firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 18:13:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PKO0scgXsCIGrEskUJEjW8rEglTaU7ns7Awzq1GpuZp5VTHFblexQA==
Age: 2996
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3371
Expires: Wed, 21 Sep 2022 19:59:46 GMT
Date: Wed, 21 Sep 2022 19:03:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BiAIhgxtHaBXKSCPpf9DjGhHFXML_w6MKHs2CekYt1faDtRNsErDkQ==
age: 52102
X-Firefox-Spdy: h2
www.lamaestravisaluta2.blogspot.com/
142.250.74.161301 Moved Permanently 185 B URL HTTP/1.1 www.lamaestravisaluta2.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0662f457f6f4a6469d8602a03e80f46b
b96e1612ba08326801ca8f10991fc328cea861ed
2031e1ac255df86f95a5352587b7a0347f38a205e3a11d65f53c87c1f95b39fa
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.lamaestravisaluta2.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://lamaestravisaluta2.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 21 Sep 2022 19:03:34 GMT
Expires: Wed, 21 Sep 2022 19:03:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 185
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 440047a55d718e4bb5f4e696aefdc4cd
d6ee8ddd58a67f4e3d3fae298fbc3958ca1b0f67
75695e1a1f190f95f5ac1514ca6848071ad135e9e6a53f1ae2d85d9b8183043c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 19:03:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
lamaestravisaluta2.blogspot.com/
142.250.74.161301 Moved Permanently 175 B URL HTTP/2 lamaestravisaluta2.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f462f7bf2334dc748ec9045c812b51f7
9b6467188c6692a3b338ea6a526dd4cbf684ee43
4a7138cb1933bb9129c2f64bc962898b5b0590aed3d4584657e739c3070e6bd5
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: lamaestravisaluta2.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: http://www.ciaomaestra.com/
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:35 GMT
expires: Wed, 21 Sep 2022 19:03:35 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 175
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 440047a55d718e4bb5f4e696aefdc4cd
d6ee8ddd58a67f4e3d3fae298fbc3958ca1b0f67
75695e1a1f190f95f5ac1514ca6848071ad135e9e6a53f1ae2d85d9b8183043c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 19:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 19:44:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YZdbN1gKhA7vegogWmheeUoKkGZSDJt4AGfPjqLK75pUCo0l01v8tA==
Age: 13
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 945
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:35 GMT
Last-Modified: Wed, 21 Sep 2022 18:47:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aex4pmHxDE0xd2wbgA2Vvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I8ypz7k/2kId67Kq5e6/UxkrpHk=
go.ezoic.net/ezoic/ezoic.js
143.204.55.129200 OK 3.2 kB URL HTTP/1.1 go.ezoic.net/ezoic/ezoic.js
IP 143.204.55.129:0
File type HTML document text\012- HTML document, ASCII text
Hash 3ae57ece62a63135d26d850db7cb1ffa
4b54917a1152a5b8ad65089a86e2a0ab44fbc6cd
9756a85fe2ab80fa815770833dacf6fe4a5140aea1418379d6f0071f921981f4
GET /ezoic/ezoic.js HTTP/1.1
Host: go.ezoic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 06:21:54 GMT
ETag: "3090-5e69dc24355c0-gzip"
Expires: Mon, 28 Aug 2023 06:21:54 GMT
Last-Modified: Fri, 19 Aug 2022 20:15:27 GMT
Server: nginx
X-Robots-Tag: noindex
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yWZh9gtemB1lNCU-3EnaY4iWGoc-LNmToUxDlXYoiVljB-PNLC75BQ==
Age: 2119302
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a66068824c8bed97e895f8f292ef0623
704bb22deb8b53f64e199eea05e680cf93f1192a
2e7f65288c12ebae7ed8e7616377045016d8ea89017d7429b68d8ded3a90c633
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ciaomaestra.com/
216.239.32.21200 OK 31 kB IP 216.239.32.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11103)
Hash 417b93c8df0cdc45299c6021872a7057
ee00e8da91056e18a0cb117294b15b5c24813044
f70e1061b820e9c29337bbecb49b58d3daebf3bb56d9d9c8305e388201167917
GET / HTTP/1.1
Host: www.ciaomaestra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 21 Sep 2022 19:03:35 GMT
Date: Wed, 21 Sep 2022 19:03:35 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 21 Sep 2022 12:37:50 GMT
ETag: W/"f65435faf363f9f368b5935a335e96139c4336655dbbc3752b13f2266691fb5d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 31078
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a9c6271cfc8a012f6617d0703e011f54
77689f3e7695a13a7a51d6df955772f4068a9163
3aaa0e6e1fbf3ca2c22e73dc067f4e5146c21e142930f526651e0180eba35cb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.201200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 17:23:11 GMT
expires: Thu, 21 Sep 2023 17:23:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 20 Sep 2022 21:55:54 GMT
content-type: text/css
age: 6025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 440047a55d718e4bb5f4e696aefdc4cd
d6ee8ddd58a67f4e3d3fae298fbc3958ca1b0f67
75695e1a1f190f95f5ac1514ca6848071ad135e9e6a53f1ae2d85d9b8183043c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.statcounter.com/counter/counter_xhtml.js
104.20.229.67200 OK 14 kB URL HTTP/1.1 www.statcounter.com/counter/counter_xhtml.js
IP 104.20.229.67:0
File type ASCII text, with very long lines (43632), with no line terminators
Hash ec70672a2f4620ce69dbd93d41715fb2
68d559ba806e8aa338221616ba9a85ae582e03a3
f6cd20fa5ef3de2a6bd894efa434c1650f12cf6b3c9df03d45489aff18c44b7e
GET /counter/counter_xhtml.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 19:03:36 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 21 Sep 2022 08:36:03 GMT
ETag: W/"aa70-5e92bd5c818a4"
Cache-Control: max-age=43200
Expires: Thu, 22 Sep 2022 00:27:55 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
User-Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 23741
Server: cloudflare
CF-RAY: 74e50fd36d771c12-OSL
www.blogger.com/static/v1/widgets/139732538-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/139732538-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 85f397c389efac9ad63d1798bceeff88
2258e2f2f18d8a6c6bb4d89e3c047c6c83da4f4b
e0d600281770079e5cdb9f4bb66aa3bdce5ee67e21c321c9e325789e96e5db76
GET /static/v1/widgets/139732538-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56922
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 02:05:24 GMT
expires: Tue, 19 Sep 2023 02:05:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 00:49:30 GMT
content-type: text/javascript
age: 233892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 440047a55d718e4bb5f4e696aefdc4cd
d6ee8ddd58a67f4e3d3fae298fbc3958ca1b0f67
75695e1a1f190f95f5ac1514ca6848071ad135e9e6a53f1ae2d85d9b8183043c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ciaomaestra.com/js/cookienotice.js
216.239.32.21200 OK 2.0 kB URL HTTP/1.1 www.ciaomaestra.com/js/cookienotice.js
IP 216.239.32.21:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.ciaomaestra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Wed, 28 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 21 Sep 2022 15:52:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 440047a55d718e4bb5f4e696aefdc4cd
d6ee8ddd58a67f4e3d3fae298fbc3958ca1b0f67
75695e1a1f190f95f5ac1514ca6848071ad135e9e6a53f1ae2d85d9b8183043c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/coop/cse/brand?form=searchbox_017685108214920485934%3Aizx6pzojwka
142.250.74.164301 Moved Permanently 237 B URL HTTP/1.1 www.google.com/coop/cse/brand?form=searchbox_017685108214920485934%3Aizx6pzojwka
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd
GET /coop/cse/brand?form=searchbox_017685108214920485934%3Aizx6pzojwka HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.gstatic.com/prose/brandjs.js
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Wed, 21 Sep 2022 19:33:36 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Wed, 21 Sep 2022 19:03:36 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5f35d22782378ad2"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Ipfr2gV-lBE/XXafdDnTy4I/AAAAAAAAT9A/NopmAHG8pb05U0PSutpdXEkiLTCuiW2RwCLcBGAs/w268-h400/pixelart%2Btavolozza.PNG
142.250.74.161200 OK 20 kB URL HTTP/2 1.bp.blogspot.com/-Ipfr2gV-lBE/XXafdDnTy4I/AAAAAAAAT9A/NopmAHG8pb05U0PSutpdXEkiLTCuiW2RwCLcBGAs/w268-h400/pixelart%2Btavolozza.PNG
IP 142.250.74.161:0
File type PNG image data, 265 x 394, 8-bit/color RGB, non-interlaced\012- data
Hash d73c0df9376a8e85913f21fe797ec3ab
95034bcd899839031fe0f1ac6030db2b10c1ccdf
ce8083ee23a21382fb98e8b5549d6e37fdd461319a60196d36bd190d1294844f
GET /-Ipfr2gV-lBE/XXafdDnTy4I/AAAAAAAAT9A/NopmAHG8pb05U0PSutpdXEkiLTCuiW2RwCLcBGAs/w268-h400/pixelart%2Btavolozza.PNG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="pixelart tavolozza.PNG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 20042
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Mon, 19 Sep 2022 09:37:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v4fd1"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 440047a55d718e4bb5f4e696aefdc4cd
d6ee8ddd58a67f4e3d3fae298fbc3958ca1b0f67
75695e1a1f190f95f5ac1514ca6848071ad135e9e6a53f1ae2d85d9b8183043c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85b454a2471ec22b79e5604fa78e22d8
a9faadddfc0f73275ee37fa82c26e8e8fbeef1b4
57d297b630613b5a2bd12fe8858c9e0cb031ea39f0a6e2f4b5650d043c215133
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-7Vt9NH55Pmg/XXae4z_C0bI/AAAAAAAAT84/Pv_QjB37phccYt-NeFNYtvurgYVAuY46wCLcBGAs/w272-h400/pixelart%2Bmappamondo.PNG
142.250.74.161200 OK 21 kB URL HTTP/2 1.bp.blogspot.com/-7Vt9NH55Pmg/XXae4z_C0bI/AAAAAAAAT84/Pv_QjB37phccYt-NeFNYtvurgYVAuY46wCLcBGAs/w272-h400/pixelart%2Bmappamondo.PNG
IP 142.250.74.161:0
File type PNG image data, 261 x 382, 8-bit/color RGB, non-interlaced\012- data
Hash 11a3a82e197347f78de155d2ab6b7dca
cc2becd96e5fb4861dc960ca36d3e61614638664
b7100eb3906bbb7131b9f6d221b13478b174b8e4ee8158143eaacc318867bab9
GET /-7Vt9NH55Pmg/XXae4z_C0bI/AAAAAAAAT84/Pv_QjB37phccYt-NeFNYtvurgYVAuY46wCLcBGAs/w272-h400/pixelart%2Bmappamondo.PNG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="pixelart mappamondo.PNG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 21328
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Mon, 19 Sep 2022 09:37:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v4fcf"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-XOru1_Umhy4/XXafzVzBRbI/AAAAAAAAT9M/MtQY_rlJWLM2I49embyB85_ltNLkurZRwCLcBGAs/w261-h400/pixelart%2Bportapenne.PNG
142.250.74.161200 OK 40 kB URL HTTP/2 1.bp.blogspot.com/-XOru1_Umhy4/XXafzVzBRbI/AAAAAAAAT9M/MtQY_rlJWLM2I49embyB85_ltNLkurZRwCLcBGAs/w261-h400/pixelart%2Bportapenne.PNG
IP 142.250.74.161:0
File type PNG image data, 261 x 399, 8-bit/color RGB, non-interlaced\012- data
Hash d42f98f7113ba59e82a4551801805f0f
5cf0257fa462362cf9d8e1dfaa919575a34c41a1
def455de4041a5a2902637863942d9adaa38d7b4cae0f88671c3b4e6c1889682
GET /-XOru1_Umhy4/XXafzVzBRbI/AAAAAAAAT9M/MtQY_rlJWLM2I49embyB85_ltNLkurZRwCLcBGAs/w261-h400/pixelart%2Bportapenne.PNG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="pixelart portapenne.PNG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 40161
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Mon, 19 Sep 2022 09:37:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v4fd4"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-1sd3En0nVBM/XXaeG1-AguI/AAAAAAAAT8w/IAmc45Cb5zk1R-RiCOcwaUTlrRVFYBEpgCLcBGAs/w281-h400/pixelart%2Borsetto.PNG
142.250.74.161200 OK 23 kB URL HTTP/2 1.bp.blogspot.com/-1sd3En0nVBM/XXaeG1-AguI/AAAAAAAAT8w/IAmc45Cb5zk1R-RiCOcwaUTlrRVFYBEpgCLcBGAs/w281-h400/pixelart%2Borsetto.PNG
IP 142.250.74.161:0
File type PNG image data, 275 x 390, 8-bit/color RGB, non-interlaced\012- data
Hash 41306abdf2c1bae124358ae9d9ec2fd2
2879222779b8e4c035711089b788346ba2cb1176
21d84f7269ffa321438306407e511e877bd7d906f1e48587ad51ab6d8f29da5c
GET /-1sd3En0nVBM/XXaeG1-AguI/AAAAAAAAT8w/IAmc45Cb5zk1R-RiCOcwaUTlrRVFYBEpgCLcBGAs/w281-h400/pixelart%2Borsetto.PNG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="pixelart orsetto.PNG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 23104
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Wed, 21 Sep 2022 18:16:16 GMT
cache-control: public, max-age=86400, no-transform
etag: "v4fcd"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d5298af64aabece85f7035361f571aa1
7dbf8496ba45c74b5d52643edc3cfb73ae4ac7d1
9f355b09df283b904580cc4b2fd1db1d3dcc20fae0db70a0862e1fe9a119cb3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4506
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Last-Modified: Wed, 21 Sep 2022 17:48:31 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/v0/amp-ad-0.1.js
216.58.211.1200 OK 23 kB URL HTTP/2 cdn.ampproject.org/v0/amp-ad-0.1.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (65534)
Hash acee42c829bc9c539e827592b9f57810
1bb4022166fb5e4ab9da64b67c5be9a9ac0d4c45
4b880a79902f61bcf851de3c914a6503f122f544fc6cd87a5cd0d5e242f65f6c
GET /v0/amp-ad-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 23079
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Wed, 21 Sep 2022 19:03:36 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "a56a470e0e255659"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.it/coop/cse/brand?form=cse-search-box&lang=it
142.250.74.131301 Moved Permanently 237 B URL HTTP/1.1 www.google.it/coop/cse/brand?form=cse-search-box&lang=it
IP 142.250.74.131:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd
GET /coop/cse/brand?form=cse-search-box&lang=it HTTP/1.1
Host: www.google.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.gstatic.com/prose/brandjs.js
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Wed, 21 Sep 2022 19:33:36 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
g.ezoic.net/?ezjsu=http%3A%2F%2Fwww.ciaomaestra.com%2F
3.66.136.156301 Moved Permanently 0 B URL HTTP/1.1 g.ezoic.net/?ezjsu=http%3A%2F%2Fwww.ciaomaestra.com%2F
IP 3.66.136.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?ezjsu=http%3A%2F%2Fwww.ciaomaestra.com%2F HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.ciaomaestra.com
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: http://www.ciaomaestra.com
Access-Control-Max-Age: 1728000
Cache-Control: public, max-age=86400
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 21 Sep 2022 19:03:36 GMT
Location: https://www.ciaomaestra.com/
Server: Apache/2.4.39 (Ubuntu)
Vary: Accept-Encoding
X-Middleton-Display: redirect
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a66068824c8bed97e895f8f292ef0623
704bb22deb8b53f64e199eea05e680cf93f1192a
2e7f65288c12ebae7ed8e7616377045016d8ea89017d7429b68d8ded3a90c633
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-fh8QczNKraU/Ye_ZL11d-GI/AAAAAAAACdg/Gz_-s00D5kUtFPkXP_TRIgQoyonEdKGKQCNcBGAsYHQ/s851/Ciao%2Bbambini.PNG
142.250.74.161200 OK 3.5 kB URL HTTP/2 1.bp.blogspot.com/-fh8QczNKraU/Ye_ZL11d-GI/AAAAAAAACdg/Gz_-s00D5kUtFPkXP_TRIgQoyonEdKGKQCNcBGAsYHQ/s851/Ciao%2Bbambini.PNG
IP 142.250.74.161:0
File type PNG image data, 851 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash b0f5a8c36f4b71164aafbcea2f6e2b99
cfe1fb6045f51ba3b057e8e430f4f25b4c3e02fc
c854cbd9b95289e2e6187a1b89f9318211f887635ed01f635934847e8eed0ea6
GET /-fh8QczNKraU/Ye_ZL11d-GI/AAAAAAAACdg/Gz_-s00D5kUtFPkXP_TRIgQoyonEdKGKQCNcBGAsYHQ/s851/Ciao%2Bbambini.PNG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Ciao bambini.PNG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3461
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Mon, 12 Sep 2022 17:09:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v9d9"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/prose/brandjs.js
142.250.74.163200 OK 5.8 kB URL HTTP/2 www.gstatic.com/prose/brandjs.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (1352)
Hash 10aa07ab4f7de5535f4cafe167ca4fa7
6c804574a29f9d8a77ed2823a7879e56dbc42c22
d111484a9bceee10b129b20ebd4ead4639b5d7dd78117522249195fb84db3cf0
GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:24:28 GMT
expires: Thu, 22 Sep 2022 14:24:28 GMT
cache-control: public, max-age=86400
age: 16748
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rcm-eu.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
52.95.123.253301 Moved Permanently 163 B URL HTTP/1.1 rcm-eu.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
IP 52.95.123.253:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c4bede7d6b8e56951ae0c0e194153af0
f11f69eaee4f3cd0c75d0f41f1f1d213a359d5b7
b691e78554674f4bb12223fcd4d40aa99c80a83f96d7c251eb116afb33c5fe8a
GET /e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7 HTTP/1.1
Host: rcm-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Server
Date: Wed, 21 Sep 2022 19:03:36 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://rcm-eu.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
2.bp.blogspot.com/-6TAeSQq6RcA/X62YUgJ8KYI/AAAAAAAAVOE/SpgRowAWa-8OlL52iVw0_4dO5bGm45r6gCK4BGAYYCw/s1600/Ciao%2BBambini%2BBadge.png
142.250.74.161200 OK 79 kB URL HTTP/1.1 2.bp.blogspot.com/-6TAeSQq6RcA/X62YUgJ8KYI/AAAAAAAAVOE/SpgRowAWa-8OlL52iVw0_4dO5bGm45r6gCK4BGAYYCw/s1600/Ciao%2BBambini%2BBadge.png
IP 142.250.74.161:0
File type PNG image data, 500 x 700, 8-bit/color RGBA, non-interlaced\012- data
Hash 442af405fefa6ad43811cbf9cecc0d79
8bde605691fb3c8c58cc5815b3ee817b3d524eab
143767543080b47ceef5439648186bedd604e86a769447fce4052034aa622498
GET /-6TAeSQq6RcA/X62YUgJ8KYI/AAAAAAAAVOE/SpgRowAWa-8OlL52iVw0_4dO5bGm45r6gCK4BGAYYCw/s1600/Ciao%2BBambini%2BBadge.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Ciao Bambini Badge.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 79351
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 15:24:08 GMT
Expires: Fri, 09 Sep 2022 15:01:04 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13168
ETag: "v54e2"
Content-Type: image/png
1.bp.blogspot.com/_zs_oQcvX5_0/SpU4AOZtt1I/AAAAAAAAD3Y/J52JMhrFiUs/w72-h72-p-k-no-nu/back-to-school.svg.hi.png
142.250.74.161200 OK 6.5 kB URL HTTP/2 1.bp.blogspot.com/_zs_oQcvX5_0/SpU4AOZtt1I/AAAAAAAAD3Y/J52JMhrFiUs/w72-h72-p-k-no-nu/back-to-school.svg.hi.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c000c4dd3077de25d5fc73ef878e8e8
682927e0e1d3b8faa0bb979a4d9ca96589dcc042
8b41352f7d91bf4e681d0f58ecb7d4e3b5f11e1a77df513a61d69eafd3d7187b
GET /_zs_oQcvX5_0/SpU4AOZtt1I/AAAAAAAAD3Y/J52JMhrFiUs/w72-h72-p-k-no-nu/back-to-school.svg.hi.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="back-to-school.svg.hi.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6484
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Mon, 12 Sep 2022 17:09:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "vf76"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/_zs_oQcvX5_0/SpU3ZkWjTTI/AAAAAAAAD3Q/043zlNP7tCM/w72-h72-p-k-no-nu/scool+supplies.jpg
142.250.74.161200 OK 6.7 kB URL HTTP/2 1.bp.blogspot.com/_zs_oQcvX5_0/SpU3ZkWjTTI/AAAAAAAAD3Q/043zlNP7tCM/w72-h72-p-k-no-nu/scool+supplies.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 36ddeb9d956650b8e8a56f0eba831fe3
b14e48eef99a46d35da7d2c91d197193b1a2ff86
b6154ae8e88cb88d4b79fcbf7b8327c2f654fede0104a62887ec214ab86c86e7
GET /_zs_oQcvX5_0/SpU3ZkWjTTI/AAAAAAAAD3Q/043zlNP7tCM/w72-h72-p-k-no-nu/scool+supplies.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="scool supplies.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6663
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:36 GMT
expires: Mon, 12 Sep 2022 17:09:52 GMT
cache-control: public, max-age=86400, no-transform
etag: "vf74"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-89YzP2hQK7g/Uff1c-Q0kWI/AAAAAAAANfY/PTf5pd9-6Is/s228/rome.PNG
142.250.74.161200 OK 47 kB URL HTTP/1.1 1.bp.blogspot.com/-89YzP2hQK7g/Uff1c-Q0kWI/AAAAAAAANfY/PTf5pd9-6Is/s228/rome.PNG
IP 142.250.74.161:0
File type PNG image data, 228 x 205, 8-bit/color RGBA, non-interlaced\012- data
Hash b08a3e98dcc547e564df8aae233bde30
ae9069b5623235eb3f4a32fe64bbe87cefa18365
7466da71d005562eb1eec8b9264a2d080d08fa44535ff93abfa9a3bad7b430b4
GET /-89YzP2hQK7g/Uff1c-Q0kWI/AAAAAAAANfY/PTf5pd9-6Is/s228/rome.PNG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rome.PNG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 46955
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Mon, 12 Sep 2022 17:09:52 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v35f7"
Content-Type: image/png
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85b454a2471ec22b79e5604fa78e22d8
a9faadddfc0f73275ee37fa82c26e8e8fbeef1b4
57d297b630613b5a2bd12fe8858c9e0cb031ea39f0a6e2f4b5650d043c215133
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/_zs_oQcvX5_0/SLF6O_F8gMI/AAAAAAAAB64/QXpsZLQ9h90/w72-h72-p-k-no-nu/f.jpg
142.250.74.161200 OK 3.6 kB URL HTTP/1.1 3.bp.blogspot.com/_zs_oQcvX5_0/SLF6O_F8gMI/AAAAAAAAB64/QXpsZLQ9h90/w72-h72-p-k-no-nu/f.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d1deea33c9cd8d49da5cb99d38aefc28
ae564647bcf1a7ef6ab79ac5b96ffdfdbfac7f13
4c7e5bdaee6087c176e17efcc8217a4fa53393ad4761024cfd0a4c44a2f9e24e
GET /_zs_oQcvX5_0/SLF6O_F8gMI/AAAAAAAAB64/QXpsZLQ9h90/w72-h72-p-k-no-nu/f.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="f.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3607
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Wed, 21 Sep 2022 06:26:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v7ae"
Content-Type: image/jpeg
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d5298af64aabece85f7035361f571aa1
7dbf8496ba45c74b5d52643edc3cfb73ae4ac7d1
9f355b09df283b904580cc4b2fd1db1d3dcc20fae0db70a0862e1fe9a119cb3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4506
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Last-Modified: Wed, 21 Sep 2022 17:48:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
rcm-eu.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
52.95.123.253302 Found 481 B URL HTTP/1.1 rcm-eu.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
IP 52.95.123.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (347)
Hash af526d4cd39a70c8360f591924d59ffe
95af62c847bb074b8079ecda3ebf4b710cacce42
5305f7a0128bb91f6dc771569871cac9df57f045862be7c50b930b67d5cf322a
GET /e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7 HTTP/1.1
Host: rcm-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Wed, 21 Sep 2022 19:03:36 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 481
Connection: keep-alive
x-amz-rid: SRAD7RA939C255XT2N3G
Location: https://ws-eu.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=300; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a54412631157f051402860bcfb96e844
dd4b026cfc1ad18439db8ace65213318f18ae9f0
a43d2fbb8e64eea2f1bb4ab920cbf7c18bf90a42da0cfe3b41e5912824debc08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4776
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Last-Modified: Wed, 21 Sep 2022 17:44:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a54412631157f051402860bcfb96e844
dd4b026cfc1ad18439db8ace65213318f18ae9f0
a43d2fbb8e64eea2f1bb4ab920cbf7c18bf90a42da0cfe3b41e5912824debc08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4776
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:36 GMT
Last-Modified: Wed, 21 Sep 2022 17:44:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
4.bp.blogspot.com/_zs_oQcvX5_0/TJZqyUgqmQI/AAAAAAAAEyU/4DmuLXh11Lk/w72-h72-p-k-no-nu/foglie+autunno.jpg
142.250.74.161200 OK 4.2 kB URL HTTP/1.1 4.bp.blogspot.com/_zs_oQcvX5_0/TJZqyUgqmQI/AAAAAAAAEyU/4DmuLXh11Lk/w72-h72-p-k-no-nu/foglie+autunno.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d37002b5900e87d8a158164a070135ef
f3de1cf988a546f85206ad0415bfca9b03ed8791
a015f81ab3c146a9c785eb2c22d9be34959319a0f3fdb206567e65824533dba6
GET /_zs_oQcvX5_0/TJZqyUgqmQI/AAAAAAAAEyU/4DmuLXh11Lk/w72-h72-p-k-no-nu/foglie+autunno.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="foglie autunno.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4209
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Sat, 17 Sep 2022 13:41:29 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1325"
Content-Type: image/jpeg
Age: 0
www.paypalobjects.com/it_IT/IT/i/btn/btn_donate_LG.gif
151.101.86.133200 OK 1.5 kB URL HTTP/2 www.paypalobjects.com/it_IT/IT/i/btn/btn_donate_LG.gif
IP 151.101.86.133:0
File type GIF image data, version 89a, 110 x 26\012- data
Hash 33254395575faae58adc9222391b12f0
8547c03861e3be9c4e1078c19c493066775913ac
05d93aea266306504ff3778c5693019ce85a77d49f9409ef7b4e17df73bd1c81
GET /it_IT/IT/i/btn/btn_donate_LG.gif HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/gif
dc: ccg11-origin-www-1.paypal.com
etag: "hZ4Y4axlXaLp2daZnfHYwMqnhZijf4R/YLTh9TpFff8"
fastly-io-info: ifsz=1530 idim=110x26 ifmt=gif ofsz=1529 odim=110x26 ofmt=gif
fastly-stats: io=1
paypal-debug-id: f42c969a9aa94
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000f42c969a9aa94-a1b19871002c3c37-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 19:03:36 GMT
x-served-by: cache-sjc10052-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663787017.657153,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1529
X-Firefox-Spdy: h2
3.bp.blogspot.com/_zs_oQcvX5_0/So18ppsNxpI/AAAAAAAAD2g/_rBBvGBwpzI/w72-h72-p-k-no-nu/back_to_school.gif
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 3.bp.blogspot.com/_zs_oQcvX5_0/So18ppsNxpI/AAAAAAAAD2g/_rBBvGBwpzI/w72-h72-p-k-no-nu/back_to_school.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 72 x 72\012- data
Hash 708ed7dbdd6b59372555bc178b1b4cd2
313f07f2b029cb1df43156601cbc8b47b13e9dde
0c79b01bda5927af884eec86ff536bef44d4531c218c954b9ca0a7bab8c274b0
GET /_zs_oQcvX5_0/So18ppsNxpI/AAAAAAAAD2g/_rBBvGBwpzI/w72-h72-p-k-no-nu/back_to_school.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="back_to_school.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4132
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Mon, 12 Sep 2022 17:09:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3727"
Content-Type: image/gif
Age: 0
3.bp.blogspot.com/-WPXraumJGTM/UDvDG5lOcmI/AAAAAAAAH3w/M4bSL285Uzc/w72-h72-p-k-no-nu/circulo_r.png
142.250.74.161200 OK 9.6 kB URL HTTP/1.1 3.bp.blogspot.com/-WPXraumJGTM/UDvDG5lOcmI/AAAAAAAAH3w/M4bSL285Uzc/w72-h72-p-k-no-nu/circulo_r.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aee7fb6fafd053df9a78da1317c99a9c
436528e80208e08a5dc4fb101c2b788739b5c42b
ebb273f26e316c3d744bd070bf815bb45783d7e2332a2a349cb7273f07f930d4
GET /-WPXraumJGTM/UDvDG5lOcmI/AAAAAAAAH3w/M4bSL285Uzc/w72-h72-p-k-no-nu/circulo_r.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="circulo_r.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9604
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Mon, 12 Sep 2022 17:09:51 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1f7c"
Content-Type: image/png
Age: 0
1.bp.blogspot.com/-4SImZSsiiy8/VuQpPCJOGiI/AAAAAAAARpc/RP5KOlB8r-snbMWGH38HZJwKbxyj7Vgdw/s1600-r/regeni_striscione.png
142.250.74.161200 OK 9.7 kB URL HTTP/1.1 1.bp.blogspot.com/-4SImZSsiiy8/VuQpPCJOGiI/AAAAAAAARpc/RP5KOlB8r-snbMWGH38HZJwKbxyj7Vgdw/s1600-r/regeni_striscione.png
IP 142.250.74.161:0
File type PNG image data, 895 x 89, 8-bit/color RGB, non-interlaced\012- data
Hash 611d6d7f5e0d1fc1bbe1cac7046f7282
d055ef2a8c09079314140f4e995c75a128e1b4b8
784bfc596a006767e034c49bcd261f3d9f72fa7bfff5581e07d3f038456dcca4
GET /-4SImZSsiiy8/VuQpPCJOGiI/AAAAAAAARpc/RP5KOlB8r-snbMWGH38HZJwKbxyj7Vgdw/s1600-r/regeni_striscione.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="regeni_striscione.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9664
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 19:03:36 GMT
Expires: Mon, 12 Sep 2022 17:09:52 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4698"
Content-Type: image/png
Age: 0
i.creativecommons.org/l/by-nc-sa/3.0/88x31.png
104.20.150.16301 Moved Permanently 155 B URL HTTP/1.1 i.creativecommons.org/l/by-nc-sa/3.0/88x31.png
IP 104.20.150.16:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 42c394b8f0152b372537ace9acc3f7bb
1219c55c4e3ea109c473aab65deb81f09a0fe0a6
6aaad3365c30c4f8d2504e569527e588d33eeae66dd7045bcfeef7413820db2a
GET /l/by-nc-sa/3.0/88x31.png HTTP/1.1
Host: i.creativecommons.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 19:03:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://licensebuttons.net/l/by-nc-sa/3.0/88x31.png
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=432000
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e50fd53e9a0b69-OSL
www.paypal.com/it_IT/i/scr/pixel.gif
151.101.193.21301 Moved Permanently 0 B URL HTTP/2 www.paypal.com/it_IT/i/scr/pixel.gif
IP 151.101.193.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /it_IT/i/scr/pixel.gif HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
cache-control: max-age=0, no-cache, no-store, must-revalidate
location: https://www.paypalobjects.com/it_IT/i/scr/pixel.gif
paypal-debug-id: f117925fa37ef
set-cookie: ts=vreXpYrS%3D1758481416%26vteXpYrS%3D1663788816%26vr%3D616f221f1830a7a09319926bff46fee3%26vt%3D616f221f1830a7a09319926bff46fee2%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sat, 20 Sep 2025 19:03:36 GMT; HttpOnly; Secure
ts_c=vr%3D616f221f1830a7a09319926bff46fee3%26vt%3D616f221f1830a7a09319926bff46fee2; Path=/; Domain=paypal.com; Expires=Sat, 20 Sep 2025 19:03:36 GMT; Secure
traceparent: 00-0000000000000000000f117925fa37ef-cdd454051c248499-01
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Sep 2022 19:03:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4021-HHN, cache-bma1641-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663787017.644900,VS0,VE167
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash a9692f2c401e07c19b74125b5755283b
475d9ac08d7f43daa0919871a7e5b6e8d94519bd
aa6a9de10d5301b08cc263402e3f349f11eba70c409f7d996dce8936a61cd6a9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 19:03:36 GMT
Last-Modified: Wed, 21 Sep 2022 18:25:18 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WNU484OvhQhKu3-Tr80kE5H-kZHzf52JJpFNcuPYQCzFxcvbULeIbA==
Age: 2298
www.paypalobjects.com/it_IT/i/scr/pixel.gif
151.101.86.133200 OK 42 B URL HTTP/2 www.paypalobjects.com/it_IT/i/scr/pixel.gif
IP 151.101.86.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash edea81b5233a30f7357cb50884370e4a
51a5c1a9d7328dd1651e0b9c98771c16f8c9d833
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
GET /it_IT/i/scr/pixel.gif HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/gif
dc: ccg11-origin-www-1.paypal.com
etag: "XqeAvgAls6yaIr4nLvLFVSb3QnBpvPTRuS8uk7FBjSc"
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
fastly-stats: io=1
paypal-debug-id: 39daa438c92b
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000039daa438c92b-febb3e46d1dbd2ef-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 19:03:36 GMT
x-served-by: cache-sjc10030-SJC, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663787017.896024,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 42
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38450f62765ad298dbe3d48acf0eb5b3
ff02e43e0fcd5e713eb3e54e85787ba6b9d78f20
95b369230e79573ceda0fba268aafdf35234b99e25949cc2b88d463e41311fc4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "95B369230E79573CEDA0FBA268AAFDF35234B99E25949CC2B88D463E41311FC4"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5539
Expires: Wed, 21 Sep 2022 20:35:55 GMT
Date: Wed, 21 Sep 2022 19:03:36 GMT
Connection: keep-alive
licensebuttons.net/l/by-nc-sa/3.0/88x31.png
104.22.10.121200 OK 1.7 kB URL HTTP/2 licensebuttons.net/l/by-nc-sa/3.0/88x31.png
IP 104.22.10.121:0
File type PNG image data, 88 x 31, 8-bit colormap, non-interlaced\012- data
Hash 44c7d2e043428bc130a424d81c2caebc
7051e470f21a5ffaacd91435e622cbb2e1382765
38550300c2a8f6cdfb160a5fd170f634447b2e9e07447338299ca269a6c18e71
GET /l/by-nc-sa/3.0/88x31.png HTTP/1.1
Host: licensebuttons.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:03:36 GMT
content-type: image/png
content-length: 1672
cf-bgj: imgq:100,h2pri
cf-polished: origSize=5460
etag: "5eab4a31-1554"
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
cache-control: max-age=432000
cf-cache-status: HIT
age: 2738
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e50fd7cd9eb512-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400
142.250.74.10200 OK 58 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400
IP 142.250.74.10:0
File type ASCII text, with very long lines (580)
Hash fdfed34c2db33fd443be5c396daa05e1
9f35f4e5efeffb128c36b5a8436100f523359574
f26904fcfb62a1da0db06fa162576d3831e99161c49a8861772d6449f62339f2
GET /css?family=Montserrat:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 19:03:36 GMT
date: Wed, 21 Sep 2022 19:03:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
follow.it/static/img/colored-logo.svg
104.26.1.52200 OK 12 kB URL HTTP/2 follow.it/static/img/colored-logo.svg
IP 104.26.1.52:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3885), with no line terminators
Hash 83a0a3cdde4cfda57f9342297d3cb926
1c8563a33907c9ef42ecbbe43038f5f90b17d3cd
6c343043bdaecdc0a6ab9d2a51590c0308f10699984c42e8ae5032d768fbbca4
GET /static/img/colored-logo.svg HTTP/1.1
Host: follow.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:03:36 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Sep 2022 15:26:45 GMT
etag: W/"63288a35-f2d"
x-frame-options: DENY
content-security-policy: frame-ancestors 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=600; includeSubdomains;
cache-control: max-age=14400
cf-cache-status: HIT
age: 4914
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qy%2BM6tzQ8c3Su8ieLgWRy71K4DjQPob%2FwymYOcntEfKbuMNB%2Bqi2HEHj9ybU5Nbvif7XOfNla5Z45NvrP0gUfPpyvy8kUiyEQ5NGOK%2BXUqLnsrY9VYefBJdwiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e50fd46d410b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
142.250.74.174200 OK 44 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
Hash 6de4a86ffd4301ecd75c1ace62014715
28413d0677eb4f7766d8c15ca77935faf28bf4fb
6737c587c79c728fb9d4583d779def332e06ff6c7de6da019bfac8d0b36a39bd
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Wed, 21 Sep 2022 17:04:57 GMT
Expires: Wed, 21 Sep 2022 19:04:57 GMT
Cache-Control: public, max-age=7200
Age: 7119
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT
Content-Type: text/javascript
fonts.googleapis.com/css?family=Montserrat:800
142.250.74.10200 OK 566 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:800
IP 142.250.74.10:0
Hash 0f9f37048a2fe898d38a8741392ed384
78e6044913dc5b1610b585f838963ad941e46285
8e5988c56e92081dbf14d2a10e644eb3cfd169dd68e0877ff9cd15311dd91ee7
GET /css?family=Montserrat:800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 19:03:36 GMT
date: Wed, 21 Sep 2022 19:03:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0GkrvjFMUF6mjDQiAcnxIkKV6V85-VHWtH6H0hiL4009YGZPAZii42FID-xSNcxgviJ4vAAFNavYbVBYobDojI7OOawMDr5WkeQ7Jnz-94K4pdkQ=w72-h72-n-k-no-nu
142.250.74.1200 OK 2.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0GkrvjFMUF6mjDQiAcnxIkKV6V85-VHWtH6H0hiL4009YGZPAZii42FID-xSNcxgviJ4vAAFNavYbVBYobDojI7OOawMDr5WkeQ7Jnz-94K4pdkQ=w72-h72-n-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash c760f2c7e011728cd4eef2d8d14ffdd0
14302215607858e7bc083ccb0e1fb28c567604b5
db85850130839b85a8382ac2dcb21ae01ef0de401efe78ef27c83673ad17fddc
GET /blogger_img_proxy/ANbyha0GkrvjFMUF6mjDQiAcnxIkKV6V85-VHWtH6H0hiL4009YGZPAZii42FID-xSNcxgviJ4vAAFNavYbVBYobDojI7OOawMDr5WkeQ7Jnz-94K4pdkQ=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 2635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1072142468&utmhn=www.ciaomaestra.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ciao%20Bambini!%20Ciao%20Maestra!&utmhid=464618398&utmr=-&utmp=%2F&utmht=1663787016896&utmac=UA-2798762-1&utmcc=__utma%3D258706072.1519131480.1663787017.1663787017.1663787017.1%3B%2B__utmz%3D258706072.1663787017.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=241116216&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174302 Found 369 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1072142468&utmhn=www.ciaomaestra.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ciao%20Bambini!%20Ciao%20Maestra!&utmhid=464618398&utmr=-&utmp=%2F&utmht=1663787016896&utmac=UA-2798762-1&utmcc=__utma%3D258706072.1519131480.1663787017.1663787017.1663787017.1%3B%2B__utmz%3D258706072.1663787017.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=241116216&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4bbc4e8c44d9a738cd9a9615b919b8d3
4e4777e4587986d4ea54e77b8f06269a5be20f43
aba6d43fd26a069e4986585f81d27acb0ea99caf8a73a5ea6e18c5c6aee91406
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1072142468&utmhn=www.ciaomaestra.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ciao%20Bambini!%20Ciao%20Maestra!&utmhid=464618398&utmr=-&utmp=%2F&utmht=1663787016896&utmac=UA-2798762-1&utmcc=__utma%3D258706072.1519131480.1663787017.1663787017.1663787017.1%3B%2B__utmz%3D258706072.1663787017.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=241116216&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468
Access-Control-Allow-Origin: *
Date: Wed, 21 Sep 2022 19:03:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 369
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3581631127875477
142.250.74.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3581631127875477
IP 142.250.74.2:0
File type ASCII text, with very long lines (2903)
Hash de5972e9a5ce44122fd2985b5d54d556
62924ec560c63911dce08b71116e4b89f0dc2197
37171424636e7190f97bf03206d653921fecbeaacbf62ead8c70a924328bec05
GET /pagead/js/adsbygoogle.js?client=ca-pub-3581631127875477 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.ciaomaestra.com
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 21 Sep 2022 19:03:37 GMT
expires: Wed, 21 Sep 2022 19:03:37 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14364489917548591792
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ciaomaestra.it/images/favicon_cb.ico
31.11.32.168301 Moved Permanently 170 B URL HTTP/1.1 ciaomaestra.it/images/favicon_cb.ico
IP 31.11.32.168:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cee64c9acbdefed3c48379b1163f9793
ea9936e07ed2ae03c98d3a845f9370171144da20
9724eacebaf35d58a15a0d90b1298d2ffa8e49ebdf843738cae2c9a09f807969
GET /images/favicon_cb.ico HTTP/1.1
Host: ciaomaestra.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: http://www.ciaomaestra.it/images/favicon_cb.ico
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Wed, 21 Sep 2022 19:03:36 GMT
Content-Length: 170
ws-eu.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
52.95.118.186200 200 14 kB URL HTTP/1.1 ws-eu.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7
IP 52.95.118.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5870)
Hash b90cec1c78300d53f4208e0279ab16f4
f4f0a6be1055890005f737ab97e3ba741bdc8592
8362d8dabf4a76226617416b389a7cfbbb4b01e05a21bfecc3e0f320c841baf0
GET /widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=ciaobambin-21&language=it_IT&o=29&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=8866991260&linkId=2df366914d0bd73f41aedf0f8ca838e7 HTTP/1.1
Host: ws-eu.assoc-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 200
Date: Wed, 21 Sep 2022 19:03:36 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
charset: UTF-8
Access-Control-Allow-Origin: *
Content-Length: 14465
Vary: User-Agent
Connection: close
Content-Type: text/html;charset=UTF-8
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468
142.251.1.154302 Found 367 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468
IP 142.251.1.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 12323eb3fd7154ecebdbb4e0ad17c0fd
18d883c6853f75d9a3c3ea3bb0d33aab19d421d9
aea517d34cba5e0ddee98679ea34b187456866c9b386d72ef6668bc5bd729a3d
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 19:03:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ciaomaestra.com/?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY71rtSOR8vE7bbvKOSZeqnewXVTiQ%3A1663787015677
216.239.32.21200 OK 763 B URL HTTP/1.1 www.ciaomaestra.com/?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY71rtSOR8vE7bbvKOSZeqnewXVTiQ%3A1663787015677
IP 216.239.32.21:0
File type ASCII text, with very long lines (1686)
Hash 77a66ee4fbed4496701fb10a0c4899f1
59a138d60ead106738726392a019ddefb028d3fd
5472a58bcf1ff5a382ab995b6767a5a94728d3c52be879034ab53465cb8b9390
GET /?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY71rtSOR8vE7bbvKOSZeqnewXVTiQ%3A1663787015677 HTTP/1.1
Host: www.ciaomaestra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Cookie: sc_is_visitor_unique=rx1314341.1663787016.EE46531872AD4F90F8B8C194F3D9817C.1.1.1.1.1.1.1.1.1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Expires: Wed, 21 Sep 2022 19:03:37 GMT
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 21 Sep 2022 12:37:50 GMT
ETag: "37320258-786c-41b2-8354-bfab94ae2e02"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 763
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 19:03:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 19:03:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 19:03:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 75234
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ciaomaestra.com/?action=getFeed&widgetId=Feed2&widgetType=Feed&responseType=js&xssi_token=AOuZoY71rtSOR8vE7bbvKOSZeqnewXVTiQ%3A1663787015677
216.239.32.21200 OK 813 B URL HTTP/1.1 www.ciaomaestra.com/?action=getFeed&widgetId=Feed2&widgetType=Feed&responseType=js&xssi_token=AOuZoY71rtSOR8vE7bbvKOSZeqnewXVTiQ%3A1663787015677
IP 216.239.32.21:0
File type ASCII text, with very long lines (1763)
Hash afa0df550d2088e78fdf03ab14518987
bdc8da9102842777b544ad6625a20bce407a92c6
e79ea01d329b272dc8bf9fd0537c7a6aa1d5a34d9c61a958caa9562cc417bcdd
GET /?action=getFeed&widgetId=Feed2&widgetType=Feed&responseType=js&xssi_token=AOuZoY71rtSOR8vE7bbvKOSZeqnewXVTiQ%3A1663787015677 HTTP/1.1
Host: www.ciaomaestra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Cookie: sc_is_visitor_unique=rx1314341.1663787016.EE46531872AD4F90F8B8C194F3D9817C.1.1.1.1.1.1.1.1.1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Expires: Wed, 21 Sep 2022 19:03:37 GMT
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 21 Sep 2022 12:37:50 GMT
ETag: "37320258-786c-41b2-8354-bfab94ae2e02"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 813
Server: GSE
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 267173c6b4e4e6ae4a84dc08df92f82f
4183102af1963e1edb3aa572c43aeda7d855e9f5
20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rUeMyRv1DxHKmRAc4s-8GkQELQtAO-_lKHB2tjRYSQUSBMJMmDAZcQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 76048
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:08:27 GMT
age: 24910
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: d9bd4ac9-5032-45d5-9689-c5c3347912d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuFz4oAMFZug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-6fb7d6a52eecab471f67d9a9;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sfGk3C3HLGDYDSXw1d4R7wPRsGdHNKD31chUVzQ8KYBRnsIL0aOW1g==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:17 GMT
age: 76940
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 76819
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eff7103898a5102e685ce6741cdf19f8
3371965b4417ee0b74a3a5094adfc1632d4849b1
c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 76953
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEin2g8-nYFqyAqXcoI63ZEuEGPS_d5-LRlasYItENWZldwfAKYnOqdiWcxx8DRKOz6fSktpYcLLDdnMY2wcY6JoCbjRx1TAsZeaRWIusvOOEC8BGspN0y_DmZG82PHKmiAsbVOx9PlISqWuu0XffMk6vSFxBnxUuWtdN3nkvuu5o0OGbziPdQ/w400-h258/scratch01_1.JPG
142.250.74.1200 OK 56 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEin2g8-nYFqyAqXcoI63ZEuEGPS_d5-LRlasYItENWZldwfAKYnOqdiWcxx8DRKOz6fSktpYcLLDdnMY2wcY6JoCbjRx1TAsZeaRWIusvOOEC8BGspN0y_DmZG82PHKmiAsbVOx9PlISqWuu0XffMk6vSFxBnxUuWtdN3nkvuu5o0OGbziPdQ/w400-h258/scratch01_1.JPG
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 400x258, components 3\012- data
Hash b78b3186b3d8f793b354ea5c06b538c5
0d72d9e622043bdb903e0025bca8e96ca820231f
c63842ad009d55cdf99b057ad847b04633d5e7ea6efb38046372130988ba6aab
GET /img/b/R29vZ2xl/AVvXsEin2g8-nYFqyAqXcoI63ZEuEGPS_d5-LRlasYItENWZldwfAKYnOqdiWcxx8DRKOz6fSktpYcLLDdnMY2wcY6JoCbjRx1TAsZeaRWIusvOOEC8BGspN0y_DmZG82PHKmiAsbVOx9PlISqWuu0XffMk6vSFxBnxUuWtdN3nkvuu5o0OGbziPdQ/w400-h258/scratch01_1.JPG HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb48"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="scratch01_1.JPG"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 55993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:04 GMT
expires: Wed, 21 Sep 2022 19:18:04 GMT
cache-control: public, max-age=900
age: 33
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpm54mUK7CwiUAm9i4Yx0F9JqRKXluRhXC7gbw35ATdwjvvjODAg5hXVxayfObkt5JFk0HpjIWiqR9eMGGdv7o4Qdyv9sN6ni_VBoiJCAPKeGHYw2S5_YJ7Tg5lmGy3ELQUbivlsDUaUBW034JN9mtbt7jPlOM2qAuaYMh9Li0baeA-r4FXw/w223-h400/tiktok02.JPG
142.250.74.1200 OK 37 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpm54mUK7CwiUAm9i4Yx0F9JqRKXluRhXC7gbw35ATdwjvvjODAg5hXVxayfObkt5JFk0HpjIWiqR9eMGGdv7o4Qdyv9sN6ni_VBoiJCAPKeGHYw2S5_YJ7Tg5lmGy3ELQUbivlsDUaUBW034JN9mtbt7jPlOM2qAuaYMh9Li0baeA-r4FXw/w223-h400/tiktok02.JPG
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 223x400, components 3\012- data
Hash 1794ac4209e55619f0a4ee96aa335dba
0df07598cfd5b36166aa7e7db7617305a1a0e778
51c077471752303fd574e283979001d2f59a2fbf3cd0ae990f049366e9c19e32
GET /img/b/R29vZ2xl/AVvXsEgpm54mUK7CwiUAm9i4Yx0F9JqRKXluRhXC7gbw35ATdwjvvjODAg5hXVxayfObkt5JFk0HpjIWiqR9eMGGdv7o4Qdyv9sN6ni_VBoiJCAPKeGHYw2S5_YJ7Tg5lmGy3ELQUbivlsDUaUBW034JN9mtbt7jPlOM2qAuaYMh9Li0baeA-r4FXw/w223-h400/tiktok02.JPG HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb4a"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tiktok02.JPG"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 36593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220915/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Tue, 20 Sep 2022 20:13:56 GMT
expires: Tue, 04 Oct 2022 20:13:56 GMT
cache-control: public, max-age=1209600
age: 82181
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8VgQGx5Z7oP92ygkAqryenaJviPk_EfV8yDBtR3CMht3oPAVeoBfch82iMERHF1N5932wL2TIuDEHW4W_Dr0-QcEKvX37GYy_rRkv6BQ19VYA4MdA-39gNQGONvmrwZsaqF55pGT6rPMOU4Z7OmjmA6JzCfy97y8w5WtF8GYlKClO02HPBA/w400-h259/scratch03.JPG
142.250.74.1200 OK 38 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8VgQGx5Z7oP92ygkAqryenaJviPk_EfV8yDBtR3CMht3oPAVeoBfch82iMERHF1N5932wL2TIuDEHW4W_Dr0-QcEKvX37GYy_rRkv6BQ19VYA4MdA-39gNQGONvmrwZsaqF55pGT6rPMOU4Z7OmjmA6JzCfy97y8w5WtF8GYlKClO02HPBA/w400-h259/scratch03.JPG
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 400x259, components 3\012- data
Hash 1ce0e4ba3eb52c3d0efa0f61a9c76df4
c8eeb48328d6021a836bca5d4bc65bdc60c609f2
dfde949fda103a7f9ec056a94e4f795885e4c829816890451649d0fd193289a7
GET /img/b/R29vZ2xl/AVvXsEj8VgQGx5Z7oP92ygkAqryenaJviPk_EfV8yDBtR3CMht3oPAVeoBfch82iMERHF1N5932wL2TIuDEHW4W_Dr0-QcEKvX37GYy_rRkv6BQ19VYA4MdA-39gNQGONvmrwZsaqF55pGT6rPMOU4Z7OmjmA6JzCfy97y8w5WtF8GYlKClO02HPBA/w400-h259/scratch03.JPG HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb44"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="scratch03.JPG"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 38512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh42oG8UCPfClfCousx-OPYcVj5eGAVSAozQtjAKF0R2A2nqaIFsoK8d7sjA6mpOD0KHc44mI60Se0QI03K1t9iW93oDsLD8kxY3YLRw26wNnPYr49ly5NOdItfZbPaWpq6OSJ_-B_x35LCkvLHI6-xzzZU4uZdW6_6fOgq7DtUFJvnbq0-UA/w400-h259/scratch02.JPG
142.250.74.1200 OK 48 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh42oG8UCPfClfCousx-OPYcVj5eGAVSAozQtjAKF0R2A2nqaIFsoK8d7sjA6mpOD0KHc44mI60Se0QI03K1t9iW93oDsLD8kxY3YLRw26wNnPYr49ly5NOdItfZbPaWpq6OSJ_-B_x35LCkvLHI6-xzzZU4uZdW6_6fOgq7DtUFJvnbq0-UA/w400-h259/scratch02.JPG
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 400x259, components 3\012- data
Hash 84d8305879b6b5e9a6c1cb888defa9be
45625c7008ae7409bc937b0a6a9704f92148ba7f
f82e6f1f8e776d84ce692cd167b6358dc18b0a108bfb25aa0c79aae7e1a92543
GET /img/b/R29vZ2xl/AVvXsEh42oG8UCPfClfCousx-OPYcVj5eGAVSAozQtjAKF0R2A2nqaIFsoK8d7sjA6mpOD0KHc44mI60Se0QI03K1t9iW93oDsLD8kxY3YLRw26wNnPYr49ly5NOdItfZbPaWpq6OSJ_-B_x35LCkvLHI6-xzzZU4uZdW6_6fOgq7DtUFJvnbq0-UA/w400-h259/scratch02.JPG HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb46"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="scratch02.JPG"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 48302
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Sep 2022 19:03:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLnd04Kk14-hrrtDYAelX5HMP5ek9ImXd_tmjq3GRzfT-2eb1DZVcTV2Ulpf533UCEj4fWZjZjwPgL_VcPFEXZOdTN-wCyM39g4APKRsWpTO-QbVbCaJNX8lfHEnx_QPGh-4eHsTC0yu5AJo4Cu9nqYUayMEQPa7tmlJtOB_UO3vWeZ95fbQ/w640-h640/5f04db120e9b075b32a684f4.jpg
142.250.74.1200 OK 277 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLnd04Kk14-hrrtDYAelX5HMP5ek9ImXd_tmjq3GRzfT-2eb1DZVcTV2Ulpf533UCEj4fWZjZjwPgL_VcPFEXZOdTN-wCyM39g4APKRsWpTO-QbVbCaJNX8lfHEnx_QPGh-4eHsTC0yu5AJo4Cu9nqYUayMEQPa7tmlJtOB_UO3vWeZ95fbQ/w640-h640/5f04db120e9b075b32a684f4.jpg
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x640, components 3\012- data
Size 277 kB (276976 bytes)
Hash 7cd5ce207295a9ad8b2e25205f340f3e
fce3149d4923c1d648f304b29b20cdde7f60db93
5a0e9ff5b40bd14ddcdff4770597719c5fc0385954e5d048a3f8a79dce508515
GET /img/b/R29vZ2xl/AVvXsEhLnd04Kk14-hrrtDYAelX5HMP5ek9ImXd_tmjq3GRzfT-2eb1DZVcTV2Ulpf533UCEj4fWZjZjwPgL_VcPFEXZOdTN-wCyM39g4APKRsWpTO-QbVbCaJNX8lfHEnx_QPGh-4eHsTC0yu5AJo4Cu9nqYUayMEQPa7tmlJtOB_UO3vWeZ95fbQ/w640-h640/5f04db120e9b075b32a684f4.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb4e"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="5f04db120e9b075b32a684f4.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 276976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXNZD6-9Moimm4c9r15K91dZjB8FfFLCdTKDvmMPPfKjBSmjcRbc4NOXFLefxmQt_qtehGM_hFa6ENmeI88TVS0XzfTZOAEynyRbEa3bW9Bpj8QrPT8A_EqpNO2asrczkqMPyuw38Cmioq8fbPHqSH3QFvbV18_C9Q-73N3wovE04gpLQ_4hg/w72-h72-p-k-no-nu/1_U1MgLSA3MjIwMTIgLSAwMDE3LmpwZw.jpg
142.250.74.1200 OK 4.9 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXNZD6-9Moimm4c9r15K91dZjB8FfFLCdTKDvmMPPfKjBSmjcRbc4NOXFLefxmQt_qtehGM_hFa6ENmeI88TVS0XzfTZOAEynyRbEa3bW9Bpj8QrPT8A_EqpNO2asrczkqMPyuw38Cmioq8fbPHqSH3QFvbV18_C9Q-73N3wovE04gpLQ_4hg/w72-h72-p-k-no-nu/1_U1MgLSA3MjIwMTIgLSAwMDE3LmpwZw.jpg
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=vector illustration of kid reading open book sitting on floor, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 02532efae58f2b5710a350dda1d63b24
8d7a53b740f302a7d1d07377cb4dfa1de0fe573f
3fe924fdd180499fdc97b983188b04be60493871fb011c4ecf73c56bb88eba1b
GET /img/b/R29vZ2xl/AVvXsEiXNZD6-9Moimm4c9r15K91dZjB8FfFLCdTKDvmMPPfKjBSmjcRbc4NOXFLefxmQt_qtehGM_hFa6ENmeI88TVS0XzfTZOAEynyRbEa3bW9Bpj8QrPT8A_EqpNO2asrczkqMPyuw38Cmioq8fbPHqSH3QFvbV18_C9Q-73N3wovE04gpLQ_4hg/w72-h72-p-k-no-nu/1_U1MgLSA3MjIwMTIgLSAwMDE3LmpwZw.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v581c"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1_U1MgLSA3MjIwMTIgLSAwMDE3LmpwZw.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 4915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Sep 2022 19:03:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/a/AVvXsEgUXnhpXBH4YNrb0cSqGopBUKBT1F3xuomeXIgNRmrM4SweCAHgQrxa8GXpyrrTeOFuxtuNEpLB-ouJiJJ7qbKWlsfrnh_3R-OTaQekl4-D6fxnK4sArUHM0_S08b2cnMN49-1eFKLVpuN8BGL4wrY_gSwIE9jDW4YH2OjmOeuT7sGYKRpaAA=s221
142.250.74.1200 OK 22 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgUXnhpXBH4YNrb0cSqGopBUKBT1F3xuomeXIgNRmrM4SweCAHgQrxa8GXpyrrTeOFuxtuNEpLB-ouJiJJ7qbKWlsfrnh_3R-OTaQekl4-D6fxnK4sArUHM0_S08b2cnMN49-1eFKLVpuN8BGL4wrY_gSwIE9jDW4YH2OjmOeuT7sGYKRpaAA=s221
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 221x155, components 3\012- data
Hash e3f7c682e11ae8dad822653e85b1b70f
7f3c0c5f9af44a1b648d46dcaffc662eab6196b4
6f576e277d4c7db3612ab2080a2d536c477ee98c7caf1d2b70e6c8658c2ee0cc
GET /img/a/AVvXsEgUXnhpXBH4YNrb0cSqGopBUKBT1F3xuomeXIgNRmrM4SweCAHgQrxa8GXpyrrTeOFuxtuNEpLB-ouJiJJ7qbKWlsfrnh_3R-OTaQekl4-D6fxnK4sArUHM0_S08b2cnMN49-1eFKLVpuN8BGL4wrY_gSwIE9jDW4YH2OjmOeuT7sGYKRpaAA=s221 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb50"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="greci_01+02.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 22410
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyFflAMFbef5Nh7cHSg-k5t_0568NKc5N6-OhGHlA_mox-hRetHi-yT5YloiYkky52FzVWwmTDhupFTX9RaxGAkO2ZeeuYXrqs-uV4GVVUpMCwTyaG7cj5G9EsVcL_TPEm0ifPdYfXJDHp0IaERSD0mLoJl5bVpKe7uc90WcqtJC6yvSwbF20/w72-h72-p-k-no-nu/school_cards_ready.jpg
142.250.74.1200 OK 5.8 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyFflAMFbef5Nh7cHSg-k5t_0568NKc5N6-OhGHlA_mox-hRetHi-yT5YloiYkky52FzVWwmTDhupFTX9RaxGAkO2ZeeuYXrqs-uV4GVVUpMCwTyaG7cj5G9EsVcL_TPEm0ifPdYfXJDHp0IaERSD0mLoJl5bVpKe7uc90WcqtJC6yvSwbF20/w72-h72-p-k-no-nu/school_cards_ready.jpg
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 675ad20ca6bdd070f0be0d63a2340358
7411436f3720425f2c4ce6071596c12d9c4a63da
d96aac2435dfa4f2d1845b4573925f72e520071afc56c23ccef222df22784743
GET /img/b/R29vZ2xl/AVvXsEgyFflAMFbef5Nh7cHSg-k5t_0568NKc5N6-OhGHlA_mox-hRetHi-yT5YloiYkky52FzVWwmTDhupFTX9RaxGAkO2ZeeuYXrqs-uV4GVVUpMCwTyaG7cj5G9EsVcL_TPEm0ifPdYfXJDHp0IaERSD0mLoJl5bVpKe7uc90WcqtJC6yvSwbF20/w72-h72-p-k-no-nu/school_cards_ready.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5805"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="school_cards_ready.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 5796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/a/AVvXsEgFRQpQtZvzxcuk8xk54Dajbxj7Cy3O69hin1eBILBfYUF6b9PkKHTXjPqcRuDo8_qx__26A1XfNR96D0LNFwuEwbslNxeu12aleEytwcmdpWbn5Aev5VWstfcgrw-lq1aeYsuyrPJ2VG865TsTJp15bbBf-nzheY2v80TQAoaIqAaq3gaia2E=s226
142.250.74.1200 OK 2.7 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgFRQpQtZvzxcuk8xk54Dajbxj7Cy3O69hin1eBILBfYUF6b9PkKHTXjPqcRuDo8_qx__26A1XfNR96D0LNFwuEwbslNxeu12aleEytwcmdpWbn5Aev5VWstfcgrw-lq1aeYsuyrPJ2VG865TsTJp15bbBf-nzheY2v80TQAoaIqAaq3gaia2E=s226
IP 142.250.74.1:0
File type PNG image data, 226 x 58, 8-bit/color RGB, non-interlaced\012- data
Hash fadc1ee9425edaae70a3f5dcbc252e29
f5673eaa6ab47968789dd049c53461faa92f8a4a
1e52f411bbab3fb11596ad0f0afed69d71c82afd12d15fe73f989b98ae7e2c14
GET /img/a/AVvXsEgFRQpQtZvzxcuk8xk54Dajbxj7Cy3O69hin1eBILBfYUF6b9PkKHTXjPqcRuDo8_qx__26A1XfNR96D0LNFwuEwbslNxeu12aleEytwcmdpWbn5Aev5VWstfcgrw-lq1aeYsuyrPJ2VG865TsTJp15bbBf-nzheY2v80TQAoaIqAaq3gaia2E=s226 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5803"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="deposit.PNG"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 2704
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36110)
Hash d348ea7c67cf70cc27add8ec15920c5f
46b2db74425f5c6c10c69831277b83c76c8c24b8
e9198b139add4e4683e04549366c63b57000c4e9d719c0e5820124d63d0fccff
GET /js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:09:26 GMT
expires: Thu, 21 Sep 2023 05:09:26 GMT
cache-control: public, max-age=31536000
age: 50051
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 19:03:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468&slf_rd=1&random=4122189486
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Sep 2022 19:03:37 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgR19AMcuuPPeIYH5iFJPX9KO6S8S2pgZ3LEFaO5nLcrQKN5760fUF8BAxP7YEil2RiUMGd3vFaX7po4d27G1EXqHoWm2v9PxJ20U4kInL_jPPszxGUZf02R79CARFn9Q1vdx010GYCigOX8cXBaXksanmPqAcP1RXh3Wkg0-mFe7MeBlbL_A/s320/tiktok01.JPG
142.250.74.1200 OK 27 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgR19AMcuuPPeIYH5iFJPX9KO6S8S2pgZ3LEFaO5nLcrQKN5760fUF8BAxP7YEil2RiUMGd3vFaX7po4d27G1EXqHoWm2v9PxJ20U4kInL_jPPszxGUZf02R79CARFn9Q1vdx010GYCigOX8cXBaXksanmPqAcP1RXh3Wkg0-mFe7MeBlbL_A/s320/tiktok01.JPG
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 217x320, components 3\012- data
Hash 742dc169bf81655140a8a09a1ce21b41
f2a8a54b03732219c0e0a1a2008c35aa4e0d50ff
20f36d31d1310642f01b24bc5967bba67ee3fe67a94bcff1844469a14901ab97
GET /img/b/R29vZ2xl/AVvXsEgR19AMcuuPPeIYH5iFJPX9KO6S8S2pgZ3LEFaO5nLcrQKN5760fUF8BAxP7YEil2RiUMGd3vFaX7po4d27G1EXqHoWm2v9PxJ20U4kInL_jPPszxGUZf02R79CARFn9Q1vdx010GYCigOX8cXBaXksanmPqAcP1RXh3Wkg0-mFe7MeBlbL_A/s320/tiktok01.JPG HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb4c"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tiktok01.JPG"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 27193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ciaomaestra.it/images/favicon_cb.ico
31.11.32.168200 OK 1.4 kB URL HTTP/1.1 www.ciaomaestra.it/images/favicon_cb.ico
IP 31.11.32.168:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash 4ff0518952ed05764bb0ba81df40cb0c
5ae607ada5d65c0b43ab7865871af1a2d4b1ec3c
2dcfada8c1e25b160a858f75e56c091ebd3af265fabe09b86c3e78f6225482fb
GET /images/favicon_cb.ico HTTP/1.1
Host: www.ciaomaestra.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 13 Oct 2009 18:57:46 GMT
Accept-Ranges: bytes
ETag: "0f116d374cca1:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Wed, 21 Sep 2022 19:03:36 GMT
Content-Length: 1406
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8n1bYArvcrz_XPrusHNpg0_DRHEMunh-U0qTywc2i728kZHZ67yS0rrCsSezKr8D_IYcU405vBymKk8c9GVSOXNnHAWwwOwr7z3kkxP_zzKiGnlaE21PHRvPgmSBCX6fuo9tyhLvtalQvv6Dp4RK1mNdu14s02fb7Nad524rPkl3VMcfb8lM/w640-h230/8_UGl4ZWwgQXJ0LiBQZXJzb24gLSAxMA.jpg
142.250.74.1200 OK 39 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8n1bYArvcrz_XPrusHNpg0_DRHEMunh-U0qTywc2i728kZHZ67yS0rrCsSezKr8D_IYcU405vBymKk8c9GVSOXNnHAWwwOwr7z3kkxP_zzKiGnlaE21PHRvPgmSBCX6fuo9tyhLvtalQvv6Dp4RK1mNdu14s02fb7Nad524rPkl3VMcfb8lM/w640-h230/8_UGl4ZWwgQXJ0LiBQZXJzb24gLSAxMA.jpg
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, description=Set of game characters in pixel-art style. Retro 8-bit or 16-bit. For your games, retro, business design. Detailed vector clip , software=Google], baseline, precision 8, 640x230, components 3\012- data
Hash 236c87049628a8e8325f6d050474075c
1ff753d7647e9cf29adf8d4078c04450ef4a2f95
dd7328d599b805b8fcb5c39444d388686ed10110827cd4e4fdf78239844f7fb3
GET /img/b/R29vZ2xl/AVvXsEi8n1bYArvcrz_XPrusHNpg0_DRHEMunh-U0qTywc2i728kZHZ67yS0rrCsSezKr8D_IYcU405vBymKk8c9GVSOXNnHAWwwOwr7z3kkxP_zzKiGnlaE21PHRvPgmSBCX6fuo9tyhLvtalQvv6Dp4RK1mNdu14s02fb7Nad524rPkl3VMcfb8lM/w640-h230/8_UGl4ZWwgQXJ0LiBQZXJzb24gLSAxMA.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v582f"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8_UGl4ZWwgQXJ0LiBQZXJzb24gLSAxMA.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 38805
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9cb4287a9a588184c831d3faa1ceec5b
2c3dc9b380e4b6b032ab2b3738d048df9605af15
e4e704247481211d7dd5b7c8047aed57c96b527f6bb1497fff81dcc8926e2feb
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:37 GMT
server: ESF
cache-control: private
content-length: 31118
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU3RuPv5B9M6PCGJknJIBauSzwj5HWxyfvSkhM0y2watcZC6Hw6rCB7FkC5hP9H16IGNf1ifNQhc9kuKj42VDpR-c0DlqXDK2DrCl3cN8MT0_3RNGrEQTY1AaJAaCu2DyG6tZgYzpVSLwGa45gVy2rU7eIKWH98w70HR6vtl_R63tJoxNIfg/w640-h462/Immagine%20005.jpg
142.250.74.1200 OK 59 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU3RuPv5B9M6PCGJknJIBauSzwj5HWxyfvSkhM0y2watcZC6Hw6rCB7FkC5hP9H16IGNf1ifNQhc9kuKj42VDpR-c0DlqXDK2DrCl3cN8MT0_3RNGrEQTY1AaJAaCu2DyG6tZgYzpVSLwGa45gVy2rU7eIKWH98w70HR6vtl_R63tJoxNIfg/w640-h462/Immagine%20005.jpg
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 320x231, components 3\012- data
Hash e96694b4c3438fd7a9a94db826acf2af
b7433f0a791faba8f118fac06b9decfbc940f8ec
c1e07ae398aacae4a8e3647bcac3db5dabd59cf2785c01f3c91db02e1c413791
GET /img/b/R29vZ2xl/AVvXsEiU3RuPv5B9M6PCGJknJIBauSzwj5HWxyfvSkhM0y2watcZC6Hw6rCB7FkC5hP9H16IGNf1ifNQhc9kuKj42VDpR-c0DlqXDK2DrCl3cN8MT0_3RNGrEQTY1AaJAaCu2DyG6tZgYzpVSLwGa45gVy2rU7eIKWH98w70HR6vtl_R63tJoxNIfg/w640-h462/Immagine%20005.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb36"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Immagine 005.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 59378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZCs2muVcMNSHvGxZUF1t9PaCJbGp6payOAb5u144IEvQVF5F_Qka4sAKIhick3aZSY1QGM8FxrYXGTPB6bMxatLUJN1elyHzaTTGLBzAst_JqtZblWdUXHZiku1dAEylYQAVhHFFJPK0pFLj-zxDfaMiOvriSuYIbBPFuxS1oKW34_-dcAQ/w390-h640/Cattura.JPG
142.250.74.1200 OK 35 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZCs2muVcMNSHvGxZUF1t9PaCJbGp6payOAb5u144IEvQVF5F_Qka4sAKIhick3aZSY1QGM8FxrYXGTPB6bMxatLUJN1elyHzaTTGLBzAst_JqtZblWdUXHZiku1dAEylYQAVhHFFJPK0pFLj-zxDfaMiOvriSuYIbBPFuxS1oKW34_-dcAQ/w390-h640/Cattura.JPG
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 262x429, components 3\012- data
Hash 58f189d93e76291a1319dae0fd115846
8e2a707170e80fb11ae9997b2948996c788d326c
910922bf2f19c1ca6b2c6fe2d2fa3c9c3ed89dbed5d9b671895cbd5669707a93
GET /img/b/R29vZ2xl/AVvXsEjZCs2muVcMNSHvGxZUF1t9PaCJbGp6payOAb5u144IEvQVF5F_Qka4sAKIhick3aZSY1QGM8FxrYXGTPB6bMxatLUJN1elyHzaTTGLBzAst_JqtZblWdUXHZiku1dAEylYQAVhHFFJPK0pFLj-zxDfaMiOvriSuYIbBPFuxS1oKW34_-dcAQ/w390-h640/Cattura.JPG HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb34"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Cattura.JPG"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 35075
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 682477608532cf0f939b82148a7d996c
53f5564723f8ca88bf990fb2e4de8ffd8000c96f
4f89314a758da9c42d7ab1c97f8794e3c10ed59112f6bad7f02f8b63fc24a3a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrOBY3ymU3ruC2pxhQTzrB229RKDEm6MwaIKWXqmihgN9xrWGx0HNkZVjDQ2cyEC8WmOFNnf1_1-nziPAA-kG5DlWjyBQjQ7J9oTCRqfh0XKTiygrv2WxXPbCfjN-uGtwoKdCfqTB89N-JGAEB52sfoS83sRjTmD1HnUefBR21HiJDP5XcS0U/s1600/14.png
142.250.74.1200 OK 5.6 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrOBY3ymU3ruC2pxhQTzrB229RKDEm6MwaIKWXqmihgN9xrWGx0HNkZVjDQ2cyEC8WmOFNnf1_1-nziPAA-kG5DlWjyBQjQ7J9oTCRqfh0XKTiygrv2WxXPbCfjN-uGtwoKdCfqTB89N-JGAEB52sfoS83sRjTmD1HnUefBR21HiJDP5XcS0U/s1600/14.png
IP 142.250.74.1:0
File type PNG image data, 275 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 2fab03bbec04664a197c3ab763145435
6f4faef207f95017dc843219b78b7bc389c05055
ea527cbffc597c70e8392b031c4466dd857eb07f418cef66a9a79434ee2115f1
GET /img/b/R29vZ2xl/AVvXsEgrOBY3ymU3ruC2pxhQTzrB229RKDEm6MwaIKWXqmihgN9xrWGx0HNkZVjDQ2cyEC8WmOFNnf1_1-nziPAA-kG5DlWjyBQjQ7J9oTCRqfh0XKTiygrv2WxXPbCfjN-uGtwoKdCfqTB89N-JGAEB52sfoS83sRjTmD1HnUefBR21HiJDP5XcS0U/s1600/14.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5812"
expires: Thu, 22 Sep 2022 19:03:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="14.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 19:03:37 GMT
server: fife
content-length: 5616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51ca5853da6ab1b45b9b9d8425056853
b912e4d1ee63203030fa6efd1a77b5f02f4f86e0
a5dd1386ea0a4adc2678a71557841daec7a91a80330c7cf3dc845963c4addd3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 6dc2ed662389c2ecf2abbf864303723a
753e713262b83c156b70ed9d5df138f13faab7e0
ce4389e283838fa8afd257df36e9cb3f4b1845748df9d2c15dd979c08d814693
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:37 GMT
server: ESF
cache-control: private
content-length: 30860
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.ciaomaestra.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.ciaomaestra.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.ciaomaestra.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:37 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.ciaomaestra.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.ciaomaestra.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.ciaomaestra.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:37 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www.ciaomaestra.com&callback=_gfp_s_&client=ca-pub-3581631127875477
172.217.21.162200 OK 203 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.ciaomaestra.com&callback=_gfp_s_&client=ca-pub-3581631127875477
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 8faf869a10bd93db27856879e6ec792d
b4cf63e7e34aaaaece5469e86bcc79005085cb59
f3398e1d8b71cf0ecd1a29ce596b056e53e7b184b48d59857ecdcc320ada96ed
GET /gampad/cookie.js?domain=www.ciaomaestra.com&callback=_gfp_s_&client=ca-pub-3581631127875477 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:37 GMT
server: cafe
cache-control: private
content-length: 203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
m.media-amazon.com/images/I/41HfMdnzNAL._AC_AC_SR98,95_.jpg
54.230.219.191200 OK 2.6 kB URL HTTP/2 m.media-amazon.com/images/I/41HfMdnzNAL._AC_AC_SR98,95_.jpg
IP 54.230.219.191:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 98x95, components 3\012- data
Hash 1fff448796f796ec87a645918eaad884
6dc921dfd4dd4d0806a0ed4fd5ccf05525024030
6cffe42a6c5d3b33c7328aef8a1c572e8b17319e788fe98122ea0066dd2488c0
GET /images/I/41HfMdnzNAL._AC_AC_SR98,95_.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-eu.assoc-amazon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2584
server: Server
date: Wed, 14 Sep 2022 04:57:35 GMT
x-amz-ir-id: 0c77dfb6-347f-4997-88d4-983fa0e7d431
expires: Mon, 08 Sep 2042 19:26:26 GMT
cache-control: max-age=630720000,public
surrogate-key: x-cache-927 /images/I/41HfMdnzNAL
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-927,/images/I/41HfMdnzNAL
access-control-allow-origin: *
last-modified: Mon, 25 Mar 2019 09:44:13 GMT
x-nginx-cache-status: HIT
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 60gQxf1ooRAF7XLW-7CUDTIn-cZlxeF1olrA4BCkYkVKvb2coiksEQ==
age: 655562
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51ca5853da6ab1b45b9b9d8425056853
b912e4d1ee63203030fa6efd1a77b5f02f4f86e0
a5dd1386ea0a4adc2678a71557841daec7a91a80330c7cf3dc845963c4addd3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468&slf_rd=1&random=4122189486
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468&slf_rd=1&random=4122189486
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2798762-1&cid=1519131480.1663787017&jid=241116216&_v=5.7.2&z=1072142468&slf_rd=1&random=4122189486 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ciaomaestra.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 19:03:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash e20c4ca834a167dd27db59f0d1f93fa7
b030a0c6161adff5727da66b382c9e89cba46116
1a74082de0e5af5218159c3a5f481649e37c241dbd43a5fa472523d9e8711bf2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 19:03:37 GMT
Last-Modified: Wed, 21 Sep 2022 17:42:05 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aHhvQEPn2ajlkuxO9rbIaCWPMq5Srl3XVousC64MIanOFuMphfPgGg==
Age: 4892
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 9d53ff56bab107d5c9f935e8218dbf8f
5b1c4fca6ef574b372a3f9a5acfa30ca07dc1f5f
43f55ed6a92c04004fc0f55620d41da4c3b5cea74d308e8e25d6bbc1709ee7dd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 19:03:37 GMT
Last-Modified: Wed, 21 Sep 2022 17:29:23 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YsnrM0iXxlJdRL2RkjvIlmO_56SAfE1MVL9Fvy9jq9Y3q6VmiQVx-g==
Age: 5655
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1663787017497&p=%7B%22program%22%3A%2229%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22ciaobambin-21%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.ciaomaestra.com%2F%22%7D
52.94.218.163200 OK 43 B URL HTTP/1.1 fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1663787017497&p=%7B%22program%22%3A%2229%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22ciaobambin-21%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.ciaomaestra.com%2F%22%7D
IP 52.94.218.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash e68cc604cab69bf03b8cd228d940f5ef
15c0c62c4c7c917b5dd82a8e1e439211a44b9e98
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
GET /1/associates-ads/1/OP/r/json?cb=1663787017497&p=%7B%22program%22%3A%2229%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22ciaobambin-21%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.ciaomaestra.com%2F%22%7D HTTP/1.1
Host: fls-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-eu.assoc-amazon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amzn-RequestId: af455e5f-22bc-488f-9418-1e52f9c24e10
Content-Type: image/gif
Content-Length: 43
Date: Wed, 21 Sep 2022 19:03:37 GMT
wms-eu.amazon-adsystem.com/panda/20070822/IT/img/a-logo-amazon.png
52.94.222.175200 OK 1.6 kB URL HTTP/1.1 wms-eu.amazon-adsystem.com/panda/20070822/IT/img/a-logo-amazon.png
IP 52.94.222.175:0
File type PNG image data, 72 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash a2cb3b17c2c2da048c47ab96da596ade
2f42acb8ce38edf12e81db4218a698907efd273d
66401169bf02df6a39ba1f1b88ad349c9728beb790791d22c54f73e2c2f29084
GET /panda/20070822/IT/img/a-logo-amazon.png HTTP/1.1
Host: wms-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-eu.assoc-amazon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 19:03:38 GMT
Server: Server
Last-Modified: Fri, 26 Aug 2022 20:52:20 GMT
ETag: "643-5e72b17197c56"
Accept-Ranges: bytes
Content-Length: 1603
Cache-Control: max-age=2592000
Expires: Wed, 28 Sep 2022 19:03:38 GMT
Charset: UTF-8
Keep-Alive: timeout=25, max=89
Connection: Keep-Alive
Content-Type: image/png
g.ezoic.net/ezoic/gc.php
3.66.136.156200 OK 2 B IP 3.66.136.156:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ezoic/gc.php HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.ciaomaestra.com
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: http://www.ciaomaestra.com
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, must-revalidate
Content-Type: text/html
Date: Wed, 21 Sep 2022 19:03:38 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Server: Apache/2.4.39 (Ubuntu)
Vary: Accept-Encoding
X-Robots-Tag: noindex
Content-Length: 2
wms-eu.amazon-adsystem.com/panda/20070822/US/img/cart.gif
52.94.222.175200 OK 341 B URL HTTP/1.1 wms-eu.amazon-adsystem.com/panda/20070822/US/img/cart.gif
IP 52.94.222.175:0
File type GIF image data, version 89a, 25 x 25\012- data
Hash a49e8b12d209a3ec2dd5f0c5b7a252fc
2d5a47a0950357adb667781b5eac5b991add0b1c
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
GET /panda/20070822/US/img/cart.gif HTTP/1.1
Host: wms-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-eu.assoc-amazon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 19:03:38 GMT
Server: Server
Last-Modified: Fri, 26 Aug 2022 20:52:20 GMT
ETag: "155-5e72b17195d16"
Accept-Ranges: bytes
Content-Length: 341
Cache-Control: max-age=2592000
Expires: Wed, 28 Sep 2022 19:03:38 GMT
Charset: UTF-8
Keep-Alive: timeout=25, max=86
Connection: Keep-Alive
Content-Type: image/gif
fonts.gstatic.com/s/allertastencil/v18/HTx0L209KT-LmIE9N7OR6eiycOe1_Db2.woff2
142.250.74.163200 OK 8.3 kB URL HTTP/1.1 fonts.gstatic.com/s/allertastencil/v18/HTx0L209KT-LmIE9N7OR6eiycOe1_Db2.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8324, version 1.0\012- data
Hash 00ca16c086e7d5f0971c5ac89f13c834
68cf7b94f8f0c595e0a8c5e260b8f0deb4cf062a
18abb9ddb8c4eaccefeae8c5b9906210ccf142b9d26e2031d6fdfbbdbfb361c3
GET /s/allertastencil/v18/HTx0L209KT-LmIE9N7OR6eiycOe1_Db2.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ciaomaestra.com
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8324
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 16:56:44 GMT
Expires: Thu, 21 Sep 2023 16:56:44 GMT
Cache-Control: public, max-age=31536000
Age: 7614
Last-Modified: Tue, 19 Apr 2022 18:32:04 GMT
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXo.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12896, version 1.0\012- data
Hash 47adf1610f40ec74b72068c5a111d3ad
4b62442240ca72c2548dbcfa9badc0ca206d7947
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ciaomaestra.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 15:54:24 GMT
expires: Sat, 16 Sep 2023 15:54:24 GMT
cache-control: public, max-age=31536000
age: 443354
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/rj45fQsQuvI/default.webp
142.250.74.150200 OK 2.1 kB URL HTTP/2 i.ytimg.com/vi_webp/rj45fQsQuvI/default.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 801820a10a0785360b98abfddbd166d5
22f06f4c74a41b3e525e578cffd446549ecfcfca
483b9b248a30aa9130cd63079db062b70261ec4dca5d40ff50a5df4a127ff97c
GET /vi_webp/rj45fQsQuvI/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2090
date: Wed, 21 Sep 2022 19:03:38 GMT
expires: Wed, 21 Sep 2022 21:03:38 GMT
cache-control: public, max-age=7200
etag: "1590397820"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ciaomaestra.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 06:06:20 GMT
expires: Fri, 15 Sep 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 565038
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/PvROTluuPdo/default.webp
142.250.74.150200 OK 2.8 kB URL HTTP/2 i.ytimg.com/vi_webp/PvROTluuPdo/default.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5004339090fb7c9764987dabb3090f84
f68ad12194a0391280cbbf804d30e2f8502ff54b
0c5974538c28658b875901488463d21a63b5973a4bf1ef973dfc18474deb50fc
GET /vi_webp/PvROTluuPdo/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2780
date: Wed, 21 Sep 2022 19:03:38 GMT
expires: Wed, 21 Sep 2022 21:03:38 GMT
cache-control: public, max-age=7200
etag: "1602770360"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 369100
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d744c3eee332d1413a76a05a14fe480
16b898402c9d9ddcc10960cae7a3a65f4569fd88
6461977f05a68482f643f0d0bc859aa77197ff8ab66e28a0f5caafa19fcaa963
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d744c3eee332d1413a76a05a14fe480
16b898402c9d9ddcc10960cae7a3a65f4569fd88
6461977f05a68482f643f0d0bc859aa77197ff8ab66e28a0f5caafa19fcaa963
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-QDizgl2Z0LhiRqkleHLDe_Y3K975dW7m1-zoIcQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-QDizgl2Z0LhiRqkleHLDe_Y3K975dW7m1-zoIcQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash eefde1d23f469ee642e4c61ed16f8777
e4839d57cf1b2af15f837b88ab162869a17c6247
d0895ffe59a3f20b9c2dd16512d5d060254dc0fb3e13fae18112152d9fbd73fd
GET /ytc/AMLnZu-QDizgl2Z0LhiRqkleHLDe_Y3K975dW7m1-zoIcQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2455
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:39 GMT
expires: Mon, 12 Sep 2022 15:04:53 GMT
cache-control: public, max-age=86400, no-transform
etag: "v160"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d744c3eee332d1413a76a05a14fe480
16b898402c9d9ddcc10960cae7a3a65f4569fd88
6461977f05a68482f643f0d0bc859aa77197ff8ab66e28a0f5caafa19fcaa963
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 10ae49480aecaf4bbe48fe413fb884f5
eaf76e35924e7e2465d8d51f81e1a39da508a496
dee36f9aa3d11c1b3d6802fa611adea95ed277212e47f16392cd49f3161e205b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 21 Sep 2022 19:03:39 GMT
expires: Wed, 21 Sep 2022 19:03:39 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu9YTu4io21JpyhrXIWEknvXkCKKaKy9nJijqxfcXw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9YTu4io21JpyhrXIWEknvXkCKKaKy9nJijqxfcXw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 01f328556bb2e23d3239e06ab9e0281b
9ebfe0b6ceb17d557e9b5dd13cc011e7ebd46d0f
78b23622caa1ddf664afdc74d81ec6735805aaedb84e7d61ff757a07c109badd
GET /ytc/AMLnZu9YTu4io21JpyhrXIWEknvXkCKKaKy9nJijqxfcXw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3071
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:39 GMT
expires: Mon, 19 Sep 2022 10:38:19 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1a2c"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Sep 2022 19:03:40 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef308633375ad297e2fe58dde9609eb8
52abf13db04d30f9319bc5c305f4d28a47bbed85
516cb03596d11a8893d4598e8c2ee2987f8776c8f27d25d01515fcb21d24cb51
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1116
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:40 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 109 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef3c0b272051a746eb4d047c2bd44b6c
ed0891d9b130907ff6b4371422f8602ad4f5f897
213f9d28b30aeab4503869c6f8fa5378ebeeaf00203320e96d56d200816085fb
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1132
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 19:03:40 GMT
server: ESF
cache-control: private
content-length: 109
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/6772039077949203671
216.58.211.6200 OK 22 kB URL HTTP/2 s0.2mdn.net/simgad/6772039077949203671
IP 216.58.211.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 728x90, components 3\012- data
Hash 2c04b1993b17e4d8c7d681dfb5fcb0dd
ea8e97353db616bfced963aa1f7fecd3e5fb5a97
a6117d3c73f8a41af227adc588d386e179fa8ff7f46fa0b70832c7755b54557f
GET /simgad/6772039077949203671 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 21884
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 09:59:56 GMT
expires: Wed, 20 Sep 2023 09:59:56 GMT
cache-control: public, max-age=31536000
age: 119024
last-modified: Tue, 31 May 2022 09:28:35 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.statcounter.com/t.php?sc_project=1314341&u1=EE46531872AD4F90F8B8C194F3D9817C&java=1&security=061e97b4&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//www.ciaomaestra.com/&t=Ciao%20Bambini!%20Ciao%20Maestra!&invisible=1&sc_rum_e_s=1716&sc_rum_e_e=1728&get_config=true
104.20.228.67200 OK 0 B URL HTTP/2 c.statcounter.com/t.php?sc_project=1314341&u1=EE46531872AD4F90F8B8C194F3D9817C&java=1&security=061e97b4&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//www.ciaomaestra.com/&t=Ciao%20Bambini!%20Ciao%20Maestra!&invisible=1&sc_rum_e_s=1716&sc_rum_e_e=1728&get_config=true
IP 104.20.228.67:0
GET /t.php?sc_project=1314341&u1=EE46531872AD4F90F8B8C194F3D9817C&java=1&security=061e97b4&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//www.ciaomaestra.com/&t=Ciao%20Bambini!%20Ciao%20Maestra!&invisible=1&sc_rum_e_s=1716&sc_rum_e_e=1728&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.ciaomaestra.com
Connection: keep-alive
Referer: http://www.ciaomaestra.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:03:37 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc1314341.1663787017.0; SameSite=None; Secure; Expires=Monday, 20-Sep-2027 21:03:37 CEST; Path=/; Domain=.statcounter.com
access-control-allow-origin: http://www.ciaomaestra.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e50fd869ccb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2