r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8911
Expires: Tue, 31 Jan 2023 08:57:18 GMT
Date: Tue, 31 Jan 2023 06:28:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13800
Expires: Tue, 31 Jan 2023 10:18:47 GMT
Date: Tue, 31 Jan 2023 06:28:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9040
Expires: Tue, 31 Jan 2023 08:59:27 GMT
Date: Tue, 31 Jan 2023 06:28:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 05:43:17 GMT
content-type: application/json
age: 2730
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q65SHMB8/QCgyZWTWqynyWnZn7I8MDUqxjROihlHlrvFUuo3Fq7YrSe6JarRF6H6O2hsL5sQmAI=
x-amz-request-id: CZYFVNMDYDV0C7DY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 05:51:03 GMT
age: 2264
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 06:28:47 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 05:49:04 GMT
age: 2383
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12388
Expires: Tue, 31 Jan 2023 09:55:16 GMT
Date: Tue, 31 Jan 2023 06:28:48 GMT
Connection: keep-alive
fadasafada.blogspot.com/responsive/sprite_v1_6.css.svg
172.217.21.161200 OK 2.2 kB URL HTTP/1.1 fadasafada.blogspot.com/responsive/sprite_v1_6.css.svg
IP 172.217.21.161:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7657)
Hash 95c6fb790198cc0364925ea12e2bce11
371752558ef1ccaa9885db20be2d882dd1c15dab
a4f0e38c228313a0eb22ea4faeca14467732a9992e2b514a9a16b2717ab5d8b5
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: fadasafada.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/2016/07/o-corpo-bombado-dessa-garota-parou-web.html
Cookie: _ga=GA1.3.614154321.1675141159; _gid=GA1.3.2036173800.1675141159; a=sa3oCfkXlsSWVG5SJfIcWcck5A8951kq; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQFiAAAAAAAACZUAAovCTiMcMKACHr-FYpqurMzRIKkeuEwuIpI0YgSSg2pujrqllfwFZSz_FE6MehmQxbwMeMD-J1NWP4ZQ2bTuRvLxthfSJQ25G4uPrOd8TNbs2Ym1_8XQjxHUQTE0QRfSx5v6nh2cQPZSK0YjuTdjSQyxAe0wdvblEB-0fZzAlZPfUNXmO2NK2IrLNp73akbj1Dij-9wRlZrpZVAg8h_nHXA9bkL80B3I6weeS--cups0DjKY7ui8iLJWIS8LBL2GfWDB5i7_GouLpJmkUocmwbqK_u77joZaFfySu12OdCv_acQ1BXXG6W4I6BJQqfaAwP9CZYw8NyAD72gIi_K8UXjkYzErDnAVyr6J9gQ6MRMbPZJ5iS6eW_yINx72yOuNSINaQEVTD1wpkH-Nvb4KmUF5puN77uWra8CaeIHJDSYAppsQ48WkzPR83Wk5Rq6JWOjTz5plXN3yx551HGnbgfQ; _popprepop=1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2244
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 30 Jan 2023 14:44:18 GMT
Expires: Mon, 06 Feb 2023 14:44:18 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 30 Jan 2023 09:52:49 GMT
Content-Type: image/svg+xml
Age: 56670
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 18:19:32 GMT
Expires: Sat, 27 Jan 2024 18:19:32 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
Age: 302956
fadasafada.blogspot.com/2016/07/o-corpo-bombado-dessa-garota-parou-web.html
172.217.21.161200 OK 36 kB URL HTTP/1.1 fadasafada.blogspot.com/2016/07/o-corpo-bombado-dessa-garota-parou-web.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3658)
Hash 2d400502162779fe3251902fffe7756f
02747b6ec5fed4ec5290ff7a73f148bcff068fbc
14c9e4c40202652575934c72ac6da12e09178a4176f8f32c27786a0ffd77c7ec
GET /2016/07/o-corpo-bombado-dessa-garota-parou-web.html HTTP/1.1
Host: fadasafada.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga=GA1.3.614154321.1675141159; _gid=GA1.3.2036173800.1675141159; a=sa3oCfkXlsSWVG5SJfIcWcck5A8951kq; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQFiAAAAAAAACZUAAovCTiMcMKACHr-FYpqurMzRIKkeuEwuIpI0YgSSg2pujrqllfwFZSz_FE6MehmQxbwMeMD-J1NWP4ZQ2bTuRvLxthfSJQ25G4uPrOd8TNbs2Ym1_8XQjxHUQTE0QRfSx5v6nh2cQPZSK0YjuTdjSQyxAe0wdvblEB-0fZzAlZPfUNXmO2NK2IrLNp73akbj1Dij-9wRlZrpZVAg8h_nHXA9bkL80B3I6weeS--cups0DjKY7ui8iLJWIS8LBL2GfWDB5i7_GouLpJmkUocmwbqK_u77joZaFfySu12OdCv_acQ1BXXG6W4I6BJQqfaAwP9CZYw8NyAD72gIi_K8UXjkYzErDnAVyr6J9gQ6MRMbPZJ5iS6eW_yINx72yOuNSINaQEVTD1wpkH-Nvb4KmUF5puN77uWra8CaeIHJDSYAppsQ48WkzPR83Wk5Rq6JWOjTz5plXN3yx551HGnbgfQ; _popprepop=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 31 Jan 2023 06:28:48 GMT
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 27 Oct 2022 16:02:21 GMT
ETag: W/"461909ab7094b91ca3f746b4bef2045ecd7e6b9f47cd6c674f9ef7a7ce4289eb"
X-Robots-Tag: all
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 35615
Server: GSE
1.bp.blogspot.com/-4HwkS2wBWFs/WZ4YhizqGjI/AAAAAAAAAFI/jk3eexsdtjE9gBxwWHv1dxYxV-0PtShvACK4BGAYYCw/w1600/corp.jpg
142.250.74.161200 OK 266 kB URL HTTP/1.1 1.bp.blogspot.com/-4HwkS2wBWFs/WZ4YhizqGjI/AAAAAAAAAFI/jk3eexsdtjE9gBxwWHv1dxYxV-0PtShvACK4BGAYYCw/w1600/corp.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1066, components 3\012- data
Size 266 kB (265793 bytes)
Hash a425639ea25ce3ae205f2f54e5700a7f
ff94064691382fa8fbeda6907808b99ff5a72e41
2530d69cf7c4a16b5c019e8c96037e1db88c81ea7c0e783e9dfebed892fc7cc0
GET /-4HwkS2wBWFs/WZ4YhizqGjI/AAAAAAAAAFI/jk3eexsdtjE9gBxwWHv1dxYxV-0PtShvACK4BGAYYCw/w1600/corp.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="corp.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 265793
X-XSS-Protection: 0
Date: Tue, 31 Jan 2023 04:59:03 GMT
Expires: Thu, 26 Jan 2023 02:00:46 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 5385
ETag: "v52"
Content-Type: image/jpeg
fadasafada.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 fadasafada.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: fadasafada.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/2016/07/o-corpo-bombado-dessa-garota-parou-web.html
Cookie: _ga=GA1.3.614154321.1675141159; _gid=GA1.3.2036173800.1675141159; a=sa3oCfkXlsSWVG5SJfIcWcck5A8951kq; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQFiAAAAAAAACZUAAovCTiMcMKACHr-FYpqurMzRIKkeuEwuIpI0YgSSg2pujrqllfwFZSz_FE6MehmQxbwMeMD-J1NWP4ZQ2bTuRvLxthfSJQ25G4uPrOd8TNbs2Ym1_8XQjxHUQTE0QRfSx5v6nh2cQPZSK0YjuTdjSQyxAe0wdvblEB-0fZzAlZPfUNXmO2NK2IrLNp73akbj1Dij-9wRlZrpZVAg8h_nHXA9bkL80B3I6weeS--cups0DjKY7ui8iLJWIS8LBL2GfWDB5i7_GouLpJmkUocmwbqK_u77joZaFfySu12OdCv_acQ1BXXG6W4I6BJQqfaAwP9CZYw8NyAD72gIi_K8UXjkYzErDnAVyr6J9gQ6MRMbPZJ5iS6eW_yINx72yOuNSINaQEVTD1wpkH-Nvb4KmUF5puN77uWra8CaeIHJDSYAppsQ48WkzPR83Wk5Rq6JWOjTz5plXN3yx551HGnbgfQ; _popprepop=1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 30 Jan 2023 14:44:18 GMT
Expires: Mon, 06 Feb 2023 14:44:18 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 30 Jan 2023 13:52:55 GMT
Content-Type: text/javascript
Age: 56670
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.38.163.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.163.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xRNuXhFK4WUnyGObc/aziw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2GwWvO7W+qh33io/omqIlBSiUvM=
fonts.gstatic.com/s/damion/v14/hv-XlzJ3KEUe_YZkamw2.woff2
216.58.207.227200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/damion/v14/hv-XlzJ3KEUe_YZkamw2.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18960, version 1.0\012- data
Hash 7b8c8d5f82b46d79e2c2aa9aa91bec50
201c9e0d3b4e8aa286ab5e02fbbdf52ba38e73b3
311a6b1295f08642cc7e8099cf4931779165acc5f6e653d91c6dfcc495385866
GET /s/damion/v14/hv-XlzJ3KEUe_YZkamw2.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 18960
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 26 Jan 2023 16:40:55 GMT
Expires: Fri, 26 Jan 2024 16:40:55 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 21 Apr 2022 17:04:05 GMT
Content-Type: font/woff2
Age: 395273
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
augu3yhd485st.com/lv/esnk/1889866/code.js
62.122.171.6200 OK 44 kB URL HTTP/1.1 augu3yhd485st.com/lv/esnk/1889866/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (64945)
Hash 75e3caccf73fa0c386e79888bc407e0d
c77309b84f4ee20df9043102ba3a245bbd9cfb2a
c6c7071345deaf7d869dda49e47d4743d4c49557c56d89d2cee3ff3d5850371a
GET /lv/esnk/1889866/code.js HTTP/1.1
Host: augu3yhd485st.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 06:28:48 GMT
Content-Type: application/javascript
Last-Modified: Mon, 30 Jan 2023 10:26:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d79b61-1a5bd"
X-JS-AB1: var20
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AHs97-n2dzBIlNfntf3fekhPDmnGhmIwUzNPWJuipnRuawX7Xo-KOvx2j6Xvz81-UXXPQNMbDdEtKyp681TLx9RPh3HPBH5mVLmOLGL8qy9zcnYse9YL7b6rN_en9A=w72-h72-p-k-no-nu
142.250.74.97200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-n2dzBIlNfntf3fekhPDmnGhmIwUzNPWJuipnRuawX7Xo-KOvx2j6Xvz81-UXXPQNMbDdEtKyp681TLx9RPh3HPBH5mVLmOLGL8qy9zcnYse9YL7b6rN_en9A=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 446545aded89a595c6b608db48434b17
d1c202d3b5114d3ee163dfe56bd51056866b133f
6bde9fee472c94fb7bf09a21a61377d06ddd72d2c4ee3ddc12ace59cb8cc8b8a
GET /blogger_img_proxy/AHs97-n2dzBIlNfntf3fekhPDmnGhmIwUzNPWJuipnRuawX7Xo-KOvx2j6Xvz81-UXXPQNMbDdEtKyp681TLx9RPh3HPBH5mVLmOLGL8qy9zcnYse9YL7b6rN_en9A=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 1994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lS8-CmKi6y7ou8yVfZyI2Rj_JSpOy2u0orzu9yeiiuaJcY6wcB2cwCHxCkmK_A9dYeMUprnDlq1jcVXyeLhBx1qra_ndruCPiEVcxMb4PaKGTzb81uxidCTQ=w72-h72-p-k-no-nu
142.250.74.97200 OK 3.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lS8-CmKi6y7ou8yVfZyI2Rj_JSpOy2u0orzu9yeiiuaJcY6wcB2cwCHxCkmK_A9dYeMUprnDlq1jcVXyeLhBx1qra_ndruCPiEVcxMb4PaKGTzb81uxidCTQ=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 4c128c95e9425c5b09b029d9190b6438
59b5fbdebb4ac616e871ec3e2252c96bfe527d49
d2321e10e89fcffdc59ee82326dbe718bea555fc4ff2a6e751a1e961c888ad21
GET /blogger_img_proxy/AHs97-lS8-CmKi6y7ou8yVfZyI2Rj_JSpOy2u0orzu9yeiiuaJcY6wcB2cwCHxCkmK_A9dYeMUprnDlq1jcVXyeLhBx1qra_ndruCPiEVcxMb4PaKGTzb81uxidCTQ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3531
x-xss-protection: 0
date: Tue, 31 Jan 2023 06:04:28 GMT
expires: Wed, 01 Feb 2023 06:04:28 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 1460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AHs97-l11WsCGv-oto9LYClZX3TvGDFgKDJbIS6zJ2tLeMTOqmd9tCSJppOfhB2yAPnAYo1DFLNIsoOceyFqhHChQr3btlLoEvfeFvob6RzKRmu-xPPCEeIQB7bs=w72-h72-p-k-no-nu
142.250.74.97200 OK 3.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-l11WsCGv-oto9LYClZX3TvGDFgKDJbIS6zJ2tLeMTOqmd9tCSJppOfhB2yAPnAYo1DFLNIsoOceyFqhHChQr3btlLoEvfeFvob6RzKRmu-xPPCEeIQB7bs=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 517b9e0f0116da9bc01928d88cce7504
44613718a8b61d0077630b4d605dd8b2a1a1916b
1f739df937c56b14ea8f67903779cf333a6b7f3c0d1854a542501d333f3fba56
GET /blogger_img_proxy/AHs97-l11WsCGv-oto9LYClZX3TvGDFgKDJbIS6zJ2tLeMTOqmd9tCSJppOfhB2yAPnAYo1DFLNIsoOceyFqhHChQr3btlLoEvfeFvob6RzKRmu-xPPCEeIQB7bs=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2974
x-xss-protection: 0
date: Tue, 31 Jan 2023 06:04:28 GMT
expires: Wed, 01 Feb 2023 06:04:28 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 1460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
216.58.207.227200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data
Hash 7fbdfaab6bd8b191496ffe1ef1b9e748
e9e592f8498d489d8000f3a4cfb1bb447f251edd
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17508
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 30 Jan 2023 04:24:17 GMT
Expires: Tue, 30 Jan 2024 04:24:17 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:41 GMT
Content-Type: font/woff2
Age: 93871
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.a-ads.com/5121?size=468x60
148.251.152.47200 OK 4.7 kB URL HTTP/1.1 ad.a-ads.com/5121?size=468x60
IP 148.251.152.47:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash 55c4549c81255086210206a2eb476f50
93d08ceb5d16f58244aee406963d4d236b6a59e3
b24011924c2ccc7f1d316684909af5823b64ef1d6c43f52b359644191a3c7405
GET /5121?size=468x60 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 06:28:48 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://fadasafada.blogspot.com/
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83ebbefa3c70b7eeaa44e13ef73a42ae
729881f591c435369223be02ec0069d957f6ceb0
8c7645a83cc56a80aaf01165c126adfe3c6a8a23df2a2c5339d2e8a13a72f9e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C7645A83CC56A80AAF01165C126ADFE3C6A8A23DF2A2C5339D2E8A13A72F9E1"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17999
Expires: Tue, 31 Jan 2023 11:28:47 GMT
Date: Tue, 31 Jan 2023 06:28:48 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7491ea880e45d2db5ff616c55f8a51a9
3d59e03fe3cf39eb032e8cc704218f4545460761
194fcd2798cba30c51e6aa8eb14def8b3c4a2e361e973a16e0148115e9fadbb0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 12:04:34 GMT
Expires: Sun, 05 Feb 2023 12:04:33 GMT
Etag: "3d59e03fe3cf39eb032e8cc704218f4545460761"
Cache-Control: max-age=451544,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792063ac3b6d0b3d-OSL
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
IP 216.58.207.227:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt\012- data
Hash 776741f74c745ce6e549befb01db1d6d
47cc22e349ebc7a35a8dd3c397924ed59493641b
784d79bd9a3bdfb3e6866567633309410f43631b42ce67a328ee5963fc9a6a0f
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:29:17 GMT
expires: Wed, 31 Jan 2024 04:29:17 GMT
cache-control: public, max-age=31536000
age: 7171
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png
172.67.25.161200 OK 27 kB URL HTTP/2 cdn.pncloudfl.com/pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png
IP 172.67.25.161:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0bc7572129e84749c119db04346b0f07
bf8ae67f194c2faeb6a47d419d130dde27b9ae6f
6363f6dc72449ab775a6af3103e61617ecf70ebb8140996b9384a3eaa8b3698d
GET /pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:48 GMT
content-type: image/webp
content-length: 26892
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=70331
content-disposition: inline; filename="b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.webp"
etag: def74d9769fe75363891a2868865d99a
expires: Wed, 01 Feb 2023 21:53:33 GMT
last-modified: Tue, 22 Nov 2022 09:19:36 GMT
vary: Accept
x-openstack-request-id: txa3bf70e532dd40ea8f5b2-00637c9634
x-proxy-cache: HIT
x-timestamp: 1669108775.40440
x-trans-id: txa3bf70e532dd40ea8f5b2-00637c9634
cf-cache-status: HIT
age: 30915
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 792063acfe63b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 268d99fcd192f5fbe9573d66dabda841
120255a3855eb5c2235831783d7f575931f02ef4
4afa553df78fb80208fc25f7934ad93c76f25b666aa537d8503b8001ed025c90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AFA553DF78FB80208FC25F7934AD93C76F25B666AA537D8503B8001ED025C90"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13732
Expires: Tue, 31 Jan 2023 10:17:40 GMT
Date: Tue, 31 Jan 2023 06:28:48 GMT
Connection: keep-alive
1.bp.blogspot.com/--0pMeUBA03M/VzOtW6LD5BI/AAAAAAAAA7A/HRZf4nu5cSo7_TZknWLdxfAyGw7JW99wgCLcB/s1600/3.jpg
142.250.74.161200 OK 101 kB URL HTTP/2 1.bp.blogspot.com/--0pMeUBA03M/VzOtW6LD5BI/AAAAAAAAA7A/HRZf4nu5cSo7_TZknWLdxfAyGw7JW99wgCLcB/s1600/3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 634x611, components 3\012- data
Size 101 kB (100788 bytes)
Hash b54b9317279aaa3d8e213fae89a51aca
1aff4052c1cec29d0b363fe2e27a7309fc069047
9ab058cf28fff43bda9585c2498da63efcda67ef42aaae68ea0a58ad3d1cb0e1
GET /--0pMeUBA03M/VzOtW6LD5BI/AAAAAAAAA7A/HRZf4nu5cSo7_TZknWLdxfAyGw7JW99wgCLcB/s1600/3.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3b7"
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="3.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 100788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-m2l3Y4geA4s/VzOtYlwoAaI/AAAAAAAAA7Q/LU3oUb1c8hY3KbGYTILIn629WKYCHrk0wCLcB/s1600/6.jpg
142.250.74.161200 OK 78 kB URL HTTP/2 4.bp.blogspot.com/-m2l3Y4geA4s/VzOtYlwoAaI/AAAAAAAAA7Q/LU3oUb1c8hY3KbGYTILIn629WKYCHrk0wCLcB/s1600/6.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 634x592, components 3\012- data
Hash 9d42bcf3fe768852e4630b3428640206
ff8d4bce6252ad487416d54ad86b6c3a4fae0d6c
e3a8f976d2445852f777509ddc37e628be651fe145adef30ba4829c46fb02f06
GET /-m2l3Y4geA4s/VzOtYlwoAaI/AAAAAAAAA7Q/LU3oUb1c8hY3KbGYTILIn629WKYCHrk0wCLcB/s1600/6.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3b7"
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 78241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-cjfdb02f4go/VzOtX6qakPI/AAAAAAAAA7I/JrWjJkwDaxwD-cHJ0bv53wvYn8yKvfz3wCLcB/s1600/4.jpg
142.250.74.161200 OK 104 kB URL HTTP/2 3.bp.blogspot.com/-cjfdb02f4go/VzOtX6qakPI/AAAAAAAAA7I/JrWjJkwDaxwD-cHJ0bv53wvYn8yKvfz3wCLcB/s1600/4.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 167x167, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 634x719, components 3\012- data
Size 104 kB (103542 bytes)
Hash 3349cd20645d75d34a015eebf4aecf02
4b667642408b8a16dc5bc3f1fbffef3d4ab6cc0e
1ffbe63ed2034d8859199de2c128c59c74ac641e1d902b19886b50e00696b22d
GET /-cjfdb02f4go/VzOtX6qakPI/AAAAAAAAA7I/JrWjJkwDaxwD-cHJ0bv53wvYn8yKvfz3wCLcB/s1600/4.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3b7"
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 103542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-0OtxdUELr0o/VzOtYc-4r5I/AAAAAAAAA7M/js0R5HxxiGsywgaJN-4Q3kwCxaKgji7QwCLcB/s1600/5.jpg
142.250.74.161200 OK 90 kB URL HTTP/2 1.bp.blogspot.com/-0OtxdUELr0o/VzOtYc-4r5I/AAAAAAAAA7M/js0R5HxxiGsywgaJN-4Q3kwCxaKgji7QwCLcB/s1600/5.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 109x109, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 634x635, components 3\012- data
Hash 0ffc418ed2f4f59d6a6b58cea262751d
fc49e3c481b1e52acaf1ba3a53c3282f742fb622
502559eeb57e2bf790a69f47060f6f324763b5b40f1e42eef288155ae4134704
GET /-0OtxdUELr0o/VzOtYc-4r5I/AAAAAAAAA7M/js0R5HxxiGsywgaJN-4Q3kwCxaKgji7QwCLcB/s1600/5.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3b7"
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="5.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 89521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-5ZZWhEtWa1k/VzOtWUPGt2I/AAAAAAAAA68/NZYsN7DuOX84CmbnHLPDJxcEI4N6fcELgCLcB/s1600/2.jpg
142.250.74.161200 OK 104 kB URL HTTP/2 1.bp.blogspot.com/-5ZZWhEtWa1k/VzOtWUPGt2I/AAAAAAAAA68/NZYsN7DuOX84CmbnHLPDJxcEI4N6fcELgCLcB/s1600/2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 634x627, components 3\012- data
Size 104 kB (104148 bytes)
Hash 6a75a6911c559fe7d7fb6cd0c7b0c73e
239af5f1caf1e4902493b2e5d3f7e9f9610b6061
d04688265e0d2b8410270731e721c44a0ea9a822a5792a2467795279f1dd0c55
GET /-5ZZWhEtWa1k/VzOtWUPGt2I/AAAAAAAAA68/NZYsN7DuOX84CmbnHLPDJxcEI4N6fcELgCLcB/s1600/2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3b7"
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 104148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adsco.re/t
162.252.214.5401 Unauthorized 84 B IP 162.252.214.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2e2cf208b8f3cc920358eb38f74c42cc
9b11cc865115c0bee4be52c863a2786a2670dfd5
3afb2c49c72bc78861866e0552a3ccb53c11aae038831be573b8f400d2c2edc8
POST /t HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 535
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 401 Unauthorized
Date: Tue, 31 Jan 2023 06:28:48 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://fadasafada.blogspot.com
Access-Control-Allow-Credentials: true
Token-Level: 2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 268d99fcd192f5fbe9573d66dabda841
120255a3855eb5c2235831783d7f575931f02ef4
4afa553df78fb80208fc25f7934ad93c76f25b666aa537d8503b8001ed025c90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AFA553DF78FB80208FC25F7934AD93C76F25B666AA537D8503B8001ED025C90"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14353
Expires: Tue, 31 Jan 2023 10:28:01 GMT
Date: Tue, 31 Jan 2023 06:28:48 GMT
Connection: keep-alive
4.bp.blogspot.com/-gudN00LAM7g/VzOtXLzkPfI/AAAAAAAAA7E/ZiRV_3gkyHsw77ndU9ExVfPSGnKJmKIrACLcB/s1600/1.jpg
142.250.74.161200 OK 110 kB URL HTTP/2 4.bp.blogspot.com/-gudN00LAM7g/VzOtXLzkPfI/AAAAAAAAA7E/ZiRV_3gkyHsw77ndU9ExVfPSGnKJmKIrACLcB/s1600/1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 117x117, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 634x684, components 3\012- data
Size 110 kB (109560 bytes)
Hash 374f1b5dfd6e1d3d36f895c48977f118
69dc44e3787f472fe44e93c22892398de62b78fc
54aab95cc95c87677d2709e0262a6ff95670cb1e8d452af393cbf7dc605d0f51
GET /-gudN00LAM7g/VzOtXLzkPfI/AAAAAAAAA7E/ZiRV_3gkyHsw77ndU9ExVfPSGnKJmKIrACLcB/s1600/1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3b7"
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 109560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-cIgUj2iLYDM/VzOs_VZKh5I/AAAAAAAAA64/Ewb5vFceWk4_GhPTgYbw_mqYW6ynUu1RgCLcB/s320/2D746D0C00000578-3274944-image-m-19_1444949575782.jpg
142.250.74.161200 OK 22 kB URL HTTP/2 4.bp.blogspot.com/-cIgUj2iLYDM/VzOs_VZKh5I/AAAAAAAAA64/Ewb5vFceWk4_GhPTgYbw_mqYW6ynUu1RgCLcB/s320/2D746D0C00000578-3274944-image-m-19_1444949575782.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x256, components 3\012- data
Hash 7a1daf0b79ff4c754817faf6bca550dd
6d6c796b9848ed8187fc15fb4e527a9e7526a888
bf62a34fd50253ddc23e69eaf7b28d8c432ed8f43aa478b686d39c95161e23ca
GET /-cIgUj2iLYDM/VzOs_VZKh5I/AAAAAAAAA64/Ewb5vFceWk4_GhPTgYbw_mqYW6ynUu1RgCLcB/s320/2D746D0C00000578-3274944-image-m-19_1444949575782.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3b5"
expires: Wed, 01 Feb 2023 06:28:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2D746D0C00000578-3274944-image-m-19_1444949575782.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 06:28:48 GMT
server: fife
content-length: 22202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
puwpush.com/get/
94.130.197.134204 No Content 0 B IP 94.130.197.134:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /get/ HTTP/1.1
Host: puwpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://fadasafada.blogspot.com/
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.0
date: Tue, 31 Jan 2023 06:28:48 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 27 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 80db0e9043b2d6facad8d37b9286ef23
16232d6d38ab150dcf1435172ee18da92ba54347
0cc72369ecf0a97a86b19fc517675c9f245414b2bb885a5eb6815517c71d4873
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:48 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 03 Mar 2023 06:28:48 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 2536489
vary: Accept-Encoding
server: cloudflare
cf-ray: 792063ac7d5eb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/406675/468x60?region=eu-central-1
148.251.152.47200 OK 314 kB URL HTTP/1.1 static.a-ads.com/a-ads-banners/406675/468x60?region=eu-central-1
IP 148.251.152.47:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 468 x 60\012- data
Size 314 kB (313606 bytes)
Hash 502935a5bea08bf168dcb82f78f492c0
4d99ce110f212fa23e6d5395e56477e144a9782a
98f7371633a933c2d2f4ac839623a31216d25ee378ff8a2de55a826253af09b5
GET /a-ads-banners/406675/468x60?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ad.a-ads.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 06:28:48 GMT
Content-Type: image/gif
Content-Length: 313606
Connection: keep-alive
x-amz-id-2: 6N6b4bYlTO5VAcEYrAf/waLXcymCQlpIBXGe6ZEjQp/cPVBpVF3gF02W5N5Hqq+HrInHpJ3HhQI=
x-amz-request-id: SPZ1G5YR0FV0AH9K
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 04 Aug 2022 08:12:38 GMT
ETag: "502935a5bea08bf168dcb82f78f492c0"
Cache-Control: max-age=315360000
x-amz-version-id: kM7WaSBmDYubRzPmWVZ4zWneadzTpJwm
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
augu3yhd485st.com/chicken.gif?z=1889866&pb=43230dd6b82b5e9151bc8914ab3580441675153728&psp=aiGE_Ab5OVmx8NWaIQzlIu5dLBcgXWoZz88RIk4wWh2Y0AtKwxLFCL_3dvTYY-a0_Xrl8JREDSFddNjrs9RF_lp8LLM49l8OqFNu_LNcqiPpYVOZpU4LLxw8oX3ybGzXRo59lqQQ1MpvX6XIvxKK1h1Uc9ICR-hD76BjjjIcEK6rreOX9xj-ajphmprQiisN56nO4mGnDaTablaNoKgdMC7dn_vW8uirGj7_w62TKaJxG2IlU0MQ8sqrO5vruypZRlIpSB68W3VOjlDXdLoBGRhJnb45tezU8VOC9A3vuNJ35mPWppTP_iYqIJKpd1JtQ4deGV3pvX-bdDMW7_Tihj3vScGs0u8zZelFfkyw53KgbJJ5c9qn-3MbqcckxFWUNLvW6ncfpDz_HE1y7UAqyO7uR3lHX6AxuEUrmV5MdmKTGvSSzxGx6oib24UE6JEdqmBa1ne58k6hO14uxH3fLqhz0-zjWwU-DhIIF9O7dk4n71jEohbNMwEx9G03ACdZgjP8FxfcCi7RkQnxgfxP17sYq4WnYtQSF6nmbMT6eQpAK0brrIIN-MtrpnTsQw7mdm7ECY3dpjvagnc3Yv8HF5D03BvVv2r71sivfUCdjzH-FnX65j31OqzA9kMbJkunjCksMtx8gEbb__yoa8n5tcPjyBl3o_UiBCnolDOlj3zs0k4MwgEbbwKcS_IQNmFh-DEsoMyLlpx1GaEjQM1O1dKT7sR_-Wf2rpZuyk8EPuXcp6k57lA2cZQ4V35Gq-jNo4ParROtohhZhfnDgJPA97QB55LB1lP7eKtxEavUTCwP3a0jx3DwUIU4SdHnP1S3zGVL5s-KXXIAKlj0Jt8lqTRIW4mtka5XSO7bRi-xqmJ9ItuhZubSk4HBM7UCbG2Nal92qKOrImc8_cSKlj-IirftK5Cd3km2xkOdtBK8axh9oQa7rS7BQbR4F-GAYSvgZ99LcXN0oopV5SHve3psbhvIJuQy8M59&abvar=20&os=0
62.122.171.6200 OK 43 B URL HTTP/2 augu3yhd485st.com/chicken.gif?z=1889866&pb=43230dd6b82b5e9151bc8914ab3580441675153728&psp=aiGE_Ab5OVmx8NWaIQzlIu5dLBcgXWoZz88RIk4wWh2Y0AtKwxLFCL_3dvTYY-a0_Xrl8JREDSFddNjrs9RF_lp8LLM49l8OqFNu_LNcqiPpYVOZpU4LLxw8oX3ybGzXRo59lqQQ1MpvX6XIvxKK1h1Uc9ICR-hD76BjjjIcEK6rreOX9xj-ajphmprQiisN56nO4mGnDaTablaNoKgdMC7dn_vW8uirGj7_w62TKaJxG2IlU0MQ8sqrO5vruypZRlIpSB68W3VOjlDXdLoBGRhJnb45tezU8VOC9A3vuNJ35mPWppTP_iYqIJKpd1JtQ4deGV3pvX-bdDMW7_Tihj3vScGs0u8zZelFfkyw53KgbJJ5c9qn-3MbqcckxFWUNLvW6ncfpDz_HE1y7UAqyO7uR3lHX6AxuEUrmV5MdmKTGvSSzxGx6oib24UE6JEdqmBa1ne58k6hO14uxH3fLqhz0-zjWwU-DhIIF9O7dk4n71jEohbNMwEx9G03ACdZgjP8FxfcCi7RkQnxgfxP17sYq4WnYtQSF6nmbMT6eQpAK0brrIIN-MtrpnTsQw7mdm7ECY3dpjvagnc3Yv8HF5D03BvVv2r71sivfUCdjzH-FnX65j31OqzA9kMbJkunjCksMtx8gEbb__yoa8n5tcPjyBl3o_UiBCnolDOlj3zs0k4MwgEbbwKcS_IQNmFh-DEsoMyLlpx1GaEjQM1O1dKT7sR_-Wf2rpZuyk8EPuXcp6k57lA2cZQ4V35Gq-jNo4ParROtohhZhfnDgJPA97QB55LB1lP7eKtxEavUTCwP3a0jx3DwUIU4SdHnP1S3zGVL5s-KXXIAKlj0Jt8lqTRIW4mtka5XSO7bRi-xqmJ9ItuhZubSk4HBM7UCbG2Nal92qKOrImc8_cSKlj-IirftK5Cd3km2xkOdtBK8axh9oQa7rS7BQbR4F-GAYSvgZ99LcXN0oopV5SHve3psbhvIJuQy8M59&abvar=20&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1889866&pb=43230dd6b82b5e9151bc8914ab3580441675153728&psp=aiGE_Ab5OVmx8NWaIQzlIu5dLBcgXWoZz88RIk4wWh2Y0AtKwxLFCL_3dvTYY-a0_Xrl8JREDSFddNjrs9RF_lp8LLM49l8OqFNu_LNcqiPpYVOZpU4LLxw8oX3ybGzXRo59lqQQ1MpvX6XIvxKK1h1Uc9ICR-hD76BjjjIcEK6rreOX9xj-ajphmprQiisN56nO4mGnDaTablaNoKgdMC7dn_vW8uirGj7_w62TKaJxG2IlU0MQ8sqrO5vruypZRlIpSB68W3VOjlDXdLoBGRhJnb45tezU8VOC9A3vuNJ35mPWppTP_iYqIJKpd1JtQ4deGV3pvX-bdDMW7_Tihj3vScGs0u8zZelFfkyw53KgbJJ5c9qn-3MbqcckxFWUNLvW6ncfpDz_HE1y7UAqyO7uR3lHX6AxuEUrmV5MdmKTGvSSzxGx6oib24UE6JEdqmBa1ne58k6hO14uxH3fLqhz0-zjWwU-DhIIF9O7dk4n71jEohbNMwEx9G03ACdZgjP8FxfcCi7RkQnxgfxP17sYq4WnYtQSF6nmbMT6eQpAK0brrIIN-MtrpnTsQw7mdm7ECY3dpjvagnc3Yv8HF5D03BvVv2r71sivfUCdjzH-FnX65j31OqzA9kMbJkunjCksMtx8gEbb__yoa8n5tcPjyBl3o_UiBCnolDOlj3zs0k4MwgEbbwKcS_IQNmFh-DEsoMyLlpx1GaEjQM1O1dKT7sR_-Wf2rpZuyk8EPuXcp6k57lA2cZQ4V35Gq-jNo4ParROtohhZhfnDgJPA97QB55LB1lP7eKtxEavUTCwP3a0jx3DwUIU4SdHnP1S3zGVL5s-KXXIAKlj0Jt8lqTRIW4mtka5XSO7bRi-xqmJ9ItuhZubSk4HBM7UCbG2Nal92qKOrImc8_cSKlj-IirftK5Cd3km2xkOdtBK8axh9oQa7rS7BQbR4F-GAYSvgZ99LcXN0oopV5SHve3psbhvIJuQy8M59&abvar=20&os=0 HTTP/1.1
Host: augu3yhd485st.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301302359ed6ed2f0e42049988b35ad2cd4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 06:28:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.211.14200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.211.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 31 Jan 2023 06:28:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+796; expires=Thu, 30-Jan-2025 06:28:48 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Jan 2023 06:28:48 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.amung.us/small.js
188.114.98.234200 OK 3.5 kB URL HTTP/1.1 widgets.amung.us/small.js
IP 188.114.98.234:0
File type ASCII text, with very long lines (8560), with no line terminators
Hash 08283f674ed2a3a87b0ca0b64950ef28
1d6018c4a9104d337726cfe9f67b43ff37acc0cb
442e1c2e9e1692d86c6c4df3c68167fbddb4ec4ec7fa90258fd683f5a5f3578d
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
etag: W/"63c0411e-2170"
expires: Wed, 01 Feb 2023 05:51:31 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 2238
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792063ae6c01b518-OSL
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.211.14200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.211.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1561
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 31 Jan 2023 06:28:49 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+707; expires=Thu, 30-Jan-2025 06:28:49 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Jan 2023 06:28:49 GMT
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash dc0970ee345b90a14d79327dc20bf48c
ef64af0b9aa38731125da81bbd3aa5247d30da7d
37b0c4b55ed83ab6e05003db8b0c4814ea0f92100727929af3407e535d1c8a10
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 31 Jan 2023 06:28:49 GMT
date: Tue, 31 Jan 2023 06:28:49 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.adsco.re/
104.17.167.186200 OK 30 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 815ef37110ac6b63648f05ba53184bee
bebecd11757b35c25edcbb317a4c54c5c8d23697
36bf07548480e148703dd77a427ddd38209b3a2c5f805ca04e563d5d3bef1a1f
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Fri, 03 Mar 2023 06:28:49 GMT
ETag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2536491
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792063af28bd0b06-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://fadasafada.blogspot.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792063af3ccab518-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://fadasafada.blogspot.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 50cfe810d4623fe528394d026d8e0b2f
8c7425da9a60d48a4285592c194b5ff8ecf8ed51
6c3866d962e63adb77b6024ca55515e04ed1926eaf8d4c9cf97b7050d33afe58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C3866D962E63ADB77B6024CA55515E04ED1926EAF8D4C9CF97B7050D33AFE58"
Last-Modified: Sun, 29 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10517
Expires: Tue, 31 Jan 2023 09:24:06 GMT
Date: Tue, 31 Jan 2023 06:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8847
Expires: Tue, 31 Jan 2023 08:56:16 GMT
Date: Tue, 31 Jan 2023 06:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8765
Expires: Tue, 31 Jan 2023 08:54:54 GMT
Date: Tue, 31 Jan 2023 06:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 20 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash e5c825ed6cd0a4f41b83b479c71bbb34
d3c3a81796148d3b33b143aa7b92027db8eaed17
9f7155af5e7562c969f0b9af9b3b7d9e3544205beb74a9e344d869eeeac33db3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8765
Expires: Tue, 31 Jan 2023 08:54:54 GMT
Date: Tue, 31 Jan 2023 06:28:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZKuBcZgC6yolu1QcaXZKAIIDynG3Zywq1d7sWI8Jlq3ULwlr6XlhWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 13:04:11 GMT
age: 62678
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 30326
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ff7ziczw6ygx.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 ff7ziczw6ygx.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ff7ziczw6ygx.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mXlQ5A2PHadECkKglPquN9x68ubYk8s2to-_JjCgEQe7axfJo6K8Jw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 07:53:36 GMT
age: 81313
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e575f4c5e3aa793f846cadc8baf386c
f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d
09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 059475a7-d7de-4a44-9fc7-11fb24e201b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_9G8DIAMF64A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e399-57fea3031d1e93ec02308fac;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vzubP2I1xR5NF1amWIPiIlp6yPykWhz-CEbwDiJOs-eTWkTE-fvfjA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:16:21 GMT
age: 7948
etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:40:17 GMT
age: 10112
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d143b65b98551bde96a7f026808d4583
3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7
004be88ebe2a4840bb718a5148fcf7d2dc1400f6c1c880cee4428d66ba91dbd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9972
x-amzn-requestid: fc482a0d-3033-492d-86bf-fedd44c7cac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFNnUHmyIAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8fc8-7091fe260abb90766f87e7cf;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:10:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GfEXQhD_Og-PS-aycWJ75R5LL1r5hJtXd5MZ3OaYc6nb-bUHo0cnSA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 23:35:46 GMT
age: 24783
etag: "3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
puwpush.com/get/
94.130.197.134200 OK 1.3 kB IP 94.130.197.134:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (1324), with no line terminators
Hash 4b3e3cf9643b1ea90e5b31b6bcc9deb7
792fb57d24c2a018abea82a6a3147efcb0a62dcd
fec774489191c5f2177fd78395f767e8419ada227390079290fee463f559fdab
Analyzer Verdict Alert fortinet Malware
POST /get/ HTTP/1.1
Host: puwpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json; charset=utf-8
Content-Length: 358
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 31 Jan 2023 06:28:49 GMT
content-type: application/json
content-length: 1324
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
IP 142.250.74.131:0
Hash 19d2121c909390df60c955dbce91f24b
0f0683a38a504e6aa56262063144be4ddd9f3666
ce3c8be399bfa1581b18881e150746564cc0ead728a4cbf64317509d7f8f53ec
POST /s/gts1p5/97q-VzuQ-Mw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
IP 142.250.74.131:0
Hash 19d2121c909390df60c955dbce91f24b
0f0683a38a504e6aa56262063144be4ddd9f3666
ce3c8be399bfa1581b18881e150746564cc0ead728a4cbf64317509d7f8f53ec
POST /s/gts1p5/97q-VzuQ-Mw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:28:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0a9c125ef0e28bf4751b00ca93aa28ad
f7384adf25808b86900fdd5b33444d55eb729ce1
4803bb0ce4643c2f8b4e2d0375143ec17c670053e2b019d4de38da87a2723f5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4803BB0CE4643C2F8B4E2D0375143EC17C670053E2B019D4DE38DA87A2723F5A"
Last-Modified: Sun, 29 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10591
Expires: Tue, 31 Jan 2023 09:25:20 GMT
Date: Tue, 31 Jan 2023 06:28:49 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 376846
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 395286
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 412 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash c579d8b835d1449eb6de7b56ddcd83f4
e3e4efa2ce4d484da0a1ab38fccdacaaae99f723
04597da268ec91a6922bb31140a875ca3ec4a424b8099d62c5196865d494fb9f
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 2386
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://fadasafada.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
fadasafada.blogspot.com/favicon.ico
172.217.21.161200 OK 853 B URL HTTP/1.1 fadasafada.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash fb4886bd9d36293770a51cf81de514d0
849a906b6fbdcd24996b4eb120b6d56a691ee548
d88522b5972446ce4709f7499e16ae60495b23d657a3f7b009d15ec96622c6b8
GET /favicon.ico HTTP/1.1
Host: fadasafada.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/2016/07/o-corpo-bombado-dessa-garota-parou-web.html
Cookie: _ga=GA1.3.614154321.1675141159; _gid=GA1.3.2036173800.1675141159; a=sa3oCfkXlsSWVG5SJfIcWcck5A8951kq; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQFiAAAAAAAACZUAAovCTiMcMKACHr-FYpqurMzRIKkeuEwuIpI0YgSSg2pujrqllfwFZSz_FE6MehmQxbwMeMD-J1NWP4ZQ2bTuRvLxthfSJQ25G4uPrOd8TNbs2Ym1_8XQjxHUQTE0QRfSx5v6nh2cQPZSK0YjuTdjSQyxAe0wdvblEB-0fZzAlZPfUNXmO2NK2IrLNp73akbj1Dij-9wRlZrpZVAg8h_nHXA9bkL80B3I6weeS--cups0DjKY7ui8iLJWIS8LBL2GfWDB5i7_GouLpJmkUocmwbqK_u77joZaFfySu12OdCv_acQ1BXXG6W4I6BJQqfaAwP9CZYw8NyAD72gIi_K8UXjkYzErDnAVyr6J9gQ6MRMbPZJ5iS6eW_yINx72yOuNSINaQEVTD1wpkH-Nvb4KmUF5puN77uWra8CaeIHJDSYAppsQ48WkzPR83Wk5Rq6JWOjTz5plXN3yx551HGnbgfQ; _popprepop=1; _gat_blogger=1
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Tue, 31 Jan 2023 06:28:49 GMT
Date: Tue, 31 Jan 2023 06:28:49 GMT
Cache-Control: private, max-age=86400
Last-Modified: Thu, 27 Oct 2022 16:02:21 GMT
ETag: W/"461909ab7094b91ca3f746b4bef2045ecd7e6b9f47cd6c674f9ef7a7ce4289eb"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 853
Server: GSE
ff7ziczw6ygx.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 ff7ziczw6ygx.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ff7ziczw6ygx.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792063b2ebd8b4f3-OSL
alt-svc: h2=":443"; ma=60
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 006881f6132fe357bf26df0900205458
626f4d6ccc0aca7d3c7924c1a5ed9bf4de544fa7
70ad0f38e41eae365ed6078e44f6bd60bbee11172ff1af85b0d9f63de349c63e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70AD0F38E41EAE365ED6078E44F6BD60BBEE11172FF1AF85B0D9F63DE349C63E"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11540
Expires: Tue, 31 Jan 2023 09:41:09 GMT
Date: Tue, 31 Jan 2023 06:28:49 GMT
Connection: keep-alive
visariomedia.com/FkzEdQ.aspx?_=BQFiAAAAAAAACZUAAirIcz2ebU85gTqe4qv__jJxkGTeyIkvmIWIGz_z79_RACIWkfe_7erYtvHQy-R7W_cW7pcVyrw8ZFsGJIfEl8a2Y6nKsmakqBRrqfnWVtLS38_gN8fG8SK4Pg5sFi2eUW9NUm0wffKkU0azVU455tscKzQ92iCjsb7gUuIbPu4ueD_Knehm-84-i0o0kOPMe3yc24QlQZ0JhsMVyT68ANBPYUYDlNzmZulzAP4QVancobfzBiU0xQOFVZUVyoHPbRlllAS3TfcdkRb4500AyHu0JWDDtv48a9rr-yT7Wh_hWmLvvD-RvAtQu_iKfQLA9h60mQ_OAYBTnBjcK3LgOelBXNZ7gh4cdjJ641RPlMosVOqaR4YFxXD2aE69HY3na-ApIlWO_p4P46SOUa_zfLY4vVxlwq9S-qMGbzsxG0JfRAlJGACtGMj2co0Hjh3vv1dvBVpBgOai7v2uBIVCp-w&v=4&hjqKrILd=1302075&minBid=&UiKNTyus=0:1,0&LVtcNrTI=&edJHyWhQ=&s=1280,1024,1,1280,1024,0
216.21.12.16200 OK 44 B URL HTTP/1.1 visariomedia.com/FkzEdQ.aspx?_=BQFiAAAAAAAACZUAAirIcz2ebU85gTqe4qv__jJxkGTeyIkvmIWIGz_z79_RACIWkfe_7erYtvHQy-R7W_cW7pcVyrw8ZFsGJIfEl8a2Y6nKsmakqBRrqfnWVtLS38_gN8fG8SK4Pg5sFi2eUW9NUm0wffKkU0azVU455tscKzQ92iCjsb7gUuIbPu4ueD_Knehm-84-i0o0kOPMe3yc24QlQZ0JhsMVyT68ANBPYUYDlNzmZulzAP4QVancobfzBiU0xQOFVZUVyoHPbRlllAS3TfcdkRb4500AyHu0JWDDtv48a9rr-yT7Wh_hWmLvvD-RvAtQu_iKfQLA9h60mQ_OAYBTnBjcK3LgOelBXNZ7gh4cdjJ641RPlMosVOqaR4YFxXD2aE69HY3na-ApIlWO_p4P46SOUa_zfLY4vVxlwq9S-qMGbzsxG0JfRAlJGACtGMj2co0Hjh3vv1dvBVpBgOai7v2uBIVCp-w&v=4&hjqKrILd=1302075&minBid=&UiKNTyus=0:1,0&LVtcNrTI=&edJHyWhQ=&s=1280,1024,1,1280,1024,0
IP 216.21.12.16:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /FkzEdQ.aspx?_=BQFiAAAAAAAACZUAAirIcz2ebU85gTqe4qv__jJxkGTeyIkvmIWIGz_z79_RACIWkfe_7erYtvHQy-R7W_cW7pcVyrw8ZFsGJIfEl8a2Y6nKsmakqBRrqfnWVtLS38_gN8fG8SK4Pg5sFi2eUW9NUm0wffKkU0azVU455tscKzQ92iCjsb7gUuIbPu4ueD_Knehm-84-i0o0kOPMe3yc24QlQZ0JhsMVyT68ANBPYUYDlNzmZulzAP4QVancobfzBiU0xQOFVZUVyoHPbRlllAS3TfcdkRb4500AyHu0JWDDtv48a9rr-yT7Wh_hWmLvvD-RvAtQu_iKfQLA9h60mQ_OAYBTnBjcK3LgOelBXNZ7gh4cdjJ641RPlMosVOqaR4YFxXD2aE69HY3na-ApIlWO_p4P46SOUa_zfLY4vVxlwq9S-qMGbzsxG0JfRAlJGACtGMj2co0Hjh3vv1dvBVpBgOai7v2uBIVCp-w&v=4&hjqKrILd=1302075&minBid=&UiKNTyus=0:1,0&LVtcNrTI=&edJHyWhQ=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: visariomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Tue, 31 Jan 2023 06:28:49 GMT
whos.amung.us/pingjs/?k=ye5ceaun2a13&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!&c=s&x=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&y=&a=0&d=1.395&v=27&r=3568
172.67.8.141200 OK 51 B URL HTTP/1.1 whos.amung.us/pingjs/?k=ye5ceaun2a13&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!&c=s&x=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&y=&a=0&d=1.395&v=27&r=3568
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash 5e5ed9e288e187b67f082bb178499a20
4a5b2e0aefe2dc30eda4979bdef436d3866d8c9d
d4da90e7d35aab776184092737db5c0b9fa826edf84222f6700b179728314c1f
GET /pingjs/?k=ye5ceaun2a13&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!&c=s&x=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&y=&a=0&d=1.395&v=27&r=3568 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792063b4cfbb0b51-OSL
whos.amung.us/pingjs/?k=ye5ceaun2a13&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!&c=s&x=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&y=&a=1&d=1.395&v=27&r=8688
172.67.8.141200 OK 51 B URL HTTP/1.1 whos.amung.us/pingjs/?k=ye5ceaun2a13&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!&c=s&x=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&y=&a=1&d=1.395&v=27&r=8688
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash 11911bfa60c5ea400074de412c1deffa
f41565f03c6a4519274e25e420d89f0f06cbd1cc
ecc6384ec35d1f4a82e13682b72a01e8748c3c001031bf3ae2598ed18824e191
GET /pingjs/?k=ye5ceaun2a13&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!&c=s&x=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&y=&a=1&d=1.395&v=27&r=8688 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792063b4cf0bb4fd-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7a216b4cdc1c95c59f5463b19f22b873
5aa561794c0e05c475bef80e5e6270b4d7da29fc
8c3ae8bd5d76089e1a403ec1fb1cba3c74e581063c0f6c007302aa2b4039b095
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 11:33:40 GMT
Expires: Sun, 05 Feb 2023 11:33:39 GMT
Etag: "5aa561794c0e05c475bef80e5e6270b4d7da29fc"
Cache-Control: max-age=449688,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792063b66b68b4f7-OSL
ff7ziczw6ygx.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 ff7ziczw6ygx.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ff7ziczw6ygx.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:50 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7a216b4cdc1c95c59f5463b19f22b873
5aa561794c0e05c475bef80e5e6270b4d7da29fc
8c3ae8bd5d76089e1a403ec1fb1cba3c74e581063c0f6c007302aa2b4039b095
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:28:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 11:33:40 GMT
Expires: Sun, 05 Feb 2023 11:33:39 GMT
Etag: "5aa561794c0e05c475bef80e5e6270b4d7da29fc"
Cache-Control: max-age=449688,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792063b619200b3d-OSL
cdn.tynt.com/tc.js
172.64.151.83200 OK 6.7 kB IP 172.64.151.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash b9634caacb549d84184a80dc49789266
351eee6585f8f85eea954edfe6555973beb6b1fb
af7a6bf911a73bb07bc458e5a4cb7bb93799ee3910268459bfcb31bfa9fa6e0c
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:50 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
vary: Accept-Encoding
etag: W/"63bdcce4-4571"
content-encoding: gzip
cf-cache-status: HIT
age: 4960
expires: Fri, 03 Feb 2023 06:28:50 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 792063b7da5e0b3d-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA!
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&t=O%20corpo%20bombado%20dessa%20garota%20parou%20a%20web%20e%20vai%20chocar%20voc%C3%AA! HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:28:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=fadasafada.blogspot.com&_s=1&_ss=6ev84ohnpv&_pv=1&_ls=0&_cc=no&_pl=d&_b=firefox%40105&_cbid=1euj&_cb=_dtspv.c
141.101.120.11200 OK 5 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=fadasafada.blogspot.com&_s=1&_ss=6ev84ohnpv&_pv=1&_ls=0&_cc=no&_pl=d&_b=firefox%40105&_cbid=1euj&_cb=_dtspv.c
IP 141.101.120.11:0
Hash 2f74303ebf03437d61c9be13e83559be
c5ac1f65afbb03c8a5c8c0a30a132646e0350f5f
e69756541aea45840eeefcbc3b41cd1d5eea599c4d3f24f13bcd6ac154f3183c
GET /pv/?_a=v&_h=fadasafada.blogspot.com&_s=1&_ss=6ev84ohnpv&_pv=1&_ls=0&_cc=no&_pl=d&_b=firefox%40105&_cbid=1euj&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Cookie: oa=2; df=1675141145; m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:50 GMT
content-type: application/javascript
x-t: 0.088
x-c: 0
expires: Tue, 31 Jan 2023 06:28:48 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ire5mKyrEPLrTfWNU9N4qP1lOcAf2wW1QliyHomsuMANsvfags1kPeuKDmJq91rxIuI%2FHalms9%2BpJj0gWfSl37iRfgn0okoNrYCMfjX9Q2D62%2FpWGaeyTnCX1qMgEAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792063b30e4f993c-ARN
content-encoding: br
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:28:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:28:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ye5ceaun2a13&lm=0&ts=1675146546079&dn=TC&iso=0&pu=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:28:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b43468b05cd1fd11c398263a80e4edb2
02e964ea5a88c866267ac6c5601bfcde26ffd42b
19783f05297f7ed5d7ca8cec0fc0e1676831275ac48f1510a4f410dbe2802314
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4634
x-amzn-requestid: 2941da94-203c-47d1-99ee-d864bdbf6993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCAHF9kIAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e39a-78bb7189351d830a7ef70c67;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hWONP8eVA6h5VMyREx_CgRY2zeb9KUxipWiXdx9dHBtU2YDV07lGXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:46:51 GMT
age: 6125
etag: "02e964ea5a88c866267ac6c5601bfcde26ffd42b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
augu3yhd485st.com/get/1889866?zoneid=1889866&jp=_cl987e9g7ywh6c4m3yeav8&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050432077857501
62.122.171.6200 OK 0 B URL HTTP/2 augu3yhd485st.com/get/1889866?zoneid=1889866&jp=_cl987e9g7ywh6c4m3yeav8&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050432077857501
IP 62.122.171.6:0
GET /get/1889866?zoneid=1889866&jp=_cl987e9g7ywh6c4m3yeav8&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050432077857501 HTTP/1.1
Host: augu3yhd485st.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Cookie: UID=2301302359ed6ed2f0e42049988b35ad2cd4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 06:28:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&j=
141.101.120.11200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&j=
IP 141.101.120.11:0
GET /i/?l=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Cookie: oa=1; df=1675141145
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:49 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Tue, 31-Jan-2023 07:52:09 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=2; Domain=dtscout.com; Expires=Tue, 31-Jan-2023 10:28:49 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
x-t: 0.471
expires: Tue, 31 Jan 2023 06:28:48 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FxyRbXy3BoxLRltv0Uj1luFamj6Gv4RLR1uW5inrKdPVCiTpCn8fch4IarHcFox25YM%2ByS2PkHHlrKzFHCvV8vbO4jHd5AoyYKHUicfJXKLmTs5pSWqnngHRTLxjzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792063b13ce5993c-ARN
content-encoding: br
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&j=
141.101.120.11200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&j=
IP 141.101.120.11:0
GET /i/?l=http%3A%2F%2Ffadasafada.blogspot.com%2F2016%2F07%2Fo-corpo-bombado-dessa-garota-parou-web.html&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Cookie: oa=1; df=1675141145
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:50 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Tue, 31-Jan-2023 07:52:09 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=2; Domain=dtscout.com; Expires=Tue, 31-Jan-2023 10:28:49 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
x-t: 0.495
expires: Tue, 31 Jan 2023 06:28:48 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29raU3rqOrmJKP%2FsfxmQkwHR0jdgUp2K7BJV9BOIsUPLCYJa9czOVC7sIJMB9SXsTXjN4LDwnFwR4vM2ZY8ugQgOuFGrtpPNfyHuLFLYdwCdCIG8HjIaNb4BsMtfMLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792063b2ee41993c-ARN
content-encoding: br
X-Firefox-Spdy: h2
augu3yhd485st.com/get/1889866?zoneid=1889866&jp=_clgdcvjo93haz5e36g9vrr&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2080107240889421
62.122.171.6200 OK 0 B URL HTTP/2 augu3yhd485st.com/get/1889866?zoneid=1889866&jp=_clgdcvjo93haz5e36g9vrr&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2080107240889421
IP 62.122.171.6:0
GET /get/1889866?zoneid=1889866&jp=_clgdcvjo93haz5e36g9vrr&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2080107240889421 HTTP/1.1
Host: augu3yhd485st.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Cookie: UID=2301302359ed6ed2f0e42049988b35ad2cd4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 06:28:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.visariomedia.com/polyfill.min.js
185.76.9.24200 OK 0 B URL HTTP/2 www.visariomedia.com/polyfill.min.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /polyfill.min.js HTTP/1.1
Host: www.visariomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fadasafada.blogspot.com
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:48 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Mon, 06 Feb 2023 20:15:41 GMT
access-control-allow-origin: *
link: <https://visariomedia.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1675714542
server: CDN77-Turbo
x-77-nzt: AblMCRSTxO3/so8AAA
x-77-nzt-ray: af5856307f0b98bf20b5d8638396041a
x-cache: HIT
x-age: 36786
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.tubecorp.com/p.js
45.133.44.24200 OK 0 B IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /p.js HTTP/1.1
Host: cdn.tubecorp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fadasafada.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:28:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.20.1
last-modified: Mon, 26 Jul 2021 09:33:41 GMT
etag: W/"60fe8175-18a6c"
cache-control: max-age=3600
x-request-id: 6584b79b379a597a0adeab249a170fbd
content-encoding: gzip
expires: Tue, 31 Jan 2023 07:28:48 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2