ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 23fecb0434a06339f03b5b47e4f32059
996d6f2b7e66aea18ea801a45a6c71df4830b9a0
c25867480b564319ed01a4ddcb39f0f692b3129a2d3edb5920880daed5a34e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogoderoubardinheirocomumcontrolerobl.blogspot.lu/
172.217.21.161 196 B URL jogoderoubardinheirocomumcontrolerobl.blogspot.lu/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 29a13939f8c91eb86b1de12ae1807683
472fa9c2c5c1a2951debe94e5fbed7cd7e1b817e
ef7fcb8a99ae513ab76abfde1f46f8b478448b382303d331d5b94b57aed81c75
GET / HTTP/1.1
Host: jogoderoubardinheirocomumcontrolerobl.blogspot.lu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 02 Jun 2023 11:36:20 GMT
expires: Fri, 02 Jun 2023 11:36:20 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 196
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 23fecb0434a06339f03b5b47e4f32059
996d6f2b7e66aea18ea801a45a6c71df4830b9a0
c25867480b564319ed01a4ddcb39f0f692b3129a2d3edb5920880daed5a34e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 23fecb0434a06339f03b5b47e4f32059
996d6f2b7e66aea18ea801a45a6c71df4830b9a0
c25867480b564319ed01a4ddcb39f0f692b3129a2d3edb5920880daed5a34e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogoderoubardinheirocomumcontrolerobl.blogspot.com/
172.217.21.161 17 kB URL jogoderoubardinheirocomumcontrolerobl.blogspot.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14233)
Hash 67c8da14ab69916ba5dc153231dfc96e
55f90711554d181889e226def8b26d970e04f6ba
9f84bea9dcd91823465681c89314cc35cb69de492b05ef147af70422f0931b41
GET / HTTP/1.1
Host: jogoderoubardinheirocomumcontrolerobl.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 02 Jun 2023 11:36:21 GMT
date: Fri, 02 Jun 2023 11:36:21 GMT
cache-control: private, max-age=0
last-modified: Wed, 31 May 2023 22:01:01 GMT
etag: W/"1ea2a38ce62d51982df94aadd21c7c7d73faca24251b4e4bf4ae785e2fb9ae9e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16641
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jogoderoubardinheirocomumcontrolerobl.blogspot.com/js/cookienotice.js
172.217.21.161 2.0 kB URL jogoderoubardinheirocomumcontrolerobl.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: jogoderoubardinheirocomumcontrolerobl.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Fri, 02 Jun 2023 11:36:22 GMT
expires: Fri, 09 Jun 2023 11:36:22 GMT
cache-control: public, max-age=604800
last-modified: Fri, 02 Jun 2023 04:51:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
3.bp.blogspot.com/-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png
142.250.74.129 6.7 kB URL 3.bp.blogspot.com/-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png
IP 142.250.74.129:0
File type PNG image data, 200 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b2271ebafdb2a99c69f429d440c555b
38ab355f4cad880637c156f6afe451a9df8cba60
180547af487d795d7fd737f992fb288eb9ec53b79404955a49dd36569e96a230
GET /-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="logo_650c697d3a6002c8f63991bb43c0d6b4.png"
x-content-type-options: nosniff
server: fife
content-length: 6658
x-xss-protection: 0
date: Fri, 02 Jun 2023 07:39:20 GMT
expires: Sat, 03 Jun 2023 07:39:20 GMT
cache-control: public, max-age=86400, no-transform
age: 14222
etag: "v14f4"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 24c2bc15b7a14120c1199b855d8ae62d
64070a45a26dec0c827733f6d68aa206b27efdaf
975691fc99c004f83b502cf418687ba6d699825fb658115642066639aaf66de7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 45cc35b93245f2d8ffaee9da60996c24
5c34301f292c16c8b0fe192262edf9157f1fd8b0
f182a065525b60088ee99e5dd60918a85f7926069479d5bbb7e1cb330d6731c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/541336192-widgets.js
216.58.207.233 56 kB URL www.blogger.com/static/v1/widgets/541336192-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2215)
Hash aa44d6ded7a7f494bb801da2e270d438
2afe3b98239baba11dae4252198314c3c06088ab
9ca45e0cd2719c8403f25e13c931515b162cbb57faf9773db1033fee191efeff
GET /static/v1/widgets/541336192-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56539
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 12:11:13 GMT
expires: Fri, 31 May 2024 12:11:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 May 2023 19:54:39 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 84309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/CdsquBcjBp0/hqdefault.jpg
142.250.74.150 16 kB URL i.ytimg.com/vi/CdsquBcjBp0/hqdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 83419635474e236f8e5f6107efd97e85
a35685e74ec4858fc6f7e63eb9f1167c4ce1d5f6
c0e8aa88f08bbf56d731726428f5378d44bef0bab7ce59f806ef188093a75ead
GET /vi/CdsquBcjBp0/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 16386
date: Fri, 02 Jun 2023 11:36:22 GMT
expires: Fri, 02 Jun 2023 13:36:22 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/QYavUIomU3s/hqdefault.jpg
142.250.74.150 45 kB URL i.ytimg.com/vi/QYavUIomU3s/hqdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 911d72002be11334998b6e1e243e768a
7fa1745930e9cf48b2add99a7defbb94f030e9f4
5859a7a04b4eb7cc297bc00a30821df06ecb7f64b0438b5d816bc0b2a01323e4
GET /vi/QYavUIomU3s/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 45378
date: Fri, 02 Jun 2023 11:36:22 GMT
expires: Fri, 02 Jun 2023 13:36:22 GMT
cache-control: public, max-age=7200
etag: "1557007641"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b991915e7ef1ff9fc7adaf2766abba4c
050a8c47db649baff639bf909e2196eb549ee281
2761c45a641a046d22a0ab05b08d121d44ccb8e15f1c6c22676cfbb2ea8304ea
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 11:36:22 GMT
Last-Modified: Fri, 02 Jun 2023 11:06:58 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bm1NPgVajlMzX8GF3HWedsdqQrHh9FeOAqQtKmTGifRYI-FetbWglQ==
Age: 1764
i.ytimg.com/vi/rjxHrxRtMvg/maxresdefault.jpg
142.250.74.150 154 kB URL i.ytimg.com/vi/rjxHrxRtMvg/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 154 kB (154070 bytes)
Hash 4778777b58a79081dd705a0210aa5c06
f13f6d1eb5456efd3564df91b30dfb1db1282877
4fe672a1da3eb90a4cf58be9222d0a4d2db9ca8931128916a3e97904a10764c8
GET /vi/rjxHrxRtMvg/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 154070
date: Fri, 02 Jun 2023 11:36:22 GMT
expires: Fri, 02 Jun 2023 13:36:22 GMT
cache-control: public, max-age=7200
etag: "1549073452"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/p4Nl7H2yRNM/maxresdefault.jpg
142.250.74.150 173 kB URL i.ytimg.com/vi/p4Nl7H2yRNM/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 173 kB (172720 bytes)
Hash 3f8f35bedce45455b943e5cb6befa22f
42b7c08bb14575f20dc4dbd88e842868d9083935
c5641589b06e677843f76772bc96c17b70b4f6093d0cccd186c868b9431bfe2e
GET /vi/p4Nl7H2yRNM/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 172720
date: Fri, 02 Jun 2023 11:36:22 GMT
expires: Fri, 02 Jun 2023 13:36:22 GMT
cache-control: public, max-age=7200
etag: "1583602759"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 45cc35b93245f2d8ffaee9da60996c24
5c34301f292c16c8b0fe192262edf9157f1fd8b0
f182a065525b60088ee99e5dd60918a85f7926069479d5bbb7e1cb330d6731c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 11:36:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pm1.narvii.com/7532/8757179c3d2f6f937d782fd63f1d9c329d75f2ffr1-1087-942v2_00.jpg
54.230.111.22 32 kB URL pm1.narvii.com/7532/8757179c3d2f6f937d782fd63f1d9c329d75f2ffr1-1087-942v2_00.jpg
IP 54.230.111.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x443, components 3\012- data
Hash 887bafdb9be1ff88789bb595707711d2
68e1d841f5236b32c69be186979c529616075699
f5a4eb5ef83b1807169bd1d29e39664fa362c3ade41e02ecb0d33b9cf7684af5
GET /7532/8757179c3d2f6f937d782fd63f1d9c329d75f2ffr1-1087-942v2_00.jpg HTTP/1.1
Host: pm1.narvii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 31832
date: Wed, 31 May 2023 20:07:33 GMT
last-modified: Fri, 17 Apr 2020 21:15:15 GMT
etag: "887bafdb9be1ff88789bb595707711d2"
cache-control: max-age=31536000,public
x-amz-version-id: CsIy92FCnvbsrPRI8SXPPo1rY4rvV2dR
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w8mTzSAOsvFxUNTsMzs7XFj6_VSCSbD-5ONboWNZ2tT314HhVG1IxA==
age: 142130
X-Firefox-Spdy: h2
nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicG9waWRhcmFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJwb3BpZGFyYWdtYWlsY29tIiwiam9nb2Rlcm91YmFyZGluaGVpcm9jb211bWNvbnRyb2xlcm9ibC5ibG9nc3BvdC5jb20iLCJqb2dvZGVyb3ViYXJkaW5oZWlyb2NvbXVtY29udHJvbGVyb2JsLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtY3JuLmpzIl0
0.0.0.0 0 B URL User Request GET nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicG9waWRhcmFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJwb3BpZGFyYWdtYWlsY29tIiwiam9nb2Rlcm91YmFyZGluaGVpcm9jb211bWNvbnRyb2xlcm9ibC5ibG9nc3BvdC5jb20iLCJqb2dvZGVyb3ViYXJkaW5oZWlyb2NvbXVtY29udHJvbGVyb2JsLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtY3JuLmpzIl0
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicG9waWRhcmFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJwb3BpZGFyYWdtYWlsY29tIiwiam9nb2Rlcm91YmFyZGluaGVpcm9jb211bWNvbnRyb2xlcm9ibC5ibG9nc3BvdC5jb20iLCJqb2dvZGVyb3ViYXJkaW5oZWlyb2NvbXVtY29udHJvbGVyb2JsLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtY3JuLmpzIl0 HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jogoderoubardinheirocomumcontrolerobl.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache