E,n,this)}catch(e){A(e,this),n(function(X){X(I.T)})}},dN=function(n,E){return E=z(n),E&128&&(E=E&127|z(n)<<7),E},UK=function(n,E,I,e,X){for(X=(I=I[e=I[2]|0,3]|0,0);14>X;X++)n=n>>>8|n<<24,n+=E|0,n^=e+2298,I=I>>>8|I<<24,E=E<<3|E>>>29,I+=e|0,I^=X+2298,E^=n,e=e<<3|e>>>29,e^=I;return[E>>>24&255,E>>>16&255,E>>>8&255,E>>>0&255,n>>>24&255,n>>>16&255,n>>>8&255,n>>>0&255]},hI=function(n,E,I){return E.o(function(e){I=e},false,n),I},z=function(n){return n.S?Lv(n.v,n):h(8,n,true)},jv=function(n,E){return E[n]<<24|E[(n|0)+1]<<16|E[(n|0)+2]<<8|E[(n|0)+3]},rN=function(n,E,I,e,X,L){if(!n.T){n.B++;try{for(X=(L=0,n.O),e=void 0;--E;)try{if(I=void 0,n.S)e=Lv(n.S,n);else{if((L=Q(169,n),L)>=X)break;e=Q((Z(117,n,L),I=a(n),I),n)}v(false,false,(e&&e[cU]&2048?e(n,E):P(0,n,[r,21,I]),n),E)}catch(T){Q(184,n)?P(22,n,T):Z(184,n,T)}if(!E){if(n.gY){rN(n,(n.B--,168668240895));return}P(0,n,[r,33])}}catch(T){try{P(22,n,T)}catch(g){A(g,n)}}n.B--}},G=function(n,E,I,e,X,L){if(n.L==n)for(L=Q(E,n),446==E?(E=function(T,g,x,w){if((w=(x=L.length,(x|0)-4>>3),L.q7)!=w){g=[0,(w=(w<<3)-(L.q7=w,4),0),X[1],X[2]];try{L.O$=UK(jv((w|0)+4,L),jv(w,L),g)}catch(D){throw D;}}L.push(L.O$[x&7]^T)},X=Q(258,n)):E=function(T){L.push(T)},e&&E(e&255),n=0,e=I.length;n<e;n++)E(I[n])},fv=function(n,E,I){return((I=J[E.g](E.xv),I)[E.g]=function(){return n},I).concat=function(e){n=e},I},h=function(n,E,I,e,X,L,T,g,x,w,D,M,W,t){if((g=Q(169,E),g)>=E.O)throw[r,31];for(w=(e=(D=E.aN.length,n),0),x=g;0<e;)T=x>>3,t=x%8,W=8-(t|0),L=E.X[T],W=W<e?W:e,I&&(X=E,X.i!=x>>6&&(X.i=x>>6,M=Q(226,X),X.V=UK(X.i,X.H,[0,0,M[1],M[2]])),L^=E.V[T&D]),x+=W,w|=(L>>8-(t|0)-(W|0)&(1<<W)-1)<<(e|0)-(W|0),e-=W;return Z(169,E,(I=w,(g|0)+(n|0))),I},q=this||self,B=q.requestIdleCallback?function(n){requestIdleCallback(function(){n()},{timeout:4})}:q.setImmediate?function(n){setImmediate(n)}:function(n){setTimeout(n,0)},PU=function(n,E,I,e,X,L){function T(){if(I.L==I){if(I.K){var g=[H,n,e,void 0,X,L,arguments];if(2==E)var x=c(I,(m(I,g),false),false);else if(1==E){var w=!I.N.length;(m(I,g),w)&&c(I,false,false)}else x=mC(g,I);return x}X&&L&&X.removeEventListener(L,T,F)}}return T},pv=function(n,E,I,e,X,L,T,g){return((L=(T=n&(X=$0,I=[89,-43,5,1,4,91,I,75,51,-20],7),J[E.g](E.Lv)),L)[E.g]=function(x){T+=6+7*n,g=x,T&=7},L).concat=function(x){return(g=(x=(x=e%16+1,-40*e*e*g-x*g- -2240*g+I[T+51&7]*e*x+40*g*g+T+1*e*e*x- -1720*e*g+(X()|0)*x),void 0),x=I[x],I[(T+13&7)+(n&2)]=x,I)[T+(n&2)]=-43,x},L},zl=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),cU=((K.prototype.gY=false,K.prototype.dY=void 0,K).prototype.s="toString",K.prototype.BV=void 0,[]),H=[],l=[],k=[],ev=[],WU=[],r={},N=[],uN=[],$0=((y=(((Tl,function(){})(R),DU,function(){})(OK),K.prototype.g="create",K.prototype),y).bV=function(n,E,I){return n^((E=((E^=E<<13,E^=E>>17,E)^E<<5)&I)||(E=1),E)},void 0),J=(y.o=(y.HV=function(){return Math.floor(this.D+(this.Z()-this.Y))},((y.GW=function(n,E,I,e,X,L){for(X=(e=L=0,[]);L<n.length;L++)for(I=I<<E|n[L],e+=E;7<e;)e-=8,X.push(I>>e&255);return X},y).Z=(y.he=function(){return Math.floor(this.Z())},(window.performance||{}).now)?function(){return this.pv+window.performance.now()}:function(){return+new Date},y).PV=function(n,E,I,e,X){for(e=X=0;X<n.length;X++)e+=n.charCodeAt(X),e+=e<<10,e^=e>>6;return X=new Number((n=(e+=e<<3,e^=e>>11,e+(e<<15)>>>0),n&(1<<E)-1)),X[0]=(n>>>E)%I,X},function(n,E,I,e,X){if(I="array"===iN(I)?I:[I],this.T)n(this.T);else try{e=[],X=!this.N.length,m(this,[N,e,I]),m(this,[k,n,e]),E&&!X||c(this,E,true)}catch(L){A(L,this),n(this.T)}}),r).constructor;(K.prototype.u=function(n,E){return $0=function(){return n==E?-56:-98},E={},n={},function(I,e,X,L,T,g,x,w,D,M,W,t,p,V,u){n=(t=n,E);try{if(e=I[0],e==l){p=I[1];try{for(x=(u=(V=[],L=0,atob(p)),0);L<u.length;L++)T=u.charCodeAt(L),255<T&&(V[x++]=T&255,T>>=8),V[x++]=T;Z(226,this,(this.O=(this.X=V,this).X.length<<3,[0,0,0]))}catch(U){P(17,this,U);return}rN(this,8001)}else if(e==N)I[1].push(Q(373,this).length,Q(504,this),Q(446,this).length,Q(90,this).length),Z(98,this,I[2]),this.K[67]&&Q6(this,Q(67,this),8001);else{if(e==k){(w=(V=I[2],f(2,(Q(373,this).length|0)+2)),X=this.L,this).L=this;try{W=Q(19,this),0<W.length&&G(this,373,f(2,W.length).concat(W),10),G(this,373,f(1,this.j),109),G(this,373,f(1,this[k].length)),u=0,u+=Q(6,this)&2047,u-=(Q(373,this).length|0)+5,D=Q(446,this),4<D.length&&(u-=(D.length|0)+3),0<u&&G(this,373,f(2,u).concat(R(u)),15),4<D.length&&G(this,373,f(2,D.length).concat(D),156)}finally{this.L=X}if(g=((x=R(2).concat(Q(373,this)),x[1]=x[0]^6,x)[3]=x[1]^w[0],x[4]=x[1]^w[1],this).N7(x))g="!"+g;else for(u=0,g="";u<x.length;u++)M=x[u][this.s](16),1==M.length&&(M="0"+M),g+=M;return Q(((Z(504,this,((L=g,Q)(373,this).length=V.shift(),V.shift())),Q(446,this)).length=V.shift(),90),this).length=V.shift(),L}if(e==uN)Q6(this,I[1],I[2]);else if(e==H)return Q6(this,I[1],8001)}}finally{n=t}}}(),K.prototype.yC=0,K.prototype).N7=function(n,E,I,e){if(I=window.btoa){for(e="",E=0;E<n.length;E+=8192)e+=String.fromCharCode.apply(null,n.slice(E,E+8192));n=I(e).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else n=void 0;return n},K.prototype.Z4=0;var V6,tI=/./,AI=(K.prototype[WU]=[0,0,1,1,0,1,1],l.pop.bind(K.prototype[N])),Gl=function(n,E){return(E=Xn())&&1===n.eval(E.createScript("1"))?function(I){return E.createScript(I)}:function(I){return""+I}}(((V6=Y0({get:AI},(tI[K.prototype.s]=AI,K.prototype.g)),K).prototype.iV=void 0,q));(O=q.botguard||(q.botguard={}),40<O.m)||(O.m=41,O.bg=qi,O.a=aa),O.kDL_=function(n,E,I){return[(I=new K(E,n),function(e){return hI(e,I)})]};}).call(this);'));
}).call(this);
#4 JavaScript::Eval (size: 16939) - SHA256: d902ca5cbcafe94173d0ba2c727ea56e4f504e12f25f5697fb5a7b3c6f7962be
(function() {
    var y, nv = function(n, E, I, e) {
            for (e = (I = a(E), 0); 0 < n; n--) e = e << 8 | z(E);
            Z(I, E, e)
        },
        c = function(n, E, I, e, X, L) {
            if (n.N.length) {
                (n.R = (n.R && 0(), true), n).rY = E;
                try {
                    e = n.Z(), n.G = e, n.I = 0, n.Y = e, L = Ia(E, n), X = n.Z() - n.Y, n.D += X, X < (I ? 0 : 10) || 0 >= n.l-- || (X = Math.floor(X), n.F.push(254 >= X ? X : 254))
                } finally {
                    n.R = false
                }
                return L
            }
        },
        iN = function(n, E, I) {
            if ((I = typeof n, "object") == I)
                if (n) {
                    if (n instanceof Array) return "array";
                    if (n instanceof Object) return I;
                    if ((E = Object.prototype.toString.call(n), "[object Window]") == E) return "object";
                    if ("[object Array]" == E || "number" == typeof n.length && "undefined" != typeof n.splice && "undefined" != typeof n.propertyIsEnumerable && !n.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == E || "undefined" != typeof n.call && "undefined" != typeof n.propertyIsEnumerable && !n.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == I && "undefined" == typeof n.call) return "object";
            return I
        },
        m = function(n, E) {
            n.N.splice(0, 0, E)
        },
        Lv = function(n, E) {
            return (n = n.create().shift(), E.S).create().length || E.v.create().length || (E.v = void 0, E.S = void 0), n
        },
        P = function(n, E, I, e, X, L) {
            if (!E.U) {
                if (3 < (I = (0 == ((L = void 0, I && I[0] === r) && (n = I[1], L = I[2], I = void 0), X = Q(19, E), X).length && (e = Q(117, E) >> 3, X.push(n, e >> 8 & 255, e & 255), void 0 != L && X.push(L & 255)), n = "", I && (I.message && (n += I.message), I.stack && (n += ":" + I.stack)), Q(504, E)), I)) {
                    E.L = (L = (n = (I -= (n = n.slice(0, (I | 0) - 3), n.length | 0) + 3, EK(n)), E.L), E);
                    try {
                        G(E, 446, f(2, n.length).concat(n), 9)
                    } finally {
                        E.L = L
                    }
                }
                Z(504, E, I)
            }
        },
        b = function(n, E, I) {
            n[Z(I, E, n), ev] = 2796
        },
        Tl = function(n, E) {
            (E.push(n[0] << 24 | n[1] << 16 | n[2] << 8 | n[3]), E.push(n[4] << 24 | n[5] << 16 | n[6] << 8 | n[7]), E).push(n[8] << 24 | n[9] << 16 | n[10] << 8 | n[11])
        },
        gN = function(n, E, I, e) {
            G(n, (I = (e = a(n), a(n)), I), f(E, Q(e, n)))
        },
        Xn = function(n, E) {
            if (E = (n = q.trustedTypes, null), !n || !n.createPolicy) return E;
            try {
                E = n.createPolicy("bg", {
                    createHTML: x0,
                    createScript: x0,
                    createScriptURL: x0
                })
            } catch (I) {
                q.console && q.console.error(I.message)
            }
            return E
        },
        aa = function(n, E, I, e) {
            return (e = O[n.substring(0, 3) + "_"]) ? e(n.substring(3), E, I) : wN(E, n)
        },
        DU = function(n, E, I, e) {
            try {
                e = n[((E | 0) + 2) % 3], n[E] = (n[E] | 0) - (n[((E | 0) + 1) % 3] | 0) - (e | 0) ^ (1 == E ? e << I : e >>> I)
            } catch (X) {
                throw X;
            }
        },
        Q = function(n, E) {
            if (void 0 === (E = E.K[n], E)) throw [r, 30, n];
            if (E.value) return E.create();
            return E.create(1 * n * n + -43 * n + -56), E.prototype
        },
        ZU = function(n, E, I, e, X, L) {
            for (e = (L = (I = ((X = a((E = n[zl] || {}, n)), E.TW = a(n), E).P = [], n.L == n) ? (z(n) | 0) - 1 : 1, a(n)), 0); e < I; e++) E.P.push(a(n));
            for (E.A = Q(X, n); I--;) E.P[I] = Q(E.P[I], n);
            return E.Kv = Q(L, n), E
        },
        Mi = function(n, E, I, e, X) {
            G(n, (((e = Q((X = a((e = (I = E & 4, E &= 3, a(n)), n)), e), n), I) && (e = EK("" + e)), E) && G(n, X, f(2, e.length)), X), e)
        },
        EK = function(n, E, I, e, X) {
            for (X = E = (n = n.replace(/\r\n/g, "\n"), I = [], 0); X < n.length; X++) e = n.charCodeAt(X), 128 > e ? I[E++] = e : (2048 > e ? I[E++] = e >> 6 | 192 : (55296 == (e & 64512) && X + 1 < n.length && 56320 == (n.charCodeAt(X + 1) & 64512) ? (e = 65536 + ((e & 1023) << 10) + (n.charCodeAt(++X) & 1023), I[E++] = e >> 18 | 240, I[E++] = e >> 12 & 63 | 128) : I[E++] = e >> 12 | 224, I[E++] = e >> 6 & 63 | 128), I[E++] = e & 63 | 128);
            return I
        },
        O, a = function(n, E) {
            if (n.S) return Lv(n.v, n);
            return (E = h(8, n, true), E & 128) && (E ^= 128, n = h(2, n, true), E = (E << 2) + (n | 0)), E
        },
        A = function(n, E) {
            E.T = ((E.T ? E.T + "~" : "E:") + n.message + ":" + n.stack).slice(0, 2048)
        },
        mC = function(n, E, I, e, X) {
            if ((I = n[0], I) == N) E.l = 25, E.u(n);
            else if (I == k) {
                X = n[1];
                try {
                    e = E.T || E.u(n)
                } catch (L) {
                    A(L, E), e = E.T
                }
                X(e)
            } else if (I == uN) E.u(n);
            else if (I == l) E.u(n);
            else if (I == WU) {
                try {
                    for (e = 0; e < E.C.length; e++) try {
                        X = E.C[e], X[0][X[1]](X[2])
                    } catch (L) {}
                } catch (L) {}(0, n[1])(function(L, T) {
                    E.o(L, true, T)
                }, (E.C = [], function(L) {
                    (m(E, (L = !E.N.length, [cU])), L) && c(E, true, false)
                }))
            } else {
                if (I == H) return e = n[2], Z(264, E, n[6]), Z(98, E, e), E.u(n);
                I == cU ? (E.F = [], E.K = null, E.X = []) : I == ev && "loading" === q.document.readyState && (E.h = function(L, T) {
                    function g() {
                        T || (T = true, L())
                    }
                    q.document.addEventListener("DOMContentLoaded", (T = false, g), F), q.addEventListener("load", g, F)
                })
            }
        },
        F = {
            passive: true,
            capture: true
        },
        wN = function(n, E) {
            return n(function(I) {
                I(E)
            }), [function() {
                return E
            }]
        },
        x0 = function(n) {
            return n
        },
        sK = function(n, E) {
            Z(169, n, (n.mu.push(n.K.slice()), n.K[169] = void 0, E))
        },
        v = function(n, E, I, e, X, L, T, g, x) {
            if (I.L = (T = (x = (g = (L = 0 < (E || I.I++, I).W && I.R && I.rY && 1 >= I.B && !I.S && !I.h && (!E || 1 < I.J - e) && 0 == document.hidden, (X = 4 == I.I) || L) ? I.Z() : I.G, g) - I.G, x >> 14), I.H && (I.H ^= T * (x << 2)), I.j += T, T) || I.L, X || L) I.I = 0, I.G = g;
            if (!L || g - I.Y < I.W - (n ? 255 : E ? 5 : 2)) return false;
            return I.h = ((Z((n = Q(E ? 117 : 169, (I.J = e, I)), 169), I, I.O), I).N.push([uN, n, E ? e + 1 : e]), B), true
        },
        Ia = function(n, E, I, e) {
            for (; E.N.length;) {
                e = (E.h = null, E).N.pop();
                try {
                    I = mC(e, E)
                } catch (X) {
                    A(X, E)
                }
                if (n && E.h) {
                    n = E.h, n(function() {
                        c(E, true, true)
                    });
                    break
                }
            }
            return I
        },
        Q6 = function(n, E, I, e) {
            return Q((Z(169, (rN(n, (e = Q(169, n), n.X && e < n.O ? (Z(169, n, n.O), sK(n, E)) : Z(169, n, E), I)), n), e), 98), n)
        },
        bN = function(n, E, I, e, X) {
            for (e = (I.xv = ((I.uV = ((I.aN = I[k], I).zW = V6, tI), I).Lv = Y0({get: function() {
                        return this.concat()
                    }
                }, I.g), J[I.g](I.Lv, {
                    value: {
                        value: {}
                    }
                })), 0), X = []; 128 > e; e++) X[e] = String.fromCharCode(e);
            c(I, true, (m(I, (m(I, (m(I, (Z(6, (b(function(L, T, g, x, w, D) {
                v(false, true, L, T) || (w = ZU(L.L), T = w.P, D = w.A, g = T.length, x = w.Kv, w = w.TW, T = 0 == g ? new x[D] : 1 == g ? new x[D](T[0]) : 2 == g ? new x[D](T[0], T[1]) : 3 == g ? new x[D](T[0], T[1], T[2]) : 4 == g ? new x[D](T[0], T[1], T[2], T[3]) : 2(), Z(w, L, T))
            }, (Z(446, I, R((b(function(L, T, g, x, w, D) {
                if (!v(true, true, L, T)) {
                    if ((D = (w = Q((T = (g = (D = a(L), T = a(L), a(L)), w = a(L), Q)(T, L), w), L), Q(D, L)), L = Q(g, L), "object") == iN(D)) {
                        for (x in g = [], D) g.push(x);
                        D = g
                    }
                    for (x = 0, g = D.length, L = 0 < L ? L : 1; x < g; x += L) T(D.slice(x, (x | 0) + (L | 0)), w)
                }
            }, I, ((b(function(L) {
                nv(4, L)
            }, (b(function(L, T, g, x, w, D, M) {
                for (x = (T = (g = Q((D = a(L), w = dN(L), M = "", 157), L), g.length), 0); w--;) x = ((x | 0) + (dN(L) | 0)) % T, M += X[g[x]];
                Z(D, L, M)
            }, I, (Z(409, (I.cV = (Z(373, I, [160, (b(function(L, T, g, x) {
                Z((x = Q((g = (T = a((g = (x = a(L), a(L)), L)), Q(g, L)), x), L), T), L, x[g])
            }, (b(function(L, T, g, x, w) {
                Z((w = (g = (g = a((x = (T = a(L), a(L)), L)), w = a(L), Q)(g, L), x = Q(x, L), Q(w, L)), T), L, PU(x, w, L, g))
            }, I, (b(function(L, T, g, x, w) {
                for (x = (w = (g = dN((T = a(L), L)), []), 0); x < g; x++) w.push(z(L));
                Z(T, L, w)
            }, I, (b(function(L) {
                gN(L, 1)
            }, (b(function(L, T, g, x) {
                !v(false, true, L, T) && (T = ZU(L), x = T.Kv, g = T.A, L.L == L || g == L.S0 && x == L) && (Z(T.TW, L, g.apply(x, T.P)), L.G = L.Z())
            }, (b(function(L, T, g, x) {
                Z((g = Q((T = a((g = a(L), L)), x = Q(T, L), g), L), T), L, x + g)
            }, (Z(19, I, (b(function(L, T, g) {
                Z((g = (T = a(L), a(L)), T = Q(T, L), T = iN(T), g), L, T)
            }, I, (b(function(L, T, g, x) {
                Z((T = a((x = (g = a(L), a(L)), L)), T), L, Q(g, L) || Q(x, L))
            }, I, (b(function(L, T) {
                L = (T = a(L), Q)(T, L.L), L[0].removeEventListener(L[1], L[2], F)
            }, (b(function(L, T, g) {
                v(false, true, L, T) || (T = a(L), g = a(L), Z(g, L, function(x) {
                    return eval(x)
                }(Gl(Q(T, L.L)))))
            }, I, (b(function(L) {
                Mi(L, 3)
            }, I, (b(function(L, T, g) {
                0 != (g = (g = (T = a(L), a(L)), Q)(g, L), Q(T, L)) && Z(169, L, g)
            }, (Z(426, I, (b(function(L, T, g, x, w) {
                x = (T = Q((g = (w = (T = (x = a(L), g = a(L), a)(L), a(L)), Q(g, L)), w = Q(w, L), T), L), Q)(x, L.L), 0 !== x && (T = PU(T, 1, L, w, x, g), x.addEventListener(g, T, F), Z(426, L, [x, g, T]))
            }, (Z((b(function(L) {
                gN(L, 4)
            }, (b(function(L, T, g, x) {
                Z((x = (T = (x = a(L), a(L)), g = a(L), T = Q(T, L), Q(x, L)), g), L, x in T | 0)
            }, (Z(258, (Z(504, (Z(98, I, (b(function() {}, I, (b(function(L, T, g, x) {
                Z((T = z((x = a(L), L)), g = a(L), g), L, Q(x, L) >>> T)
            }, I, (b(function(L, T, g) {
                Z((g = (T = a(L), a(L)), g), L, "" + Q(T, L))
            }, I, (b(function(L, T) {
                sK((T = Q(a(L), L), L.L), T)
            }, I, (b(function(L, T, g, x, w, D, M, W, t, p, V, u) {
                function U(Y, d) {
                    for (; g < Y;) u |= z(L) << g, g += 8;
                    return u >>= (d = u & (1 << (g -= Y, Y)) - 1, Y), d
                }
                for (w = (x = (g = (V = a(L), u = 0), M = (U(3) | 0) + 1, U(5)), []), D = T = 0; D < x; D++) W = U(1), w.push(W), T += W ? 0 : 1;
                for (p = (D = (T = ((T | 0) - 1).toString(2).length, 0), []); D < x; D++) w[D] || (p[D] = U(T));
                for (T = 0; T < x; T++) w[T] && (p[T] = a(L));
                for (t = []; M--;) t.push(Q(a(L), L));
                b(function(Y, d, y6, C, S) {
                    for (C = (y6 = [], S = [], 0); C < x; C++) {
                        if (d = p[C], !w[C]) {
                            for (; d >= S.length;) S.push(a(Y));
                            d = S[d]
                        }
                        y6.push(d)
                    }(Y.S = fv(t.slice(), Y), Y).v = fv(y6, Y)
                }, L, V)
            }, I, (b(function(L, T, g, x) {
                if (x = L.mu.pop()) {
                    for (g = z(L); 0 < g; g--) T = a(L), x[T] = L.K[T];
                    L.K = (x[504] = (x[19] = L.K[19], L).K[504], x)
                } else Z(169, L, L.O)
            }, (b(function(L) {
                Mi(L, 4)
            }, I, (b(function(L, T, g, x) {
                (x = (g = a((T = a(L), L)), a(L)), L.L == L) && (g = Q(g, L), x = Q(x, L), Q(T, L)[g] = x, 226 == T && (L.i = void 0, 2 == g && (L.H = h(32, L, false), L.i = void 0)))
            }, I, (b(function(L, T, g, x) {
                T = (g = a((T = (x = a(L), a(L)), L)), x = Q(x, L), Q)(T, L), Z(g, L, +(x == T))
            }, I, (Z(90, ((Z(117, (((I.l = 25, (I.T = void 0, (e = window.performance || {}, (I.v = (I.XU = 0, void 0), I.K = [], I).rY = (I.X = [], (I.O = 0, I.W = 0, I).N = [], I.H = (I.mu = [], I.R = false, void 0), I.B = 0, false), I).S = void 0, I.F = [], I).j = (I.Y = 0, I.V = void 0, I.G = 0, I.D = 0, 1), I).pv = (I.J = 8001, (I.I = void 0, I.h = (I.S0 = function(L) {
                this.L = L
            }, null), I.L = (I.C = [], I), I).U = false, (I.i = void 0, e).timeOrigin || (e.timing || {}).navigationStart || 0), Z)(169, I, 0), I), 0), I).Yv = 0, I), []), 111)), 292)), Z(184, I, 353), 170)), I), 382), 286)), 390)), 281)), 7)), 326)), {})), I), 2048), I), [0, 0, 0]), I), 44), I), 84), 207), I, q), I), 396), 0)), I), 323), 177)), 442)), I), 81), 376)), 433)), [])), I), 14), I), 222), I), 347), 287)), 50)), I), 123), 0), 0]), 0), I), I), 205)), I), 432), I).vV = 0, 215)), 4))), I), 228), I), 0), [ev])), [l, n])), [WU, E])), true))
        },
        R = function(n, E) {
            for (E = []; n--;) E.push(255 * Math.random() | 0);
            return E
        },
        f = function(n, E, I, e) {
            for (e = (I = (n | 0) - 1, []); 0 <= I; I--) e[(n | 0) - 1 - (I | 0)] = E >> 8 * I & 255;
            return e
        },
        Y0 = function(n, E) {
            return J[E](J.prototype, {
                splice: n,
                floor: n,
                pop: n,
                stack: n,
                document: n,
                call: n,
                length: n,
                prototype: n,
                parent: n,
                console: n,
                propertyIsEnumerable: n,
                replace: n
            })
        },
        Z = function(n, E, I) {
            if (169 == n || 117 == n) E.K[n] ? E.K[n].concat(I) : E.K[n] = fv(I, E);
            else {
                if (E.U && 226 != n) return;
                373 == n || 446 == n || 90 == n || 19 == n || 258 == n ? E.K[n] || (E.K[n] = pv(118, E, I, n)) : E.K[n] = pv(81, E, I, n)
            }
            226 == n && (E.H = h(32, E, false), E.i = void 0)
        },
        qi = function(n, E, I, e) {
            function X() {}
            return {
                invoke: (e = aa((I = void 0, n), function(L) {
                    X && (E && B(E), I = L, X(), X = void 0)
                }, !!E)[0], function(L, T, g, x) {
                    function w() {
                        I(function(D) {
                            B(function() {
                                L(D)
                            })
                        }, g)
                    }
                    if (!T) return T = e(g), L && L(T), T;
                    I ? w() : (x = X, X = function() {
                        (x(), B)(w)
                    })
                })
            }
        },
        OK = function(n, E, I) {
            if (3 == n.length) {
                for (I = 0; 3 > I; I++) E[I] += n[I];
                for (I = [13, 8, 13, 12, 16, (n = 0, 5), 3, 10, 15]; 9 > n; n++) E[3](E, n % 3, I[n])
            }
        },
        K = function(n, E, I) {
            I = this;
            try {
                bN(E, n, this)
            } catch (e) {
                A(e, this), n(function(X) {
                    X(I.T)
                })
            }
        },
        dN = function(n, E) {
            return E = z(n), E & 128 && (E = E & 127 | z(n) << 7), E
        },
        UK = function(n, E, I, e, X) {
            for (X = (I = I[e = I[2] | 0, 3] | 0, 0); 14 > X; X++) n = n >>> 8 | n << 24, n += E | 0, n ^= e + 2298, I = I >>> 8 | I << 24, E = E << 3 | E >>> 29, I += e | 0, I ^= X + 2298, E ^= n, e = e << 3 | e >>> 29, e ^= I;
            return [E >>> 24 & 255, E >>> 16 & 255, E >>> 8 & 255, E >>> 0 & 255, n >>> 24 & 255, n >>> 16 & 255, n >>> 8 & 255, n >>> 0 & 255]
        },
        hI = function(n, E, I) {
            return E.o(function(e) {
                I = e
            }, false, n), I
        },
        z = function(n) {
            return n.S ? Lv(n.v, n) : h(8, n, true)
        },
        jv = function(n, E) {
            return E[n] << 24 | E[(n | 0) + 1] << 16 | E[(n | 0) + 2] << 8 | E[(n | 0) + 3]
        },
        rN = function(n, E, I, e, X, L) {
            if (!n.T) {
                n.B++;
                try {
                    for (X = (L = 0, n.O), e = void 0; --E;) try {
                        if (I = void 0, n.S) e = Lv(n.S, n);
                        else {
                            if ((L = Q(169, n), L) >= X) break;
                            e = Q((Z(117, n, L), I = a(n), I), n)
                        }
                        v(false, false, (e && e[cU] & 2048 ? e(n, E) : P(0, n, [r, 21, I]), n), E)
                    } catch (T) {
                        Q(184, n) ? P(22, n, T) : Z(184, n, T)
                    }
                    if (!E) {
                        if (n.gY) {
                            rN(n, (n.B--, 168668240895));
                            return
                        }
                        P(0, n, [r, 33])
                    }
                } catch (T) {
                    try {
                        P(22, n, T)
                    } catch (g) {
                        A(g, n)
                    }
                }
                n.B--
            }
        },
        G = function(n, E, I, e, X, L) {
            if (n.L == n)
                for (L = Q(E, n), 446 == E ? (E = function(T, g, x, w) {
                        if ((w = (x = L.length, (x | 0) - 4 >> 3), L.q7) != w) {
                            g = [0, (w = (w << 3) - (L.q7 = w, 4), 0), X[1], X[2]];
                            try {
                                L.O$ = UK(jv((w | 0) + 4, L), jv(w, L), g)
                            } catch (D) {
                                throw D;
                            }
                        }
                        L.push(L.O$[x & 7] ^ T)
                    }, X = Q(258, n)) : E = function(T) {
                        L.push(T)
                    }, e && E(e & 255), n = 0, e = I.length; n < e; n++) E(I[n])
        },
        fv = function(n, E, I) {
            return ((I = J[E.g](E.xv), I)[E.g] = function() {
                return n
            }, I).concat = function(e) {
                n = e
            }, I
        },
        h = function(n, E, I, e, X, L, T, g, x, w, D, M, W, t) {
            if ((g = Q(169, E), g) >= E.O) throw [r, 31];
            for (w = (e = (D = E.aN.length, n), 0), x = g; 0 < e;) T = x >> 3, t = x % 8, W = 8 - (t | 0), L = E.X[T], W = W < e ? W : e, I && (X = E, X.i != x >> 6 && (X.i = x >> 6, M = Q(226, X), X.V = UK(X.i, X.H, [0, 0, M[1], M[2]])), L ^= E.V[T & D]), x += W, w |= (L >> 8 - (t | 0) - (W | 0) & (1 << W) - 1) << (e | 0) - (W | 0), e -= W;
            return Z(169, E, (I = w, (g | 0) + (n | 0))), I
        },
        q = this || self,
        B = q.requestIdleCallback ? function(n) {
            requestIdleCallback(function() {
                n()
            }, {
                timeout: 4
            })
        } : q.setImmediate ? function(n) {
            setImmediate(n)
        } : function(n) {
            setTimeout(n, 0)
        },
        PU = function(n, E, I, e, X, L) {
            function T() {
                if (I.L == I) {
                    if (I.K) {
                        var g = [H, n, e, void 0, X, L, arguments];
                        if (2 == E) var x = c(I, (m(I, g), false), false);
                        else if (1 == E) {
                            var w = !I.N.length;
                            (m(I, g), w) && c(I, false, false)
                        } else x = mC(g, I);
                        return x
                    }
                    X && L && X.removeEventListener(L, T, F)
                }
            }
            return T
        },
        pv = function(n, E, I, e, X, L, T, g) {
            return ((L = (T = n & (X = $0, I = [89, -43, 5, 1, 4, 91, I, 75, 51, -20], 7), J[E.g](E.Lv)), L)[E.g] = function(x) {
                T += 6 + 7 * n, g = x, T &= 7
            }, L).concat = function(x) {
                return (g = (x = (x = e % 16 + 1, -40 * e * e * g - x * g - -2240 * g + I[T + 51 & 7] * e * x + 40 * g * g + T + 1 * e * e * x - -1720 * e * g + (X() | 0) * x), void 0), x = I[x], I[(T + 13 & 7) + (n & 2)] = x, I)[T + (n & 2)] = -43, x
            }, L
        },
        zl = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        cU = ((K.prototype.gY = false, K.prototype.dY = void 0, K).prototype.s = "toString", K.prototype.BV = void 0, []),
        H = [],
        l = [],
        k = [],
        ev = [],
        WU = [],
        r = {},
        N = [],
        uN = [],
        $0 = ((y = (((Tl, function() {})(R), DU, function() {})(OK), K.prototype.g = "create", K.prototype), y).bV = function(n, E, I) {
            return n ^ ((E = ((E ^= E << 13, E ^= E >> 17, E) ^ E << 5) & I) || (E = 1), E)
        }, void 0),
        J = (y.o = (y.HV = function() {
            return Math.floor(this.D + (this.Z() - this.Y))
        }, ((y.GW = function(n, E, I, e, X, L) {
            for (X = (e = L = 0, []); L < n.length; L++)
                for (I = I << E | n[L], e += E; 7 < e;) e -= 8, X.push(I >> e & 255);
            return X
        }, y).Z = (y.he = function() {
            return Math.floor(this.Z())
        }, (window.performance || {}).now) ? function() {
            return this.pv + window.performance.now()
        } : function() {
            return +new Date
        }, y).PV = function(n, E, I, e, X) {
            for (e = X = 0; X < n.length; X++) e += n.charCodeAt(X), e += e << 10, e ^= e >> 6;
            return X = new Number((n = (e += e << 3, e ^= e >> 11, e + (e << 15) >>> 0), n & (1 << E) - 1)), X[0] = (n >>> E) % I, X
        }, function(n, E, I, e, X) {
            if (I = "array" === iN(I) ? I : [I], this.T) n(this.T);
            else try {
                e = [], X = !this.N.length, m(this, [N, e, I]), m(this, [k, n, e]), E && !X || c(this, E, true)
            } catch (L) {
                A(L, this), n(this.T)
            }
        }), r).constructor;
    (K.prototype.u = function(n, E) {
        return $0 = function() {
                return n == E ? -56 : -98
            }, E = {}, n = {},
            function(I, e, X, L, T, g, x, w, D, M, W, t, p, V, u) {
                n = (t = n, E);
                try {
                    if (e = I[0], e == l) {
                        p = I[1];
                        try {
                            for (x = (u = (V = [], L = 0, atob(p)), 0); L < u.length; L++) T = u.charCodeAt(L), 255 < T && (V[x++] = T & 255, T >>= 8), V[x++] = T;
                            Z(226, this, (this.O = (this.X = V, this).X.length << 3, [0, 0, 0]))
                        } catch (U) {
                            P(17, this, U);
                            return
                        }
                        rN(this, 8001)
                    } else if (e == N) I[1].push(Q(373, this).length, Q(504, this), Q(446, this).length, Q(90, this).length), Z(98, this, I[2]), this.K[67] && Q6(this, Q(67, this), 8001);
                    else {
                        if (e == k) {
                            (w = (V = I[2], f(2, (Q(373, this).length | 0) + 2)), X = this.L, this).L = this;
                            try {
                                W = Q(19, this), 0 < W.length && G(this, 373, f(2, W.length).concat(W), 10), G(this, 373, f(1, this.j), 109), G(this, 373, f(1, this[k].length)), u = 0, u += Q(6, this) & 2047, u -= (Q(373, this).length | 0) + 5, D = Q(446, this), 4 < D.length && (u -= (D.length | 0) + 3), 0 < u && G(this, 373, f(2, u).concat(R(u)), 15), 4 < D.length && G(this, 373, f(2, D.length).concat(D), 156)
                            } finally {
                                this.L = X
                            }
                            if (g = ((x = R(2).concat(Q(373, this)), x[1] = x[0] ^ 6, x)[3] = x[1] ^ w[0], x[4] = x[1] ^ w[1], this).N7(x)) g = "!" + g;
                            else
                                for (u = 0, g = ""; u < x.length; u++) M = x[u][this.s](16), 1 == M.length && (M = "0" + M), g += M;
                            return Q(((Z(504, this, ((L = g, Q)(373, this).length = V.shift(), V.shift())), Q(446, this)).length = V.shift(), 90), this).length = V.shift(), L
                        }
                        if (e == uN) Q6(this, I[1], I[2]);
                        else if (e == H) return Q6(this, I[1], 8001)
                    }
                } finally {
                    n = t
                }
            }
    }(), K.prototype.yC = 0, K.prototype).N7 = function(n, E, I, e) {
        if (I = window.btoa) {
            for (e = "", E = 0; E < n.length; E += 8192) e += String.fromCharCode.apply(null, n.slice(E, E + 8192));
            n = I(e).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
        } else n = void 0;
        return n
    }, K.prototype.Z4 = 0;
    var V6, tI = /./,
        AI = (K.prototype[WU] = [0, 0, 1, 1, 0, 1, 1], l.pop.bind(K.prototype[N])),
        Gl = function(n, E) {
            return (E = Xn()) && 1 === n.eval(E.createScript("1")) ? function(I) {
                return E.createScript(I)
            } : function(I) {
                return "" + I
            }
        }(((V6 = Y0({get: AI
        }, (tI[K.prototype.s] = AI, K.prototype.g)), K).prototype.iV = void 0, q));
    (O = q.botguard || (q.botguard = {}), 40 < O.m) || (O.m = 41, O.bg = qi, O.a = aa), O.kDL_ = function(n, E, I) {
        return [(I = new K(E, n), function(e) {
            return hI(e, I)
        })]
    };
}).call(this);
#5 JavaScript::Eval (size: 22) - SHA256: 355b9b382781cde432ccca7627a8fdecad5040be2910428d5fc5b4b57fed949b
0,
function(L) {
    nv(1, L)
}

Executed Writes (0)


HTTP Transactions (67)


Request Response
                                        
                                            GET /2012/02/skin79-bb-cleanser-o2-bubble.html HTTP/1.1 
Host: laura-pieces-of-beauty.blogspot.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.217.21.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://laura-pieces-of-beauty.blogspot.com/2012/02/skin79-bb-cleanser-o2-bubble.html
Content-Encoding: gzip
Date: Wed, 30 Nov 2022 20:58:40 GMT
Expires: Wed, 30 Nov 2022 20:58:40 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 222
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   222
Md5:    4e79ee066e63796e6ae784b588562e3f
Sha1:   58701d1cdacc08503a1d951d9f521a82806809e8
Sha256: 91faaf8e1e90371bcadf10faaea7bbba7a0b2d05b4f61abbfcecce0f30a39533

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3199
Expires: Wed, 30 Nov 2022 21:51:59 GMT
Date: Wed, 30 Nov 2022 20:58:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 417
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 20:58:40 GMT
Last-Modified: Wed, 30 Nov 2022 20:51:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 20:19:43 GMT
cache-control: public,max-age=3600
age: 2338
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8551
Expires: Wed, 30 Nov 2022 23:21:12 GMT
Date: Wed, 30 Nov 2022 20:58:41 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: FypGaYHzxVT9zBnHzlkG6RIBQRA6m6w2L398/Ys7rzWp8a242ILwBQPzOZbEhxvZhfbThh4TEUA=
x-amz-request-id: ASN04FJPAMRN1YC6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 20:45:22 GMT
age: 799
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 20:58:41 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 20:11:14 GMT
cache-control: public,max-age=3600
age: 2847
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 415
Cache-Control: max-age=130505
Date: Wed, 30 Nov 2022 20:58:41 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:13:46 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.74
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32245
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 10:47:09 GMT
Expires: Wed, 29 Nov 2023 10:47:09 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 123092
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Size:   32245
Md5:    548260b20981c0be2d9dcf8d01c08c24
Sha1:   84230120f8f1bd559eca3fb2fec6acf6cffbf4e7
Sha256: 2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb
                                        
                                            GET /2012/02/skin79-bb-cleanser-o2-bubble.html HTTP/1.1 
Host: laura-pieces-of-beauty.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Wed, 30 Nov 2022 20:58:41 GMT
Date: Wed, 30 Nov 2022 20:58:41 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 29 Nov 2022 23:30:12 GMT
ETag: W/"72f8fedd7f8f7d1e4d17474c9d444dc035bbda0c173dc169bb7cd248d1262ca2"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 54757
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (11495)
Size:   54757
Md5:    e31b2d29c0b4f002d21e825d9599aeb4
Sha1:   510644c6a0a2391b70ee5f8f94a69542b096cb90
Sha256: 19fa9565b4544d780e06d1f33823416d7fe438876b4adcb63a1c741e81343095

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.238
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 30 Nov 2022 20:58:41 GMT
expires: Wed, 30 Nov 2022 20:58:41 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1279)
Size:   20984
Md5:    7ac44ef24e267df17ff72f195b252806
Sha1:   62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: laura-pieces-of-beauty.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/2012/02/skin79-bb-cleanser-o2-bubble.html

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:44:40 GMT
Expires: Tue, 06 Dec 2022 14:44:40 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 12:51:31 GMT
Age: 108841


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
age: 83448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35959)
Size:   7776
Md5:    5aa2d3297bdc86bc81322aedecbb5e79
Sha1:   1c0a3c007e41726e167e79b70ddea76198650884
Sha256: feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
                                        
                                            GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
age: 141312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56726
Md5:    1217c8e34acb09c7cea97bae4d386ea1
Sha1:   55ee17703d0a7710943e93913bacb49220d98b4b
Sha256: c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
                                        
                                            GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:44:05 GMT
expires: Wed, 29 Nov 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
age: 112476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1441)
Size:   6573
Md5:    f60e5037324bf7fd2256c16929886f09
Sha1:   aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
Sha256: 71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:01 GMT
expires: Tue, 06 Dec 2022 14:19:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 19:53:31 GMT
age: 110380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18\012- data
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0pkUfSyBOD8pwmaKkgIBSA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.238.202.79
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Szr3AAt7A6Cfaa0x58QO/w3wOJk=

                                        
                                            GET /-sM1r_3vwhIU/T9hw303hRXI/AAAAAAAAD1c/v8cryi1R0gA/s72-c/bikini_chopper_girl_nude.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bikini_chopper_girl_nude.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3467
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 20:58:42 GMT
Expires: Fri, 25 Nov 2022 02:19:20 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vf57"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3467
Md5:    6dce5f14a9ddf65abb8ae9666297e887
Sha1:   3faf95e4f287b95bd74a50812c53895e31fb03d7
Sha256: fa925e17f8e504fd8532f87b23b06e75da419c0a40b9c47d7dc217111fe89091
                                        
                                            GET /-vM5onJDx6LY/TzJvnh8vPGI/AAAAAAAAlpA/nVTEmANYJtA/s72-c/Katrina%2BHalili%2B1.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Katrina Halili 1.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2860
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 20:58:42 GMT
Expires: Wed, 30 Nov 2022 14:44:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v9690"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2860
Md5:    d58787a076ea930442008bc6179ccbef
Sha1:   ba0182cce4f2de7fa915c2e4c00813adfe13e3b6
Sha256: cc50434dcea591c4f602a87868741e726ca5d13784b2520a85120b1bf6b2a9db
                                        
                                            GET /-bL-LcuvJSmE/T5yl9vQUF2I/AAAAAAAAZFI/92QeqCgIZhw/s72-c/Lakshmi%2BMenon%2B-%2BElle%2BItalia%2BMarch%2B2012.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Lakshmi Menon - Elle Italia March 2012.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5192
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 20:58:42 GMT
Expires: Fri, 25 Nov 2022 02:19:19 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v6452"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   5192
Md5:    cb03f44b21f6628904d3c3c5352b5cfb
Sha1:   a92ef52fac885e0ec0b64a2b0f195dffef597f24
Sha256: e28d0adb1f56f7ece20000a95ac529c35feb4b1400c20d9b797fb41a74c037cf
                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.238
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:44:06 GMT
expires: Wed, 29 Nov 2023 13:44:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
age: 112476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   57794
Md5:    813b15c3004464f6bd39fd0773b04757
Sha1:   bd2218fe1e647f61132aad70d29cd91fd0416f26
Sha256: 446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
                                        
                                            GET /-1n7D669yDqg/T87N5O4CLTI/AAAAAAAAZao/qIxQYqPTYiA/s72-c/Huang%2BXiao%2BMeng%2B-%2BNumero%2BChina%2B2012.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Huang Xiao Meng - Numero China 2012.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2956
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 20:58:42 GMT
Expires: Fri, 25 Nov 2022 02:19:19 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v65aa"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2956
Md5:    f063c858a691cd5007f1cf7c117551ac
Sha1:   5fe35925d285a01cff04d437aaf5c9999dee351b
Sha256: 2723b498fdaf7ba0878e0e7689deefc1ddd9378b5c58f494c09d0fb817e96c05
                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 09:32:01 GMT
Expires: Wed, 14 Dec 2022 09:32:01 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 41201


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /adshow.php?adzone=174460 HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         185.94.236.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 20:58:42 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   269
Md5:    ee0da80aa1c93f283530bc5a92ab9d72
Sha1:   776129291e3b05d0e734f7f391835258925fd2ad
Sha256: b11930b4b4babaf9d3d1ebfbe3a7a8f790897ac95e3dc7fefdfe30dfb306b35d
                                        
                                            GET /-0mofAt96Je0/T0nR0wPd_EI/AAAAAAAAmh0/XaSApY6_cI4/s72-c/jessica_sanchez.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v9a1d"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_sanchez.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 3467
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3467
Md5:    019930210cf343a109283eb49172d11e
Sha1:   decbc5291afe5fec97ee7b5719d70cf78679a74a
Sha256: 0ee6c9a6ef5b99d9a2f9a5b776a3b7405e3f02079d1d3ad7cbb6d62f4acea1fb
                                        
                                            GET /-Xi_4YeJOYho/T0XcwQjkQ5I/AAAAAAAAmYY/fnTj1NMkXnA/s72-c/PhilPop%2BLogo%255B1%255D.JPG HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v9986"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="PhilPop Logo[1].JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 4917
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4917
Md5:    5fc3079c7d7c8e49fa9ccb48487e525c
Sha1:   6132f1b5b22bdcb817191bab173f3e5c51d3b4c6
Sha256: 505c660fd2f14f17cf985a9db82e23b9389bf1629f770110e1cb9426ced886b6
                                        
                                            GET /-t5SwTTTY4AA/Tz-COOG9u1I/AAAAAAAAmLo/n0S4-8OTVF4/s72-c/sarahglive9-766878.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v98ba"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sarahglive9-766878.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 4203
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4203
Md5:    bf48f2896a0fa975c44449c11d671a9e
Sha1:   b4f0bb03d7c970a4910bb4c1593c9e32df2fb962
Sha256: 70fce41251e36e404c2f44f07528a26c487a6e7c33c7c90a701d482e77021afc
                                        
                                            GET /adshow.php?adzone=174458 HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         185.94.236.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 20:58:42 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   269
Md5:    ee0da80aa1c93f283530bc5a92ab9d72
Sha1:   776129291e3b05d0e734f7f391835258925fd2ad
Sha256: b11930b4b4babaf9d3d1ebfbe3a7a8f790897ac95e3dc7fefdfe30dfb306b35d
                                        
                                            GET /1kt/simple/paging_dot.png HTTP/1.1 
Host: www.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         216.58.207.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 99
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:19:28 GMT
Expires: Tue, 06 Dec 2022 14:19:28 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 19:53:31 GMT
Age: 110354


--- Additional Info ---
Magic:  PNG image data, 20 x 18, 8-bit gray+alpha, non-interlaced\012- data
Size:   99
Md5:    fcb8627989fa00c5341d05abce52eea9
Sha1:   215f7e27bcb50152a6d87444d3038746c87f1d18
Sha256: 1e3869a752d8d7cfad487a6f4e2def12daa851373a9cce97dcc4a96523501dba
                                        
                                            GET /-14exmNjTMag/Ty1mUexWhnI/AAAAAAAABh8/8vYfUo24B5g/s320/DSCF0296.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v61f"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0296.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 20261
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   20261
Md5:    6f227c3fdeb45384173d70ed817f4da8
Sha1:   743d48a2e404f1931ea16d6572619a2078567d82
Sha256: 79b076f41a4d0b847d9294975e0de87d8a6b71f42169288a3df96b67b3a5e705
                                        
                                            GET /-QfbGjVnj2qQ/Ty1kwqbK4GI/AAAAAAAABhk/kcvSGXa1kno/s320/DSCF0288.JPG HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v619"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0288.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 24800
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Size:   24800
Md5:    9ca3f552b1ff72c721bc1e0297618265
Sha1:   d2694c72a7d91e9be5d70a14a638e32115e6b7c0
Sha256: dde6d03c5b457ccf579985a5af9598141ad15019b8670bd49a9f79acd9580976
                                        
                                            GET /-dmi42mDJ5rw/Ty1l6NVKl-I/AAAAAAAABh0/xOAvDnzvySA/s320/DSCF0292.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v61d"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0292.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 21791
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   21791
Md5:    76fbf0ae30192838d3b9bb81dfe6defb
Sha1:   2b75f309072d348e124ca87082dc779fec0e5c64
Sha256: 814bd61b35e8e187ef0e65c179d02b1dce424644d475a0c4345da3c7292a34de
                                        
                                            GET /-R90QEfkjLPg/Ty1m0yBE_2I/AAAAAAAABiM/aYVg0JCmwSI/s320/DSCF0300.JPG HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v623"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0300.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 20800
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   20800
Md5:    f8356889559b1c1bf18bf8d39eb46529
Sha1:   c7fbeaa6e33c52dac0121b8ba6f89a73a85d7b6c
Sha256: e47070fc02d47ea3c7d08fb8526e59b287fc14d03b27423bc614a176091e189b
                                        
                                            GET /-SCw8JWrh_KM/Ty1iAPpHYuI/AAAAAAAABhE/FnP9NdjOb3g/s320/DSCF0370.JPG HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v611"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0370.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 27647
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Size:   27647
Md5:    0e064b803a2a907092297a3293e48602
Sha1:   66270a87939956504d27bddac70dc8f04facdfc8
Sha256: 612cc3ae7209c619ca084f456a440fd710e0e788279d18b3167702dfc2871815
                                        
                                            GET /-go6-r8vYfUs/Ty1liDrrpJI/AAAAAAAABhs/d6aBfu7ytxo/s320/DSCF0289.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v61b"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0289.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 19432
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Size:   19432
Md5:    ab2abb7ef4c42a55655ccfdd7300e449
Sha1:   4c307e76c42ddfb98635cf590b5c202c294e60dc
Sha256: 655684f7691ba33a094c47892d23cfc89d926100eb77dba37dabadb07f469dac
                                        
                                            GET /-Qto-lK0SzkE/Ty1kvodIQmI/AAAAAAAABhc/hot_bpXV9fo/s320/DSCF0287.JPG HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v617"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0287.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 20636
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Size:   20636
Md5:    b31ac52f49e5e015c8d67db01e8e8e54
Sha1:   664cf52e666491ddfd8760fd678312b338420f01
Sha256: 38367567af2c0a2e894e4d8373fc7e0c4d430d8e93e4548090b0d6d1f4aa6686
                                        
                                            GET /-0Nj5K_oUtYE/Ty1kuggEHcI/AAAAAAAABhU/P0wk1c_7xng/s320/DSCF0283.JPG HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v615"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0283.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 22604
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Size:   22604
Md5:    4abd9467d63d213a8d423fff8ab88032
Sha1:   5045cac3c9c56f9ca6c89deda467cd3d5e57a43e
Sha256: a8e30cf086a4af488fc7704594730f8c2e17d3ee739f8349858af9ba2ab7b239
                                        
                                            GET /-TYzYkL3-EKE/Ty1ktxSSZ_I/AAAAAAAABhM/WY7W7UvSybg/s400/DSCF0278.JPG HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v613"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0278.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 30342
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x400, components 3\012- data
Size:   30342
Md5:    45576fd2f091a68d932f03b46f20f342
Sha1:   3ec6e2246c3a58b8cfbc73100d89a4a66f9066f6
Sha256: 42c86682e7bea4cbe2fcd9afea482387c49ef5752a59277dce9ddc7e96fc4274
                                        
                                            GET /-DhJ27GdXJRY/Ty1nDSlG1XI/AAAAAAAABiU/RUMBka0KFjI/s320/DSCF0302.JPG HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v625"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0302.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 20885
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   20885
Md5:    d1eb4be17cbdcec16399b8285ec61fda
Sha1:   956317438a068f2f0d7b191956b6768f0c0db134
Sha256: 7de6969c96512b280e2b6a149b45d62b57991a060f3ed3a8b35ceb13ab955a6d
                                        
                                            GET /-4mV8Tsn0-bw/Ty1mYIhfW2I/AAAAAAAABiE/AwdKgvQcnMs/s320/DSCF0298.JPG HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v621"
Expires: Thu, 01 Dec 2022 20:58:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSCF0298.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:58:42 GMT
Server: fife
Content-Length: 20403
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   20403
Md5:    10204c7296d3fed7cf2a550437ec7e32
Sha1:   b1cb7c62aeb346873b43a7ab97c0d29f9a586182
Sha256: bfa5263f0cb871abd7e35afa7c00b2c7ba8d09df133fea6f1702e336c6768391
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=3645257822450220092&zx=746685a7-f75d-4365-8920-eeeb4d205d52 HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 20:58:42 GMT
last-modified: Wed, 30 Nov 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   21
Md5:    a62e4d501434033d5d177e67d3aafdd0
Sha1:   34f7300c9ed47334cf10826d57af785321e3138b
Sha256: b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: laura-pieces-of-beauty.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://laura-pieces-of-beauty.blogspot.com/2012/02/skin79-bb-cleanser-o2-bubble.html

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
                                        
Expires: Wed, 30 Nov 2022 20:58:42 GMT
Date: Wed, 30 Nov 2022 20:58:42 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 29 Nov 2022 23:30:12 GMT
ETag: W/"72f8fedd7f8f7d1e4d17474c9d444dc035bbda0c173dc169bb7cd248d1262ca2"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size:   412
Md5:    501c61a70f5c41181aa050d9110909ca
Sha1:   5b985d5671a7caf686fdfb1df13488c4407f6c9f
Sha256: c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.238
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
date: Wed, 30 Nov 2022 20:58:42 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+399; expires=Fri, 29-Nov-2024 20:58:42 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 20:58:42 GMT
cache-control: private
X-Firefox-Spdy: h2

                                        
                                            GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.228
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Wed, 30 Nov 2022 20:58:42 GMT
date: Wed, 30 Nov 2022 20:58:42 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1034), with no line terminators
Size:   665
Md5:    34e37af4d526255a20a2056cd5f4addf
Sha1:   bcac186d6a49539e69a3f67aa08d0188966f5623
Sha256: 51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.3
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 179326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7693
Expires: Wed, 30 Nov 2022 23:06:56 GMT
Date: Wed, 30 Nov 2022 20:58:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7693
Expires: Wed, 30 Nov 2022 23:06:56 GMT
Date: Wed, 30 Nov 2022 20:58:43 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 82197
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 82938
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 20:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:55:46 GMT
age: 57777
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3711
x-amzn-requestid: 502d7eed-f24a-49e8-b14e-759778b717ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbWQSFNnIAMFpxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63879d9b-5eb88e757ff3eeaa26dd7de2;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 18:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hrGJk_aF0hgdEXNUAqj74wYkXby2ptGRqWKFi4sxlvs_QN9WhC6vOw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:25:55 GMT
age: 9168
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3711
Md5:    89e1a735e16f55c78fa75ae434294029
Sha1:   6c56f4015305eff04a99cec9758cd40bf4e5f704
Sha256: 26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 83152
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 81711
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 515440
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size:   15344
Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd
Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8
Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:43 GMT
expires: Fri, 24 Nov 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 533880
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size:   15552
Md5:    285467176f7fe6bb6a9c6873b3dad2cc
Sha1:   ea04e4ff5142ddd69307c183def721a160e0a64e
Sha256: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7