firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 14:37:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QMizA7tSkrEkBgjMkxhUX6D9GCIfl7-C6QmymjRDy8UzHgchNJVOWw==
Age: 1235
856manuelmendezheadline.blogspot.com/2022/08/kyrie-irving-stats-2016-finals.html
142.250.74.161301 Moved Permanently 224 B URL HTTP/1.1 856manuelmendezheadline.blogspot.com/2022/08/kyrie-irving-stats-2016-finals.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash bb7a50d42e3c8e4f654e1b77469df3c1
99325d40b23d70e12f3642782709f3b281811392
1b5f08c7da7cef6161bc78689a42d7b55b79781f762a6ab72746a2170a2ffe7e
GET /2022/08/kyrie-irving-stats-2016-finals.html HTTP/1.1
Host: 856manuelmendezheadline.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://856manuelmendezheadline.blogspot.com/2022/08/kyrie-irving-stats-2016-finals.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 01 Sep 2022 14:58:15 GMT
Expires: Thu, 01 Sep 2022 14:58:15 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 224
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Thu, 01 Sep 2022 16:59:21 GMT
Date: Thu, 01 Sep 2022 14:58:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nZXG9AiK7-em68KWUlM7PpoRx7PzovZdYF0w9B1PPFevEdAy0ATbMw==
age: 49379
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9958d022adfc8797a31354807ea8332b
b4f3fb1ccb440d0b1e139fbe97d0848d40339900
3068f5221f93eaa3a323468bcca163ca0441d2e8c70aa5e0921552b4ed39eef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:58:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 14:57:05 GMT
Expires: Thu, 01 Sep 2022 14:57:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7J0skJEIEX0T-Ym4W0EPfDYjyxZjAoTyLfpoxrBvL3Dxw7JWeKdJpg==
Age: 71
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3548
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:16 GMT
Last-Modified: Thu, 01 Sep 2022 13:59:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4k6oi6RmOQOeA2X8ENtTbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ev42JfzuqO+CPAanNBj3ZbQpe6w=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9958d022adfc8797a31354807ea8332b
b4f3fb1ccb440d0b1e139fbe97d0848d40339900
3068f5221f93eaa3a323468bcca163ca0441d2e8c70aa5e0921552b4ed39eef8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
856manuelmendezheadline.blogspot.com/2022/08/kyrie-irving-stats-2016-finals.html
142.250.74.161200 OK 38 kB URL HTTP/2 856manuelmendezheadline.blogspot.com/2022/08/kyrie-irving-stats-2016-finals.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (47143)
Hash b6de8dde33d7f0b179d463e6eff2e178
55fe046fc384f3855ee241caa5261355739bc5be
08c978b5eca78609e1c36e48d142bad3bae984cb36c96bef1256a47d1e4ef5cd
GET /2022/08/kyrie-irving-stats-2016-finals.html HTTP/1.1
Host: 856manuelmendezheadline.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 01 Sep 2022 14:58:16 GMT
date: Thu, 01 Sep 2022 14:58:16 GMT
cache-control: private, max-age=0
last-modified: Thu, 01 Sep 2022 05:26:26 GMT
etag: W/"57e7ae84321a256490160a05af7f267ad37f90d15a2a6460bb655b5ec03cbec2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 37808
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4346627cf7d4d78ed2248ed44379d0b5
4919331157bc0704acbea885178b90a2f9055388
4aca7992f94d346229e4735c1b915bf170d0d916bd45d01af965802790ce8d4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6e5ba1df1f563da5fd2c960b5aae810c
215d5cfe9e9bba8473071a54c7b9cbdc347bc383
cd609ac497ba6f5b445e2cf08aa3cac526745610ae08a29d0f855ed78b879a43
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CD609AC497BA6F5B445E2CF08AA3CAC526745610AE08A29D0F855ED78B879A43"
Last-Modified: Wed, 31 Aug 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6719
Expires: Thu, 01 Sep 2022 16:50:16 GMT
Date: Thu, 01 Sep 2022 14:58:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aedca2ecf7ae3f8ef69680f4a7efc9bf
b77a53c92d66c9a218a69f9dcff5199114a29775
030f151b53c6021d9041d16d17dd177ba4d56af219700071b8fe98b861b570d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6e5ba1df1f563da5fd2c960b5aae810c
215d5cfe9e9bba8473071a54c7b9cbdc347bc383
cd609ac497ba6f5b445e2cf08aa3cac526745610ae08a29d0f855ed78b879a43
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CD609AC497BA6F5B445E2CF08AA3CAC526745610AE08A29D0F855ED78B879A43"
Last-Modified: Wed, 31 Aug 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6719
Expires: Thu, 01 Sep 2022 16:50:16 GMT
Date: Thu, 01 Sep 2022 14:58:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aedca2ecf7ae3f8ef69680f4a7efc9bf
b77a53c92d66c9a218a69f9dcff5199114a29775
030f151b53c6021d9041d16d17dd177ba4d56af219700071b8fe98b861b570d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3482100140-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3482100140-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 0ec767036c873a11eb906f3c23eaa474
4a51387c930ad91944fc774040b877db2194abde
c07bb2f585da05f6cd7ba400c3ddc1c1e4bd5980215d28411a832f97c8f1a15d
GET /static/v1/widgets/3482100140-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57029
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 02:15:42 GMT
expires: Tue, 29 Aug 2023 02:15:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 00:50:33 GMT
content-type: text/javascript
age: 304955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
216.58.211.10200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 28 Aug 2022 02:16:32 GMT
expires: Mon, 28 Aug 2023 02:16:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 391305
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a7aab826beb3533ba03cfe6bab46f240
000c9a63535a3c7c9cadaea7630f1f1443399d56
5fc3e2785f52dbe5fa0e7bbe8d9bfa8476b574a3357df2374ea991e049a1d73b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aedca2ecf7ae3f8ef69680f4a7efc9bf
b77a53c92d66c9a218a69f9dcff5199114a29775
030f151b53c6021d9041d16d17dd177ba4d56af219700071b8fe98b861b570d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:26:57 GMT
expires: Thu, 31 Aug 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 70280
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=7633942688732970368&zx=241702ef-64cf-48d5-9e82-97352683381f
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7633942688732970368&zx=241702ef-64cf-48d5-9e82-97352683381f
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=7633942688732970368&zx=241702ef-64cf-48d5-9e82-97352683381f HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Sep 2022 14:58:17 GMT
last-modified: Thu, 01 Sep 2022 14:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 16:40:18 GMT
expires: Fri, 25 Aug 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 598679
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash eaf55d1d3b7c4a30203d2d5226c49b6d
11b63b740965603ef544f261ef036d24e6bb1fb5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
GET /s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:28:11 GMT
expires: Thu, 31 Aug 2023 19:28:11 GMT
cache-control: public, max-age=31536000
age: 70206
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Montserrat:400,400i,700,700i
142.250.74.10200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Montserrat:400,400i,700,700i
IP 142.250.74.10:0
Hash 91dcf7f87440eb6ede6005749476d689
a1c4c85a67791f9ceaf51f4980cb2690622a1ac8
f388d8e10b4041bfc12516c85a5dd03830eb818503132eff23d971fdef15ca2f
GET /css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Montserrat:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 14:58:17 GMT
date: Thu, 01 Sep 2022 14:58:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:26:57 GMT
expires: Thu, 31 Aug 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 70280
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11792, version 1.0\012- data
Hash 619d81d89f24960286d052bc8843de1b
15274ef64de4eeda33d92f1f27f9a1d79099428d
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:59 GMT
expires: Thu, 31 Aug 2023 19:34:59 GMT
cache-control: public, max-age=31536000
age: 69798
last-modified: Wed, 27 Apr 2022 16:04:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3_qrwpxc3qPSb8GESPnafn_hESum5WRNXaoQJsCqfoQZRWQc40sz7mSTCgq6-fJShYGa6PLAMbzjg0NJ3DpyiezJf9BFc9zhYXP5qNLQq_sIlb-ak7n9JDldVpZGdPRh6DtnYV6xIB7D4M1LuPkl4=w680
142.250.74.1200 OK 147 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3_qrwpxc3qPSb8GESPnafn_hESum5WRNXaoQJsCqfoQZRWQc40sz7mSTCgq6-fJShYGa6PLAMbzjg0NJ3DpyiezJf9BFc9zhYXP5qNLQq_sIlb-ak7n9JDldVpZGdPRh6DtnYV6xIB7D4M1LuPkl4=w680
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 680x830, components 3\012- data
Size 147 kB (147120 bytes)
Hash b47a810c91d780adb7b6313d18bb4c5b
ade445dcfa27f6eb9b0471eefc4b35fa0623a561
94344a1cff6c62881ec438988522ad39e18e2bebd112e285289a0a8d16b48ed6
GET /blogger_img_proxy/ANbyha3_qrwpxc3qPSb8GESPnafn_hESum5WRNXaoQJsCqfoQZRWQc40sz7mSTCgq6-fJShYGa6PLAMbzjg0NJ3DpyiezJf9BFc9zhYXP5qNLQq_sIlb-ak7n9JDldVpZGdPRh6DtnYV6xIB7D4M1LuPkl4=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 02 Sep 2022 14:58:17 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 01 Sep 2022 14:58:17 GMT
server: fife
content-length: 147120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4346627cf7d4d78ed2248ed44379d0b5
4919331157bc0704acbea885178b90a2f9055388
4aca7992f94d346229e4735c1b915bf170d0d916bd45d01af965802790ce8d4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.combinatronics.com/segopecelus/ngeads/main/stats-trending.js
172.67.72.125200 OK 699 B URL HTTP/2 www.combinatronics.com/segopecelus/ngeads/main/stats-trending.js
IP 172.67.72.125:0
Hash 74e122d6efe75a58824b744ace50b6fa
b733085c1e2faae43b137bcfab501cd8bb445633
ae379e96bed7dab564c66a832d534ade1543befc7da04cf1e1961a6cea1e3f99
GET /segopecelus/ngeads/main/stats-trending.js HTTP/1.1
Host: www.combinatronics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 10:41:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkc4I%2FUtC2qpVpZmPGMdG6aR0%2FQjqTINsYvjwWnuan4WOa3FIG7WmSJvOQH4xnUzruhZghKRwplZZgXMDcmP%2FL%2FN5IYx9nKlHvC24KBjo%2B4XzwKAxxuEZgnMt4EvG1hZDMHrDplzq0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edcf94e670b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 01 Sep 2022 14:41:12 GMT
expires: Thu, 01 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 1025
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js
104.26.8.123200 OK 675 B URL HTTP/2 snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js
IP 104.26.8.123:0
Hash 53ba8ac4f82f66d0457a9a8ba8796ea4
8585901da15af10312871f996c4b25a60907c0af
0eb87cbac61cb8b03ae9488e43ecd82b9c1dbfca525cac9a182143cacdb89b26
GET /js/embed.vendor.min.2f17f0b14ee46c5a.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"62f0b6d6-9e1"
last-modified: Mon, 08 Aug 2022 07:10:14 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 233323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQU9k3oksJ5FmTXNREJI%2FkC%2B8VcGrhSGI%2FaWJFWOvpEgSNRSmMF3VdCg0Q1rPz%2FSbChN0GRoD54S5KwsHlP3KxnE3gaNfRzTen6AMFoFYnFEPvQtGM4jlxgZLqUqiBpX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfbfc2c0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 12 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
File type ASCII text, with very long lines (14076)
Hash 13c8a5abe7976d855da4a403664e8ca1
3d8e8a7509ffc4692026fdd3baad949b1e911a11
ef9df9d23ae87be65a747b8788d0b16e8d6de134514998fbac85bbd9f9c83a95
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edcfc3a1bb4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
snapwidget.com/images/icons/facebook.png
104.26.8.123200 OK 648 B URL HTTP/2 snapwidget.com/images/icons/facebook.png
IP 104.26.8.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 54e9168996419eada721e6ca83b9866e
9a98cbd3f57f7cb3017e0ed1a4c4356094c0c2fb
4d1a80126c4bacaa62d2c046fd95b1378b5b874582f0ac4a7c453ff5cd1d33d7
GET /images/icons/facebook.png HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: image/webp
content-length: 648
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2222
content-disposition: inline; filename="facebook.webp"
vary: Accept
etag: "62f664ed-8ae"
last-modified: Fri, 12 Aug 2022 14:34:21 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1253351
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bNQh%2FR7QxjpClMk6YCKc2D1gTmIUQz4Wag6F9HTbnt%2F%2FcZfv2kyRosGneatyWQzbAMqO09SBlT05rYoz%2Bvq485UnYCMXsLnSOyi5k%2BsqI7JFZAWWBDM71Y2owBvSx2w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfd7e040b59-OSL
X-Firefox-Spdy: h2
snapwidget.com/images/icons/pinterest.png
104.26.8.123200 OK 756 B URL HTTP/2 snapwidget.com/images/icons/pinterest.png
IP 104.26.8.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b30ba1581d3678592f9b6cebd717541b
44b1cb8f9c9cf3538d898b124bcaf82e266b8f42
7dc79f6bdde5b8c889a4f614a1626a609c571105818684c512aa8eb271be73dd
GET /images/icons/pinterest.png HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: image/webp
content-length: 756
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2467
content-disposition: inline; filename="pinterest.webp"
vary: Accept
etag: "63034179-9a3"
last-modified: Mon, 22 Aug 2022 08:42:33 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 236178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RabWi8HArBSDbJOUlSyRU%2Fa%2FyEnVUM%2FmeTyrIMhQCg581snhjLS6%2BVnzMz4tRs%2FshYW62ipP%2BKJKUkqvBtxM79CdXNxY5nU%2B5qV%2FpEMcy3Dry0rPIbi2sKC2c51h29AH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfd7e080b59-OSL
X-Firefox-Spdy: h2
snapwidget.com/images/icons/twitter.png
104.26.8.123200 OK 716 B URL HTTP/2 snapwidget.com/images/icons/twitter.png
IP 104.26.8.123:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 557dcf13a6c64edb6327ca8092bfa6fe
1a6de39ca44d62562f6b41d4c11d93e6e600505f
2308c6bccc5ec728fb77bc14121b7d154206d45de5754875b60d1690dad2af07
GET /images/icons/twitter.png HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: image/webp
content-length: 716
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2371
content-disposition: inline; filename="twitter.webp"
vary: Accept
etag: "62f3c74b-943"
last-modified: Wed, 10 Aug 2022 14:57:15 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1793105
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgjupqTn2gDu9l6zbTya%2BinyooSg4tg9wZXzXgPkAxbKZwayQbMFimYdLn7%2BbjRSXlb7d%2BdDHUnS9Nu%2FuRwaLBy497E8SVMi8d9qgfQvwePlRpleH6seXrltVXeXmxuB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfd7e070b59-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b6750faede6836366f73bbe648c14163
d489353c09f0aa01315c63900262859c571d420e
c3d13a9031f3ab49877147b71ec74e93161c3ac17152154c3ae5eeccf713f7f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Sep 2022 14:58:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 22723
x-timer: S1662044298.939890,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 666 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 7baf1d06d0da75c042a41b9a8371ca73
35709775fb897e7597ed21591cc5b63eee336c00
4480965df3970b93a8077a5808091f60ef56308b54caaaa584e739afbdc05e57
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 01 Sep 2022 14:58:17 GMT
date: Thu, 01 Sep 2022 14:58:17 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 666
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 414ff8012191c933c8e899d8747fc7e4
e27ebe1c5805da5ad35c3c2103080eecde9324ac
2d7821e987f1cc3049d4d9454091f26ca2e1b3de886a8b12fde553de902c6ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf2144f646fa7d4954073252f7c5a7be
da06d73024482de1894f7dd9fef307a17a0c5537
826a67b480b0a378d1529aac6516e7c4742dc264321ac3240ae33d9ce54b4e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Last-Modified: Thu, 01 Sep 2022 14:11:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf2144f646fa7d4954073252f7c5a7be
da06d73024482de1894f7dd9fef307a17a0c5537
826a67b480b0a378d1529aac6516e7c4742dc264321ac3240ae33d9ce54b4e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Last-Modified: Thu, 01 Sep 2022 14:11:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf2144f646fa7d4954073252f7c5a7be
da06d73024482de1894f7dd9fef307a17a0c5537
826a67b480b0a378d1529aac6516e7c4742dc264321ac3240ae33d9ce54b4e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Last-Modified: Thu, 01 Sep 2022 13:20:17 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf2144f646fa7d4954073252f7c5a7be
da06d73024482de1894f7dd9fef307a17a0c5537
826a67b480b0a378d1529aac6516e7c4742dc264321ac3240ae33d9ce54b4e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2987
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Last-Modified: Thu, 01 Sep 2022 14:08:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
scontent.cdninstagram.com/v/t51.2885-15/269751951_277845444315548_3618974636877083108_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHwyf9ST6KTSa4NFnWyNwVjquLJe-1AOJ2q4sl77UA4nVhF9E7xOI5zWX0-2_sfUCY&_nc_ohc=VDvjK-dXAC0AX8Rm8tF&_nc_oc=AQknDdu5JSyDrgnAJSQFgOX_Te6azPIZvF50S_CddGLD5NxtRZGaQN2yBIn-S7iTnSk&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT9ysg3NKN42OfNoguMvFI5CTAO_qZcG8Ss4W43pKwFnlA&oe=63158027
31.13.72.53200 OK 198 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/269751951_277845444315548_3618974636877083108_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHwyf9ST6KTSa4NFnWyNwVjquLJe-1AOJ2q4sl77UA4nVhF9E7xOI5zWX0-2_sfUCY&_nc_ohc=VDvjK-dXAC0AX8Rm8tF&_nc_oc=AQknDdu5JSyDrgnAJSQFgOX_Te6azPIZvF50S_CddGLD5NxtRZGaQN2yBIn-S7iTnSk&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT9ysg3NKN42OfNoguMvFI5CTAO_qZcG8Ss4W43pKwFnlA&oe=63158027
IP 31.13.72.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 198 kB (198291 bytes)
Hash 864f7647d5439c9c330c9331ea94bf0c
fa6395a4b4fe5f92ffb999f3d801a650c3fe2c36
4cdaed13602d43c54018b0b91b75b33b48749d8ec92aa7c673337ce990815c56
GET /v/t51.2885-15/269751951_277845444315548_3618974636877083108_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHwyf9ST6KTSa4NFnWyNwVjquLJe-1AOJ2q4sl77UA4nVhF9E7xOI5zWX0-2_sfUCY&_nc_ohc=VDvjK-dXAC0AX8Rm8tF&_nc_oc=AQknDdu5JSyDrgnAJSQFgOX_Te6azPIZvF50S_CddGLD5NxtRZGaQN2yBIn-S7iTnSk&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT9ysg3NKN42OfNoguMvFI5CTAO_qZcG8Ss4W43pKwFnlA&oe=63158027 HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 19 Dec 2021 15:39:33 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 549129686
x-needle-checksum: 3585315655
accept-ranges: bytes
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 198291
content-digest: adler32=3585315655
x-fb-trip-id: 1512268381
date: Thu, 01 Sep 2022 14:58:18 GMT
cache-control: max-age=1209600, no-transform
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:58:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf2144f646fa7d4954073252f7c5a7be
da06d73024482de1894f7dd9fef307a17a0c5537
826a67b480b0a378d1529aac6516e7c4742dc264321ac3240ae33d9ce54b4e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Last-Modified: Thu, 01 Sep 2022 14:11:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
scontent.cdninstagram.com/v/t51.2885-15/244052366_242723337818957_487001981621570713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEtaTgkZ8wXBlu-YL4c8VuVEAx6B4XSJkcQDHoHhdImR3AAm9zgV6zDOYIzm9CiYu0&_nc_ohc=JBMFrlBlZNkAX8E_HIe&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT_eZ25xJwvxkGraL63tI6bX3Q26B4Yk2D0gOk1chnJ-4Q&oe=6314C31F
31.13.72.53200 OK 173 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/244052366_242723337818957_487001981621570713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEtaTgkZ8wXBlu-YL4c8VuVEAx6B4XSJkcQDHoHhdImR3AAm9zgV6zDOYIzm9CiYu0&_nc_ohc=JBMFrlBlZNkAX8E_HIe&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT_eZ25xJwvxkGraL63tI6bX3Q26B4Yk2D0gOk1chnJ-4Q&oe=6314C31F
IP 31.13.72.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 173 kB (172726 bytes)
Hash 302dae2eb8ddcd13f322a4d485960049
f8e0419f41a234335029d49410dc7fc56524da2d
b3f40f0428d938013319a075526d995822884ebb9bdb1c1368a9ab50cee29a5b
GET /v/t51.2885-15/244052366_242723337818957_487001981621570713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeEtaTgkZ8wXBlu-YL4c8VuVEAx6B4XSJkcQDHoHhdImR3AAm9zgV6zDOYIzm9CiYu0&_nc_ohc=JBMFrlBlZNkAX8E_HIe&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT_eZ25xJwvxkGraL63tI6bX3Q26B4Yk2D0gOk1chnJ-4Q&oe=6314C31F HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 01 Oct 2021 10:43:36 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 388708087
x-needle-checksum: 2911320566
content-digest: adler32=2911320566
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 172726
x-fb-trip-id: 1512268381
date: Thu, 01 Sep 2022 14:58:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:58:18 GMT
Connection: keep-alive
scontent.cdninstagram.com/v/t51.2885-15/242315751_400294858227413_2264836222889586413_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHdw0La-hCrzbH6jD4aQ2Hb-IAoCepZfTb4gCgJ6ll9Ns9Tul0b05JOpdln2yPSQNM&_nc_ohc=66bI44DJJj8AX_W5pYm&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT87s85O2OwiNV26Wy6RXvpSmYwsgP3_rCB8mjAtgOasFg&oe=6315B266
31.13.72.53200 OK 192 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/242315751_400294858227413_2264836222889586413_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHdw0La-hCrzbH6jD4aQ2Hb-IAoCepZfTb4gCgJ6ll9Ns9Tul0b05JOpdln2yPSQNM&_nc_ohc=66bI44DJJj8AX_W5pYm&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT87s85O2OwiNV26Wy6RXvpSmYwsgP3_rCB8mjAtgOasFg&oe=6315B266
IP 31.13.72.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 192 kB (192270 bytes)
Hash bef6986b51d02e298cc24a9b386104fd
c921f753aacddfb1432c09f9631bca3a842175ec
819d66738704c444bd1995db109c6350ee54c709dd329713c298462ab83398a2
GET /v/t51.2885-15/242315751_400294858227413_2264836222889586413_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHdw0La-hCrzbH6jD4aQ2Hb-IAoCepZfTb4gCgJ6ll9Ns9Tul0b05JOpdln2yPSQNM&_nc_ohc=66bI44DJJj8AX_W5pYm&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT87s85O2OwiNV26Wy6RXvpSmYwsgP3_rCB8mjAtgOasFg&oe=6315B266 HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 18 Sep 2021 21:17:18 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1590440123
x-needle-checksum: 4230182909
content-digest: adler32=4230182909
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 192270
x-fb-trip-id: 1512268381
date: Thu, 01 Sep 2022 14:58:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:58:18 GMT
Connection: keep-alive
scontent.cdninstagram.com/v/t51.2885-15/242747775_3064430333842459_4612651904784165094_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeFBZ5ESIyeseoH2yph60q0cnJFevsoTYX2ckV6-yhNhfVHy6TNabWjoJwutN8zGjVQ&_nc_ohc=yiSb3no35vEAX_c_t9I&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT_VHTxG5IGIFTaPzo6Oqc5etiBS9NktKYbTgSl1cz5_Pw&oe=63168B3C
31.13.72.53200 OK 132 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/242747775_3064430333842459_4612651904784165094_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeFBZ5ESIyeseoH2yph60q0cnJFevsoTYX2ckV6-yhNhfVHy6TNabWjoJwutN8zGjVQ&_nc_ohc=yiSb3no35vEAX_c_t9I&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT_VHTxG5IGIFTaPzo6Oqc5etiBS9NktKYbTgSl1cz5_Pw&oe=63168B3C
IP 31.13.72.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 132 kB (132332 bytes)
Hash 5c1d94ad84f2d47f8af1fa615cf5d1be
dbe9f311922b89ab4a1b9a5148efa651ac96715c
87def0fb20ac6792d6810afa862eae437bea61e5463d981027827ccf74fd81e9
GET /v/t51.2885-15/242747775_3064430333842459_4612651904784165094_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeFBZ5ESIyeseoH2yph60q0cnJFevsoTYX2ckV6-yhNhfVHy6TNabWjoJwutN8zGjVQ&_nc_ohc=yiSb3no35vEAX_c_t9I&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT_VHTxG5IGIFTaPzo6Oqc5etiBS9NktKYbTgSl1cz5_Pw&oe=63168B3C HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 25 Sep 2021 03:14:15 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 2803065861
x-needle-checksum: 2191033377
content-digest: adler32=2191033377
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 132332
x-fb-trip-id: 1512268381
date: Thu, 01 Sep 2022 14:58:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent.cdninstagram.com/v/t51.2885-15/242127196_331437818775126_828939796642216519_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHt8JK25QO_NB3L0phGx9RF76HUHVQ-v-rvodQdVD6_6iyE2UmABi2q7uV2Y2IXbV4&_nc_ohc=LuG_9exfGgkAX9TKevt&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT8cikSeo7wNoPqJRzOPRV0N9aakuoG_uHsDvlf-OH37wg&oe=631518C3
31.13.72.53200 OK 222 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/242127196_331437818775126_828939796642216519_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHt8JK25QO_NB3L0phGx9RF76HUHVQ-v-rvodQdVD6_6iyE2UmABi2q7uV2Y2IXbV4&_nc_ohc=LuG_9exfGgkAX9TKevt&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT8cikSeo7wNoPqJRzOPRV0N9aakuoG_uHsDvlf-OH37wg&oe=631518C3
IP 31.13.72.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 222 kB (222462 bytes)
Hash a585bfb7e9318bb0f870ecb53231dbb6
c7d1a25912a90805f5bf8c47476eac858ed8894d
c02b5a7df54250fd092f8ba64b301fc918f69bccdfb90b235e0b2e6c519266e5
GET /v/t51.2885-15/242127196_331437818775126_828939796642216519_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHt8JK25QO_NB3L0phGx9RF76HUHVQ-v-rvodQdVD6_6iyE2UmABi2q7uV2Y2IXbV4&_nc_ohc=LuG_9exfGgkAX9TKevt&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT8cikSeo7wNoPqJRzOPRV0N9aakuoG_uHsDvlf-OH37wg&oe=631518C3 HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 18 Sep 2021 12:20:19 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3967902715
x-needle-checksum: 1009195736
content-digest: adler32=1009195736
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 222462
x-fb-trip-id: 1512268381
date: Thu, 01 Sep 2022 14:58:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.combinatronics.com/segopecelus/ngeads/main/socbar.js
172.67.72.125200 OK 17 kB URL HTTP/2 www.combinatronics.com/segopecelus/ngeads/main/socbar.js
IP 172.67.72.125:0
Hash fa65d25c647c2a720652f121ac0ee8cb
1fbbeca497506d34b6cccb7134af3626d72b5732
a47c33c90beecda1455e4bb9e93ab9d20a36a78aa3bee11097749bf79580336f
GET /segopecelus/ngeads/main/socbar.js HTTP/1.1
Host: www.combinatronics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 11:06:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x26wn9OgUk2QrUTz7kHOMZiiMBiSq6f2CrXU6abhN3ZIounlRx0nbeBXbJggrp7tnyR5XOb3YjRrNGpEJHRYU0yVhAqtcFN4QpaIW%2BFsaRItCJliSTGs1FBoml4O%2BUPkjy39ErLG2wA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edcf95e7e0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:58:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf2144f646fa7d4954073252f7c5a7be
da06d73024482de1894f7dd9fef307a17a0c5537
826a67b480b0a378d1529aac6516e7c4742dc264321ac3240ae33d9ce54b4e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Last-Modified: Thu, 01 Sep 2022 13:20:17 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
scontent.cdninstagram.com/v/t51.2885-15/242515716_212926190828592_5543576737853126124_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHZsDG-0aWT8t_80xh8gGAypx_KV9kitCinH8pX2SK0KJtssghaI_P0FjYgZTefqm8&_nc_ohc=g7NX-_MtfBcAX-WeLjV&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT-0pRQkPnCOESQcFEnZOh4ZZITPYmIAIBDf8afmghWNQg&oe=63167F34
31.13.72.53200 OK 209 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.2885-15/242515716_212926190828592_5543576737853126124_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHZsDG-0aWT8t_80xh8gGAypx_KV9kitCinH8pX2SK0KJtssghaI_P0FjYgZTefqm8&_nc_ohc=g7NX-_MtfBcAX-WeLjV&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT-0pRQkPnCOESQcFEnZOh4ZZITPYmIAIBDf8afmghWNQg&oe=63167F34
IP 31.13.72.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 209 kB (209216 bytes)
Hash fce6b4e4087b3104ff7d8c3538f5962a
50f7a861a2767702f7264ac9ca93362c1d3b2e99
5357077237594384cd703be0e1d14f88b23c18c05ea562a973a2870eb098b023
GET /v/t51.2885-15/242515716_212926190828592_5543576737853126124_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_eui2=AeHZsDG-0aWT8t_80xh8gGAypx_KV9kitCinH8pX2SK0KJtssghaI_P0FjYgZTefqm8&_nc_ohc=g7NX-_MtfBcAX-WeLjV&_nc_ht=scontent.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT-0pRQkPnCOESQcFEnZOh4ZZITPYmIAIBDf8afmghWNQg&oe=63167F34 HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 24 Sep 2021 16:16:04 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1709114294
x-needle-checksum: 3611653328
content-digest: adler32=3611653328
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 209216
x-fb-trip-id: 1512268381
date: Thu, 01 Sep 2022 14:58:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1ELVJBwpf4d3Fbspah-2KCSXx08D8_ZAgcZZjQSJdkMIUmtNmGJOw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:05 GMT
age: 35953
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:19 GMT
age: 62459
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:45:21 GMT
age: 777
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fo9YF1JJrYUMp7y9uM7av78_409D9n4ZWSaeydPAH7HuQzd8vOPiRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:36:46 GMT
age: 62492
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gwk8Z-MzgO1APlMgvdN3-5KGdQ2K4I959yy-YdbVUD5AOZTQ0mjYhQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 00:00:46 GMT
age: 53852
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 41f6c9453ceb1c38e00b6b77bf29dabd
74ec81c9d0af8b62e332ca12b1e9e10b6acbd4fd
8a7dcf7d1103f3d539efd7dabfbecd47bb840c1bb3d638284f6e421ba6db71c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8A7DCF7D1103F3D539EFD7DABFBECD47BB840C1BB3D638284F6E421BA6DB71C4"
Last-Modified: Tue, 30 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2293
Expires: Thu, 01 Sep 2022 15:36:31 GMT
Date: Thu, 01 Sep 2022 14:58:18 GMT
Connection: keep-alive
bam.nr-data.net/1/a53393d12f?a=453137&v=1216.487a282&to=ZlNSMUNXWBcFW0FRCV8ZcQZFX1kKS3lFSDp5QkQVbXVZChBKWlQKVERDOXRbVAEAe1pWEkNZXAlURHYXDFdCbRVURHUIU1NS&rst=740&ck=1&ref=https://snapwidget.com/embed/956730&ap=56&be=332&fe=613&dc=610&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662044296964,%22n%22:0,%22f%22:0,%22dn%22:30,%22dne%22:37,%22c%22:51,%22s%22:63,%22ce%22:83,%22rq%22:90,%22rp%22:271,%22rpe%22:279,%22dl%22:321,%22di%22:411,%22ds%22:610,%22de%22:610,%22dc%22:612,%22l%22:612,%22le%22:614%7D,%22navigation%22:%7B%7D%7D&fcp=552&at=ShRRRwtNSxk%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/a53393d12f?a=453137&v=1216.487a282&to=ZlNSMUNXWBcFW0FRCV8ZcQZFX1kKS3lFSDp5QkQVbXVZChBKWlQKVERDOXRbVAEAe1pWEkNZXAlURHYXDFdCbRVURHUIU1NS&rst=740&ck=1&ref=https://snapwidget.com/embed/956730&ap=56&be=332&fe=613&dc=610&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662044296964,%22n%22:0,%22f%22:0,%22dn%22:30,%22dne%22:37,%22c%22:51,%22s%22:63,%22ce%22:83,%22rq%22:90,%22rp%22:271,%22rpe%22:279,%22dl%22:321,%22di%22:411,%22ds%22:610,%22de%22:610,%22dc%22:612,%22l%22:612,%22le%22:614%7D,%22navigation%22:%7B%7D%7D&fcp=552&at=ShRRRwtNSxk%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 516a128bb6000ca8154792678f4333fb
41d0257bea96afd36c6f3e40fcfdc9ca247f8e01
9fa62b52f24b87a40410fe842cb9be494abed114a2eac2eb406c8b4a4d372d10
GET /1/a53393d12f?a=453137&v=1216.487a282&to=ZlNSMUNXWBcFW0FRCV8ZcQZFX1kKS3lFSDp5QkQVbXVZChBKWlQKVERDOXRbVAEAe1pWEkNZXAlURHYXDFdCbRVURHUIU1NS&rst=740&ck=1&ref=https://snapwidget.com/embed/956730&ap=56&be=332&fe=613&dc=610&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662044296964,%22n%22:0,%22f%22:0,%22dn%22:30,%22dne%22:37,%22c%22:51,%22s%22:63,%22ce%22:83,%22rq%22:90,%22rp%22:271,%22rpe%22:279,%22dl%22:321,%22di%22:411,%22ds%22:610,%22de%22:610,%22dc%22:612,%22l%22:612,%22le%22:614%7D,%22navigation%22:%7B%7D%7D&fcp=552&at=ShRRRwtNSxk%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:58:18 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 743edd005f750b61-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=47c00d276634b8a9; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 414ff8012191c933c8e899d8747fc7e4
e27ebe1c5805da5ad35c3c2103080eecde9324ac
2d7821e987f1cc3049d4d9454091f26ca2e1b3de886a8b12fde553de902c6ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1513
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 01 Sep 2022 14:58:18 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+759; expires=Sat, 31-Aug-2024 14:58:18 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Sep 2022 14:58:18 GMT
X-Firefox-Spdy: h2
pl17145447.safestgatetocontent.com/a4/04/f2/a404f2332ddb87d17a27a77c036e8826.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 pl17145447.safestgatetocontent.com/a4/04/f2/a404f2332ddb87d17a27a77c036e8826.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37118), with no line terminators
Hash c33dc840606e7b6d0cadb642bcdf8019
a9e92a7e21104eb862473d4f43b3e6be14ecaac1
4c8419d24ed0b4bb0ce1ac2536aa0ba0a1553320623a2b6013663eb1df2cc000
Analyzer Verdict Alert quad9 Sinkholed
GET /a4/04/f2/a404f2332ddb87d17a27a77c036e8826.js HTTP/1.1
Host: pl17145447.safestgatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c2ba94c3ccb6c434219de693fe9ae3cd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash b019ba472c2b1d5491e5e72c150878a2
e7e764d18764fcbf7a6d6440d740d3cbd916468e
4076ef6e1b3d631468ed0e3a567dfa4c1c4de437852eada1cc658b3640cdad69
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 14:58:18 GMT
Last-Modified: Thu, 01 Sep 2022 14:37:51 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tkPI54uTlJ-eTdeoKZ5kUAo8uAZQXyh_1Lpc9Jqug3v15iYn0HmSAA==
Age: 1227
snapwidget.com/cdn-cgi/rum?
104.26.8.123200 OK 93 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP 104.26.8.123:0
File type ASCII text, with no line terminators
Hash 02636914d385df79becd9d2ad8ade711
a1be225c3f0965e322007a9338be1890015985d6
579cdf3cd34156d881e5edd16a698a44380cbd9d56538c1c8f54ae676609ca2d
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VQICUlZUGwcFV1BRAA==
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE0NTMwNyIsImFwIjoiNDUzMTUwIiwiaWQiOiJjNTEzNDczMDdmMDA4ZGU1IiwidHIiOiI4MmZiNjAyNjgzYjRmNzRiZDk3ZjQzN2QwYmJhMTNkOSIsInRpIjoxNjYyMDQ0Mjk4NjA2fX0=
traceparent: 00-82fb602683b4f74bd97f437d0bba13d9-c51347307f008de5-01
tracestate: 145307@nr=0-1-145307-453150-c51347307f008de5----1662044298606
content-type: application/json
Content-Length: 1987
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:18 GMT
content-type: text/plain
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 743edd042df60b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.162.188200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.192.162.188:0
File type ASCII text, with no line terminators
Hash cdcede07eacee87dd14e61910c4834f8
51af1a3676814d05576fe4a256abd8c53b40eb65
8b46c5541eed7d4300884fb5bbbb362c64c2da6b437257d2d9dc6867cbf34998
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://856manuelmendezheadline.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=510c084a-7acc-439f-8b43-b8ebce2f5416:2:1; expires=Sun, 29 Aug 2032 14:58:18 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/a53393d12f?a=453137&v=1216.487a282&to=ZlNSMUNXWBcFW0FRCV8ZcQZFX1kKS3lFSDp5QkQVbXVZChBKWlQKVERDOXRbVAEAe1pWEkNZXAlURHYXDFdCbRVURHUIU1NS&rst=1513&ck=1&ref=https://snapwidget.com/embed/956730
162.247.241.14202 Accepted 24 B URL HTTP/1.1 bam.nr-data.net/events/1/a53393d12f?a=453137&v=1216.487a282&to=ZlNSMUNXWBcFW0FRCV8ZcQZFX1kKS3lFSDp5QkQVbXVZChBKWlQKVERDOXRbVAEAe1pWEkNZXAlURHYXDFdCbRVURHUIU1NS&rst=1513&ck=1&ref=https://snapwidget.com/embed/956730
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/a53393d12f?a=453137&v=1216.487a282&to=ZlNSMUNXWBcFW0FRCV8ZcQZFX1kKS3lFSDp5QkQVbXVZChBKWlQKVERDOXRbVAEAe1pWEkNZXAlURHYXDFdCbRVURHUIU1NS&rst=1513&ck=1&ref=https://snapwidget.com/embed/956730 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 60
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 202 Accepted
Date: Thu, 01 Sep 2022 14:58:19 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 743edd071ef40b61-OSL
Access-Control-Allow-Origin: https://snapwidget.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 345c982ec6af16250abc3cfceefc2aca
66711b2640ee505b079e907bbce2233cad0b687c
b3bac8ebd249787713bae59dd97a45da5d9728d2615a91fa9778c3fc20a8f1e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:19 GMT
Last-Modified: Thu, 01 Sep 2022 14:33:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d0fb1b95f7b94be9ef1083ce68f613e8
1b3f0ac78335cebc17916e4017fbb5b372e9f9b4
b63bec93dad6289679d127980b86225bd8cc8ce1912081a852684b43113c4ced
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B63BEC93DAD6289679D127980B86225BD8CC8CE1912081A852684B43113C4CED"
Last-Modified: Tue, 30 Aug 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Thu, 01 Sep 2022 17:00:12 GMT
Date: Thu, 01 Sep 2022 14:58:19 GMT
Connection: keep-alive
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash a962d0f87739de24e00e605143156fb3
a978ef353f56a962f5bf0e100d44c216fb4e040a
01cb5f8771f626c9ff31ce7c3c05901e9324801b71b47909e9cc93bde2b2e39b
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c6f7c132b2599e12f6b25d4f442f5aee
etag: "a163bf10f927a7ddf260671a306d3308"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Sep 2022 15:14:53 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: qWLQ+Hc53iTgDmBRQxVvsw==
x-fb-debug: sRb6U3SzOUGBO/x7bqg6eIJ1nhc1Ye/Y6cDqVU6zzNrDGoiI5Pk2HnELAR2hCJ3nqb3pFMUx5f7v/0KU0vKnZg==
content-length: 1684
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 14:58:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.pinimg.com/originals/fc/9e/42/fc9e4282e4b85d3e3d8ffc7df867b5be.jpg
151.101.84.84200 OK 160 kB URL HTTP/2 i.pinimg.com/originals/fc/9e/42/fc9e4282e4b85d3e3d8ffc7df867b5be.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 916x1118, components 3\012- data
Size 160 kB (160292 bytes)
Hash 5b04ce0c8957c29c62a25651cb4c4ea9
558e147e01fcdf09daa13ed867a44c1f309401a4
17404bab9a42bf2250627a37eaef5ff72003e94e78c9b3bd353833f6356fc6bc
GET /originals/fc/9e/42/fc9e4282e4b85d3e3d8ffc7df867b5be.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "5b04ce0c8957c29c62a25651cb4c4ea9"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 160292
X-Firefox-Spdy: h2
i.pinimg.com/originals/32/12/2a/32122a4001017371aac5a65b0ff48ee1.jpg
151.101.84.84200 OK 148 kB URL HTTP/2 i.pinimg.com/originals/32/12/2a/32122a4001017371aac5a65b0ff48ee1.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1079x769, components 3\012- data
Size 148 kB (148110 bytes)
Hash 80231d6326f2d74a62fd0d90773daad3
676690e426c78b30332fed3c8c1713b44fb69255
f96b62ed4760b9f963ea9ed6847656f3d1bc942b03c11024cc91eb939ecbb2dc
GET /originals/32/12/2a/32122a4001017371aac5a65b0ff48ee1.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "80231d6326f2d74a62fd0d90773daad3"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 148110
X-Firefox-Spdy: h2
i.pinimg.com/736x/b3/75/c7/b375c7a409b2c1eaafcf56ef23a110b3--lebron-james-stats-nba-finals-.jpg
151.101.84.84200 OK 152 kB URL HTTP/2 i.pinimg.com/736x/b3/75/c7/b375c7a409b2c1eaafcf56ef23a110b3--lebron-james-stats-nba-finals-.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 733x733, components 3\012- data
Size 152 kB (151738 bytes)
Hash fe11130f2e43865cc7f2bf0bea9382bb
63325e262b1547e04c3692167a3aa421ddc09e1a
c214c357c8508157c1497dcc9bf8dad96ae9d977e9a10f05fd1adc97c323b9f3
GET /736x/b3/75/c7/b375c7a409b2c1eaafcf56ef23a110b3--lebron-james-stats-nba-finals-.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "fe11130f2e43865cc7f2bf0bea9382bb"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 151738
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:56:23 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 577766850
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 345c982ec6af16250abc3cfceefc2aca
66711b2640ee505b079e907bbce2233cad0b687c
b3bac8ebd249787713bae59dd97a45da5d9728d2615a91fa9778c3fc20a8f1e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5713
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:19 GMT
Last-Modified: Thu, 01 Sep 2022 13:23:06 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10ccac828fee7cfd030265bfc57ec7dd
cb12cbb0ac38523e0946175e0efd5a15b7af5037
b884ee82d12fa8f2ec455cccf9921fefc9296367f38a1ca02fcad92069d07511
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:58:19 GMT
Last-Modified: Thu, 01 Sep 2022 13:28:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 502539da3064a6312c77ff29782ece38
1512dd1fc44ce3df5c88a1a1b38237e0c8f1ae58
e15fb978b159ba5c2429a13e8e88c25457dab65de814181df6524f68973dfece
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E15FB978B159BA5C2429A13E8E88C25457DAB65DE814181DF6524F68973DFECE"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1611
Expires: Thu, 01 Sep 2022 15:25:10 GMT
Date: Thu, 01 Sep 2022 14:58:19 GMT
Connection: keep-alive
i.pinimg.com/originals/89/07/21/8907218465952cdbf11cc2e4a34b2d0f.jpg
151.101.84.84200 OK 50 kB URL HTTP/2 i.pinimg.com/originals/89/07/21/8907218465952cdbf11cc2e4a34b2d0f.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, comment: "LEAD Technologies Inc. V1.01", progressive, precision 8, 369x450, components 3\012- data
Hash 2ea7666562f10d6fd6daced5698d900f
879d90041c3de85e1ea2f6508195d35247dd4981
8b10da3a40182e86ef6afa766316d62ca51e1ab23b53b50f33531fe15e9e3de0
GET /originals/89/07/21/8907218465952cdbf11cc2e4a34b2d0f.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "2ea7666562f10d6fd6daced5698d900f"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 50076
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.232200 OK 67 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.232:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 03f28cd452d29c62d85f80d250cdc531
03cd9439f6457d7fcd9d1abed507379ce3c980b2
c809c77ce8917ea8e0d2b21c9f1d5cdc81fee5a4a2c6833139ddb30cc3f43242
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:18 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: eae048daec1ffe81b78c8b231b699f0b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 14:58:18 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0U9SgHCDCq%2FC9Pj%2Bsn4n9TVLH%2BG9UJR81pXzd1YAGFewIFrrbOkGVieOEGmAfllR6hx9W%2BYDg1Lx95%2BIw%2FYEAYcssNbba85w2l0RYRK4qmpNnpbqVrbMlOBzwOrzDZSwmhHrOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd033cc476cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.pinimg.com/originals/26/d1/b5/26d1b53e466d8220af78e5c6a02d00d7.jpg
151.101.84.84200 OK 171 kB URL HTTP/2 i.pinimg.com/originals/26/d1/b5/26d1b53e466d8220af78e5c6a02d00d7.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, progressive, precision 8, 1242x1228, components 3\012- data
Size 171 kB (170632 bytes)
Hash 34cb23f894e962ab4038186205c3c095
0533b4df305d4b60e12de2ea9ae8c83e3b4d7df6
de7209162d5da45e7199dcc63351c73c1086bb44caad5e67c6832c76531fff13
GET /originals/26/d1/b5/26d1b53e466d8220af78e5c6a02d00d7.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "34cb23f894e962ab4038186205c3c095"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 170632
X-Firefox-Spdy: h2
i.pinimg.com/originals/a7/83/5e/a7835e5a6c55e38ae42dee11469da9ba.jpg
151.101.84.84200 OK 232 kB URL HTTP/2 i.pinimg.com/originals/a7/83/5e/a7835e5a6c55e38ae42dee11469da9ba.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1300, components 3\012- data
Size 232 kB (232017 bytes)
Hash 8cab8ad034651457772c1f1866849085
99c5086577be942aba8069ff31786b1ad4cc7dee
09aff6ccf2ef2250bc1447ff0df206f2f056965e73d11f56618602cc26460e46
GET /originals/a7/83/5e/a7835e5a6c55e38ae42dee11469da9ba.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "8cab8ad034651457772c1f1866849085"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 232017
X-Firefox-Spdy: h2
i.pinimg.com/originals/0a/9b/4e/0a9b4e448033e37791e39f5ac735c3e7.jpg
151.101.84.84200 OK 143 kB URL HTTP/2 i.pinimg.com/originals/0a/9b/4e/0a9b4e448033e37791e39f5ac735c3e7.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1350, components 3\012- data
Size 143 kB (142917 bytes)
Hash b8776fe56f87e3faa35da959756dd7cb
ec978289925e5c105da0e6653d61e5dc0b66aec0
27f507edc7a6199fc5f90fb1e12ca6a8a2a8736defaa2059e337987777fb8b48
GET /originals/0a/9b/4e/0a9b4e448033e37791e39f5ac735c3e7.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "b8776fe56f87e3faa35da959756dd7cb"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 142917
X-Firefox-Spdy: h2
i.pinimg.com/originals/6a/65/c6/6a65c615b7917d8af9d7a1361b694dbe.jpg
151.101.84.84200 OK 235 kB URL HTTP/2 i.pinimg.com/originals/6a/65/c6/6a65c615b7917d8af9d7a1361b694dbe.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1109x1334, components 3\012- data
Size 235 kB (234561 bytes)
Hash 1bbb859322453d2e11ba9735cd96b064
f9fe5f1ac54ff8f73b6355df49c75ff1922e8949
da4c30669ef7364ce7666f786308d265720403127f2a6e0abbb1938995cc94e9
GET /originals/6a/65/c6/6a65c615b7917d8af9d7a1361b694dbe.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "1bbb859322453d2e11ba9735cd96b064"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 234561
X-Firefox-Spdy: h2
i.pinimg.com/originals/f8/2c/36/f82c36b1435a82287a0e345ac755ee64.jpg
151.101.84.84200 OK 125 kB URL HTTP/2 i.pinimg.com/originals/f8/2c/36/f82c36b1435a82287a0e345ac755ee64.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1000x1000, components 3\012- data
Size 125 kB (125269 bytes)
Hash 65353aa4da5ffe2537c54e5268e8c019
67082b1339bdbc5407e6683a6696da3d0ebefd39
65a2bc3e0d551e2a72c8f6f8d644fe1b9ed814df823e954280178d034d170f22
GET /originals/f8/2c/36/f82c36b1435a82287a0e345ac755ee64.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "65353aa4da5ffe2537c54e5268e8c019"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 125269
X-Firefox-Spdy: h2
thepeoplesperson.com/wp-content/uploads/2022/06/lisandro-martinez-argentina-v-estonia-international-friendly-min.jpg
141.193.213.10200 OK 46 kB URL HTTP/2 thepeoplesperson.com/wp-content/uploads/2022/06/lisandro-martinez-argentina-v-estonia-international-friendly-min.jpg
IP 141.193.213.10:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x703, components 3\012- data
Hash 74fb124516d95691220ede16871e6f71
2c98496e8db4c941c6d90e46711ae747beb9f06a
f1bdf1d3366adfdf8e56b31ab317a5225966869897f68926e5d114aed4a7617b
GET /wp-content/uploads/2022/06/lisandro-martinez-argentina-v-estonia-international-friendly-min.jpg HTTP/1.1
Host: thepeoplesperson.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:19 GMT
content-type: image/jpeg
content-length: 45629
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "62b33433-b23d"
last-modified: Wed, 22 Jun 2022 15:24:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 25655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADQ6x86tWzOIRDv1W7V5munF0gVpBXxY7uqXvyfYoz%2F%2FiVj7bC5ZO8OycRjJ%2BSKOUU8QnvNPxIkKqdZ8RK8qustMUm3DnYK5%2FWFcFCtbeqSTr%2FcnwTsCI%2B0T9HhPq2pJ%2FfPHbPFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 743edd0acf78b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.pinimg.com/originals/6b/0d/e4/6b0de4b1b1c392239f5c9684f73c47f8.jpg
151.101.84.84200 OK 136 kB URL HTTP/2 i.pinimg.com/originals/6b/0d/e4/6b0de4b1b1c392239f5c9684f73c47f8.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x858, components 3\012- data
Size 136 kB (136404 bytes)
Hash 6a508445b4f6bea06a064f4872fe937e
eccc9c7121152b20e5bbf19aa05397945b470aec
ca92089a0567a119d0ea5cd01044d3b735e3228a25b9ea9f07a6fa4b0cf88226
GET /originals/6b/0d/e4/6b0de4b1b1c392239f5c9684f73c47f8.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "6a508445b4f6bea06a064f4872fe937e"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:19 GMT
content-length: 136404
X-Firefox-Spdy: h2
icdn.caughtoffside.com/wp-content/uploads/2022/08/7-ronaldo-man-u-brighton.jpg
172.67.73.193200 OK 132 kB URL HTTP/2 icdn.caughtoffside.com/wp-content/uploads/2022/08/7-ronaldo-man-u-brighton.jpg
IP 172.67.73.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x780, components 3\012- data
Size 132 kB (131661 bytes)
Hash ace6ad2616c775a701cddf6ca6081b39
83ea095d7a05f2d2536c88821279fbcdc2247f97
831c7816384c7126f1fc0e198ad50e3fe4c1de8fb1b64debe49c23a832970f87
GET /wp-content/uploads/2022/08/7-ronaldo-man-u-brighton.jpg HTTP/1.1
Host: icdn.caughtoffside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:20 GMT
content-type: image/jpeg
content-length: 131661
x-guploader-uploadid: ADPycdtKk3odFdFddca-zQwOc8OAyvy_FU5e1ooRpsnKtKITgrPbzydK7USmO5P6VX_torEHK1NEU0VQwojfTvhuob9hgj896yeU
cache-control: max-age=31536000
expires: Fri, 01 Sep 2023 14:58:19 GMT
last-modified: Mon, 08 Aug 2022 06:33:08 GMT
etag: "ace6ad2616c775a701cddf6ca6081b39"
x-goog-generation: 1659940388011428
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 131661
x-goog-hash: crc32c=dCW+ZA==, md5=rOatJhbHdacBzd9spggbOQ==
x-goog-storage-class: MULTI_REGIONAL
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMLT09WHx%2BYBUqant8UpJR3G3ykUBsYeSBecA6GT2n2GcueGTxN1fPZlRtrgz095E%2FUxUK7spGt2vH%2Bw5Zk4cwN6w8ev%2FnwltbJQWPM76aWxNPHFn1uv5jg4GmGWH29Y0sHl8m9EQPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd0a8f031c02-OSL
X-Firefox-Spdy: h2
i2-prod.mirror.co.uk/incoming/article27154833.ece/ALTERNATES/s1200d/0_MAIN-Man-Utd-TLB.jpg
143.204.55.9200 OK 161 kB URL HTTP/2 i2-prod.mirror.co.uk/incoming/article27154833.ece/ALTERNATES/s1200d/0_MAIN-Man-Utd-TLB.jpg
IP 143.204.55.9:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x675, components 3\012- data
Size 161 kB (160779 bytes)
Hash 593202c76257427920d306cd863186b0
1ffafe10e7faeebc5c25e88589cd9978e297849b
a9ae4f7151f44e8c8cd97581bdc24c16115bece5c31340a4e0b89efb98855320
GET /incoming/article27154833.ece/ALTERNATES/s1200d/0_MAIN-Man-Utd-TLB.jpg HTTP/1.1
Host: i2-prod.mirror.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 160779
date: Thu, 01 Sep 2022 14:58:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self';
access-control-allow-origin: *
last-modified: Mon, 06 Jun 2022 06:21:42 GMT
access-control-allow-headers: X-Requested-With
x-removedcookies: YES
cache-control: max-age=2592000
x-varnish: 419366487
x-served-by: nat-cache302.tm-aws.com
via: 1.1 varnish, 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GFuK1kCS6UBCr5a3wAiDphBt-YxLOde2xCjfNi64hhHCkv8STw9Gww==
X-Firefox-Spdy: h2
i.pinimg.com/originals/49/fb/e8/49fbe8f391cae968473603c9d02381c2.png
151.101.84.84200 OK 698 kB URL HTTP/2 i.pinimg.com/originals/49/fb/e8/49fbe8f391cae968473603c9d02381c2.png
IP 151.101.84.84:0
File type PNG image data, 720 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 698 kB (698485 bytes)
Hash 68c5c941fd5750ba42b3a517e5a148fd
b6410b8a826e69ecbb03c4437e2dedd915a27288
0b8f4970c0ea38a48d4e574e57527bb7acac472fe9b56383cc65cd06bda0d0a7
GET /originals/49/fb/e8/49fbe8f391cae968473603c9d02381c2.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "68c5c941fd5750ba42b3a517e5a148fd"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Thu, 01 Sep 2022 14:58:20 GMT
content-length: 698485
X-Firefox-Spdy: h2
icdn.caughtoffside.com/wp-content/uploads/2022/03/romano-rashford-varane-mctominay.jpg
172.67.73.193200 OK 203 kB URL HTTP/2 icdn.caughtoffside.com/wp-content/uploads/2022/03/romano-rashford-varane-mctominay.jpg
IP 172.67.73.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x760, components 3\012- data
Size 203 kB (202845 bytes)
Hash 892ef3055de2d3f7dc0c26a359ae8015
c065b4e56fa0a340a2a73574600381ecb17eb0ab
399bbf3c4230227ef0ccd32e65e87dfe341b0f3107598e998131c2d70899b0bd
GET /wp-content/uploads/2022/03/romano-rashford-varane-mctominay.jpg HTTP/1.1
Host: icdn.caughtoffside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:20 GMT
content-type: image/jpeg
content-length: 202845
x-guploader-uploadid: ADPycdvY_wCKwUaLRLZyFds8MLNlKEKN6p1wRv9Xcq1ZsFHbmyuSSRJYTTJQiicjg9nYWHMX1qoWCE4Ze-MspUOX3CJaw7aKrsLV
cache-control: max-age=31536000
expires: Fri, 01 Sep 2023 14:58:19 GMT
last-modified: Tue, 08 Mar 2022 11:09:12 GMT
etag: "892ef3055de2d3f7dc0c26a359ae8015"
x-goog-generation: 1646737752251838
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 202845
x-goog-hash: crc32c=WPYHIQ==, md5=iS7zBV3i0/fcDCajWa6AFQ==
x-goog-storage-class: MULTI_REGIONAL
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7EYSSbcDjOb0kT%2Bkb6TLXUdc0xuqCyvUz0eD8zO%2Fas%2B%2BClde%2Bsl1pdgbhmG4LgYGzVk7FR2mtDPwITIDAnhQLCFAIijkijoxZjlKsH8KYVHU9qE5wSom4rRsu0V9Iz1bY6jcRnqf9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd0a8efe1c02-OSL
X-Firefox-Spdy: h2
icdn.caughtoffside.com/wp-content/uploads/2022/07/ten-hag-romano-man-united-training.jpg
172.67.73.193200 OK 171 kB URL HTTP/2 icdn.caughtoffside.com/wp-content/uploads/2022/07/ten-hag-romano-man-united-training.jpg
IP 172.67.73.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x760, components 3\012- data
Size 171 kB (171063 bytes)
Hash 71b3ddb995c4749564d4bc63dfcd732a
c9e815058296dc2dc45369301e460cc9e0a51373
4eb835cb99b1558cbecc38804e774334aaa15efb30c7aa17a89e01849f9cffef
GET /wp-content/uploads/2022/07/ten-hag-romano-man-united-training.jpg HTTP/1.1
Host: icdn.caughtoffside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:20 GMT
content-type: image/jpeg
content-length: 171063
x-guploader-uploadid: ADPycdv-qago8q-f4M5InZIwNMwqa6BRnqCjPZatqmWwLx0bKUuKEpbz7qT2st46n2a1n2fWndw1LrtM838V_AdYXy8b5Q
cache-control: max-age=31536000
expires: Fri, 01 Sep 2023 14:58:20 GMT
last-modified: Wed, 27 Jul 2022 08:50:22 GMT
etag: "71b3ddb995c4749564d4bc63dfcd732a"
x-goog-generation: 1658911822052689
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 171063
x-goog-hash: crc32c=Untxlw==, md5=cbPduZXEdJVk1Lxj381zKg==
x-goog-storage-class: MULTI_REGIONAL
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L87IqTiGJzmzXTayAoBDxDLKrgbe930OnJsUG%2B61shx4sHXvkZZPM3RFmuRcu9smdhhpu108Klq%2FehpdBhilCPwsm1mzlhdCVIRT%2FDhIgMN1ynUs5JMrQ5QY4YYHnO6dkjJNFpi1raM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd0a8f011c02-OSL
X-Firefox-Spdy: h2
falconisleclip.com/sbar.json?key=a404f2332ddb87d17a27a77c036e8826
192.243.61.225200 OK 4.1 kB URL HTTP/1.1 falconisleclip.com/sbar.json?key=a404f2332ddb87d17a27a77c036e8826
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5581), with no line terminators
Hash f7f5618c68f0c34b4df2cc9ae14a6adb
56dbbb8e6dcbb05aedd1d9fa7ca384b0a08c4617
61f5886f13f3469312dc8544b3ca280b8ce21d8826c2d50a73c17de0fc8b16ec
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a404f2332ddb87d17a27a77c036e8826 HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:20 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://856manuelmendezheadline.blogspot.com
Access-Control-Allow-Origin: https://856manuelmendezheadline.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17044948; expires=Fri, 02 Sep 2022 14:58:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Sep 2022 14:58:20 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Sep 2022 14:58:20 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 02 Sep 2022 14:58:20 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 02 Sep 2022 14:58:20 GMT; secure; SameSite=None
sleca404f2332ddb87d17a27a77c036e8826=[3364848]; expires=Thu, 01 Sep 2022 14:58:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da82e8fd82621c0aae6842b779b7d821
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
connect.facebook.net/en_US/sdk.js?hash=078a5a8a499cdf7fb081b38eade0c705
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=078a5a8a499cdf7fb081b38eade0c705
IP 31.13.72.12:0
File type ASCII text, with very long lines (17698)
Hash c326a3ef58960e2b5e170e5180953044
e817d5dea9eba464ff2f2f9d2ecfd50bdb26da76
7d827f948272450d172173ff2678e77d552e84e2c53f77d55e191d5d677d22ea
GET /en_US/sdk.js?hash=078a5a8a499cdf7fb081b38eade0c705 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e9c9bd99673d881c880604c0b4113888
etag: "b40490e2bac88897c1cbc058f0c90c25"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Sep 2023 14:07:35 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: wyaj71iWDiteFw5RgJUwRA==
x-fb-debug: 9NpIp3sHnyz71Q2WN/0PB2JUO3Okz4a1fxDZj3pfXTa8jcI2je/jg+HB2qF70BHjQeybswV152tF087OOPg6xA==
priority: u=3,i
content-length: 88109
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 14:58:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
falconisleclip.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitzs5B8KISEQVljgoy290z2z1rDsF1XVncZGOixItodVXNbLnVXU1V9fTsHGQxKDl4GP9B75vdLNEQFL0aZDYQYUHI6GUP7m9QhJw8yEwWx3zQfO%2F1e4f3fV99uVecEh8FPVm9pAdSKbq41PDrr34YBBfqGzIr%2BvV%2BO%2Fo4al2om94by1HDf63%2BjmDbejH0A98P%2FKC%2BJo3o6P7iVITM7ywHjWW%2F0QobwVILffMkt4UHSz3w3il5DpJPave985BsjCz9blXYbafz199OC0WdNujxww%2By7UyXGdI57BgPnezwzA1tH67dg84OZnGhe%2F8ZEzkh3oN7SLLDs5BIevuznImCyJDwp1H2xhBqDEnHYPoGJH9IAMZxeRNZeuuyNiXdeazSqTohtUd%2FQ5YTUvvjPLL07oqS%2Ffo1rQondWbR71SQ%2FTFkd4y8OIIbnIMsj8Dc55D8V7L4aANZur9plYbk1Wx2KceQnTGUGIJaD8X0kx6Kjoci95DykzoLgiD2OaN%2Be5mxJo9FEnE%2FoHEnoIEftVGwabwhXD4EU0Mws4vc7GJbDmGKn2G3KljuwboJ8d7bRY9XKAVBaQlKSlBKgtIRlL3qgCsb2uoWV7ZIgrMenvVmNdKuu0cPtOuKjOzlp%2BTZ6V682vO%2FY1uc1GnLb3XCZjPkPGnHPIhpGNM4Zn4zEu12GMHKCtKem406kBPywuAj5HJCaj8cI6FHsOoITC6AFi%2BDlqM49EG3Rq22j0F2120Jm1LjGiV1bAtcV8hdDW7H21On5MXZhZrX%2F4Rgxxc%2FSS5N%2Frr9D5ipkJsKn8r7BF11c3RVl2T%2Fqi4t%2BX4zdzKVAzq93jVHnVj45l2xU2rD11ft8PabbCpM4Z33hXUbNOMy61ry7YrkXJg1bZggP63b6yK5UtitlcJkRb5x5a219TQ3wlqpszGonBDy4BhMTshTPx7MHuZLX3wGacYwRYW0OCZnBamPwPJd2Hye3%2BoFGDX3JLmHsqhGJkzmP5UkUGLOaVLB%2Fo8nc7xnb6JrXgF1N5ClFXqmQk9VoGoIWyyMXG6OL%2F7WnBUS5Y0SZbz9RBn19ePlWnlSj5tNn0bLS0EcUxEnrbDdiQJOadiKwiiiTTg7Yc%2F88tW%2FAAAA%2F%2F8BAAD%2F%2F6jT%2FcRjBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 falconisleclip.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitzs5B8KISEQVljgoy290z2z1rDsF1XVncZGOixItodVXNbLnVXU1V9fTsHGQxKDl4GP9B75vdLNEQFL0aZDYQYUHI6GUP7m9QhJw8yEwWx3zQfO%2F1e4f3fV99uVecEh8FPVm9pAdSKbq41PDrr34YBBfqGzIr%2BvV%2BO%2Fo4al2om94by1HDf63%2BjmDbejH0A98P%2FKC%2BJo3o6P7iVITM7ywHjWW%2F0QobwVILffMkt4UHSz3w3il5DpJPave985BsjCz9blXYbafz199OC0WdNujxww%2By7UyXGdI57BgPnezwzA1tH67dg84OZnGhe%2F8ZEzkh3oN7SLLDs5BIevuznImCyJDwp1H2xhBqDEnHYPoGJH9IAMZxeRNZeuuyNiXdeazSqTohtUd%2FQ5YTUvvjPLL07oqS%2Ffo1rQondWbR71SQ%2FTFkd4y8OIIbnIMsj8Dc55D8V7L4aANZur9plYbk1Wx2KceQnTGUGIJaD8X0kx6Kjoci95DykzoLgiD2OaN%2Be5mxJo9FEnE%2FoHEnoIEftVGwabwhXD4EU0Mws4vc7GJbDmGKn2G3KljuwboJ8d7bRY9XKAVBaQlKSlBKgtIRlL3qgCsb2uoWV7ZIgrMenvVmNdKuu0cPtOuKjOzlp%2BTZ6V682vO%2FY1uc1GnLb3XCZjPkPGnHPIhpGNM4Zn4zEu12GMHKCtKem406kBPywuAj5HJCaj8cI6FHsOoITC6AFi%2BDlqM49EG3Rq22j0F2120Jm1LjGiV1bAtcV8hdDW7H21On5MXZhZrX%2F4Rgxxc%2FSS5N%2Frr9D5ipkJsKn8r7BF11c3RVl2T%2Fqi4t%2BX4zdzKVAzq93jVHnVj45l2xU2rD11ft8PabbCpM4Z33hXUbNOMy61ry7YrkXJg1bZggP63b6yK5UtitlcJkRb5x5a219TQ3wlqpszGonBDy4BhMTshTPx7MHuZLX3wGacYwRYW0OCZnBamPwPJd2Hye3%2BoFGDX3JLmHsqhGJkzmP5UkUGLOaVLB%2Fo8nc7xnb6JrXgF1N5ClFXqmQk9VoGoIWyyMXG6OL%2F7WnBUS5Y0SZbz9RBn19ePlWnlSj5tNn0bLS0EcUxEnrbDdiQJOadiKwiiiTTg7Yc%2F88tW%2FAAAA%2F%2F8BAAD%2F%2F6jT%2FcRjBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitzs5B8KISEQVljgoy290z2z1rDsF1XVncZGOixItodVXNbLnVXU1V9fTsHGQxKDl4GP9B75vdLNEQFL0aZDYQYUHI6GUP7m9QhJw8yEwWx3zQfO%2F1e4f3fV99uVecEh8FPVm9pAdSKbq41PDrr34YBBfqGzIr%2BvV%2BO%2Fo4al2om94by1HDf63%2BjmDbejH0A98P%2FKC%2BJo3o6P7iVITM7ywHjWW%2F0QobwVILffMkt4UHSz3w3il5DpJPave985BsjCz9blXYbafz199OC0WdNujxww%2By7UyXGdI57BgPnezwzA1tH67dg84OZnGhe%2F8ZEzkh3oN7SLLDs5BIevuznImCyJDwp1H2xhBqDEnHYPoGJH9IAMZxeRNZeuuyNiXdeazSqTohtUd%2FQ5YTUvvjPLL07oqS%2Ffo1rQondWbR71SQ%2FTFkd4y8OIIbnIMsj8Dc55D8V7L4aANZur9plYbk1Wx2KceQnTGUGIJaD8X0kx6Kjoci95DykzoLgiD2OaN%2Be5mxJo9FEnE%2FoHEnoIEftVGwabwhXD4EU0Mws4vc7GJbDmGKn2G3KljuwboJ8d7bRY9XKAVBaQlKSlBKgtIRlL3qgCsb2uoWV7ZIgrMenvVmNdKuu0cPtOuKjOzlp%2BTZ6V682vO%2FY1uc1GnLb3XCZjPkPGnHPIhpGNM4Zn4zEu12GMHKCtKem406kBPywuAj5HJCaj8cI6FHsOoITC6AFi%2BDlqM49EG3Rq22j0F2120Jm1LjGiV1bAtcV8hdDW7H21On5MXZhZrX%2F4Rgxxc%2FSS5N%2Frr9D5ipkJsKn8r7BF11c3RVl2T%2Fqi4t%2BX4zdzKVAzq93jVHnVj45l2xU2rD11ft8PabbCpM4Z33hXUbNOMy61ry7YrkXJg1bZggP63b6yK5UtitlcJkRb5x5a219TQ3wlqpszGonBDy4BhMTshTPx7MHuZLX3wGacYwRYW0OCZnBamPwPJd2Hye3%2BoFGDX3JLmHsqhGJkzmP5UkUGLOaVLB%2Fo8nc7xnb6JrXgF1N5ClFXqmQk9VoGoIWyyMXG6OL%2F7WnBUS5Y0SZbz9RBn19ePlWnlSj5tNn0bLS0EcUxEnrbDdiQJOadiKwiiiTTg7Yc%2F88tW%2FAAAA%2F%2F8BAAD%2F%2F6jT%2FcRjBAAA HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Cookie: u_pl=17044948; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca404f2332ddb87d17a27a77c036e8826=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:20 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 99c2c72ace97c988f5b5ccfc6970464b
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?4571949&@f16&@g1&@h1&@i1&@j1662044299481&@k0&@l1&@mKyrie%20Irving%20Stats%202016%20Finals&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-98128571&@b3:1662044299&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F856manuelmendezheadline.blogspot.com%2F2022%2F08%2Fkyrie-irving-stats-2016-finals.html&@w
192.99.8.34200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4571949&@f16&@g1&@h1&@i1&@j1662044299481&@k0&@l1&@mKyrie%20Irving%20Stats%202016%20Finals&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-98128571&@b3:1662044299&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F856manuelmendezheadline.blogspot.com%2F2022%2F08%2Fkyrie-irving-stats-2016-finals.html&@w
IP 192.99.8.34:0
File type ASCII text, with no line terminators
Hash 24a69b0548405ad6c6a3791d545649f0
622cab141ca3fcc46a57a1736b045aa5ab0e7ac1
2c135578aa5b16ade5ed52b443885998788c3baa14e52b21cc42413a8397ae55
GET /stats/0.php?4571949&@f16&@g1&@h1&@i1&@j1662044299481&@k0&@l1&@mKyrie%20Irving%20Stats%202016%20Finals&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-98128571&@b3:1662044299&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F856manuelmendezheadline.blogspot.com%2F2022%2F08%2Fkyrie-irving-stats-2016-finals.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:58:20 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c0c3b533df38be7bdfbd8b8246b48c2
8fa1977230e302c4d0df2482eb22d9202a7cf961
2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4003
Expires: Thu, 01 Sep 2022 16:05:03 GMT
Date: Thu, 01 Sep 2022 14:58:20 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c0c3b533df38be7bdfbd8b8246b48c2
8fa1977230e302c4d0df2482eb22d9202a7cf961
2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4003
Expires: Thu, 01 Sep 2022 16:05:03 GMT
Date: Thu, 01 Sep 2022 14:58:20 GMT
Connection: keep-alive
falconisleclip.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=628
192.243.61.225200 OK 0 B URL HTTP/1.1 falconisleclip.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=628
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=628 HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Cookie: u_pl=17044948; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca404f2332ddb87d17a27a77c036e8826=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
104.21.51.177200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP 104.21.51.177:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:21 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2523243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBK8tJByQgkZxRLZXlN3fGrtRF7Xp07HpkABJVLxFHmVjz%2F5qDEbstJAVKp0Cjq0oSPvvjcO9baSExaUddfozimMne%2F0cdDYmEJgfiqdh6aUuXbnmOzvN1V9cJuxPea9Mhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd121db01c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
104.21.51.177200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
IP 104.21.51.177:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:21 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2523243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20%2BFBuPVobKxWpcouYVUV39%2BKAT80mejjeScOQUqM2NHM7JpjeiMUMOTg8EGRuUxI10RoWryt%2FozQOTH9ZagRV8f8ysNnuhWbSFaMNcg%2F2rFdIyWo3mUG%2FKel1clxsASR8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd120dab1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
104.21.51.177200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP 104.21.51.177:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:21 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2523243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I17QGSsoPApepXBc1A5zF4%2FfPrtYBMEM0zj7jqmS9RlXBuexB3pjVXmvpQVHStQ9k4%2B5CoX80Tv2L19Y%2BZAD0jx8za3gki%2Fe1dh2AlCtqcClXpA9IMJ32vBJyZLQilyRD28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd121db81c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
104.21.51.177200 OK 157 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP 104.21.51.177:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 157 kB (157252 bytes)
Hash 70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:21 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2523243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2Fjt26ajPHVB%2FWdZ62RX8r0ZtKPZ0sZOM9zV90bwnQOrRHuRHk%2FWNFLjNLJQcGa0GTwOCMHOFT7K82gWKA9QKFwNSj4XSTi0G1KmfGucRzUCmzeLH%2FXKrzg7S3wZ9yIBhxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd121db91c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c0c3b533df38be7bdfbd8b8246b48c2
8fa1977230e302c4d0df2482eb22d9202a7cf961
2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Thu, 01 Sep 2022 16:05:03 GMT
Date: Thu, 01 Sep 2022 14:58:21 GMT
Connection: keep-alive
falconisleclip.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=344
192.243.61.225200 OK 660 B URL HTTP/1.1 falconisleclip.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=344
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, max compression\012- data
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=344 HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Cookie: u_pl=17044948; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca404f2332ddb87d17a27a77c036e8826=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
falconisleclip.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=364
192.243.61.225200 OK 0 B URL HTTP/1.1 falconisleclip.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=364
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=364 HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Cookie: u_pl=17044948; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca404f2332ddb87d17a27a77c036e8826=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8301b9221d40e96963ee39828cebcf0
e5822caa4549b551baf97b504a53bfa4a8baf3d3
ad1dfa54fd1f7633f8ade0ca283f072f5705d51111971b6a23132c6fea75d33e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD1DFA54FD1F7633F8ADE0CA283F072F5705D51111971B6A23132C6FEA75D33E"
Last-Modified: Wed, 31 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18518
Expires: Thu, 01 Sep 2022 20:06:59 GMT
Date: Thu, 01 Sep 2022 14:58:21 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
104.21.51.177200 OK 2.6 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
IP 104.21.51.177:0
Hash 4c3a44c2f6845153b36f558a25cda34b
0c3f0a1a4d3526d843a370271b8fcdc17cf568ea
56201b1ecf3b02dd22959536327a78600e7d87b8ed2ca3a5432e44231a120576
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:21 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynh7SJO0LrSUWvn0l1p7NUEGFdadEF8EDrkVb9HSLs256bva5ZZmL%2BrWzko1iMV1wTQmFkAjIoE%2F6oQVwrrhlxNrEj7O7UVIiIRFJeGLtomIHdy%2FrjAw0JfPph756W9f6Ms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd10fc9b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=510c084a-7acc-439f-8b43-b8ebce2f5416&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a404f2332ddb87d17a27a77c036e8826&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=510c084a-7acc-439f-8b43-b8ebce2f5416&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a404f2332ddb87d17a27a77c036e8826&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=510c084a-7acc-439f-8b43-b8ebce2f5416&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a404f2332ddb87d17a27a77c036e8826&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Sep 2022 14:58:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ce105e1308efb90d3fbab774f360d4bc
Strict-Transport-Security: max-age=0; includeSubdomains
falconisleclip.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r5mF4EalIgrKLBVk8t7MZGZiF8UYI8G0qa1SN6L310yuue%2Fdx733zZvMQoJF6cLF%2BB%2B8nEkaqqUourXIpFAhIPTpJgvzNyhCVy5kpsGxHzy%2Bc945i%2FN93%2F1yLzslITJ6snrJDJXWdHGpFlZf%2FTCKLlQ3VJINqoNO6%2BNW80LV9t9YbtXC16rvSL5tFuthFIZRGFXXlJVdM1icilDpneWothzWmvVatNTEwD7JXRbA0QCif0qegxJl5X5wHopPkMTfrUq37U36%2Bttxpqk3Fn1x%2BEGynZg8QTyHXRugmxyeuWHcw7V7MMnBLC5M%2Fz8jUyUJHtwDSw7PQoL192c5mYZMwMTTyPsTSD2BohNwcwNKPCQAF7i8iSS%2BddnYnO48VulULUnl0d9QeUkqf5xHEt9d0WpQvWZ05pVJHAbdAmowgepNkGZH8MNzUPkRuP8cSvxKFh9tIIn3N502UKKYza7UBKo7gZYjUBcgm34qQNYNkKUBYnFS5VEUtUPBadhZ5rwh2pK1RBjRdjeiUdjqIOPTeCP4dASuR%2BB2F6ndxbYawWY%2Fw20VcCKA8yUJ3ttFXxTIJUHuCHJKkCuC3BPk%2FeJAaFd3xS2hXcais14%2F641ibHxvjx4Y35MJ2UtPybPTvQSV53%2FHtjyp0mbY7NYbjboQrNMWUZvW27Td5mGjJTudegtOFVDu3GzUoSrJC8OPkKqSVH44BqNHcPoIXC2AZi%2BD5uN2PQTdGjc7IYbJXb8lXUytr%2BXU8y0IUyD1FfidYE%2BfkhdnF2pc%2FxOSH1%2F8hF0q%2F7r9D7gtkNoCn6r7BD19c3zV5GT%2Fqskd%2BX4z9SpWQzq93jVPvVz45l25kxsr1lfd6PabfCpM4Z33pfMbNBEq6Tny7YoSQto1Y7kkP62765JdydzWSmaTLN248tbaepxa6ZwyyQRUlYQ8OAZXJXnqx4PZw3zpi8%2Bg7AQ2KxBnx%2BSsoMwReLoLl87zO7MAq%2BcelgbIs2Js62z%2BUysCLeecsgLuf5zN8Z67iZ59BdTfQBIX6NsCfV2A6hFctjD2qT2%2B%2BFtjVmA6GDNtg32mrf768XKdOqk2QtFmsivbTDaXml3JBVtaYiHvctYQnQ6HdyV%2F5pev%2FgUAAP%2F%2FAQAA%2F%2F8oBygsYwQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 falconisleclip.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r5mF4EalIgrKLBVk8t7MZGZiF8UYI8G0qa1SN6L310yuue%2Fdx733zZvMQoJF6cLF%2BB%2B8nEkaqqUourXIpFAhIPTpJgvzNyhCVy5kpsGxHzy%2Bc945i%2FN93%2F1yLzslITJ6snrJDJXWdHGpFlZf%2FTCKLlQ3VJINqoNO6%2BNW80LV9t9YbtXC16rvSL5tFuthFIZRGFXXlJVdM1icilDpneWothzWmvVatNTEwD7JXRbA0QCif0qegxJl5X5wHopPkMTfrUq37U36%2Bttxpqk3Fn1x%2BEGynZg8QTyHXRugmxyeuWHcw7V7MMnBLC5M%2Fz8jUyUJHtwDSw7PQoL192c5mYZMwMTTyPsTSD2BohNwcwNKPCQAF7i8iSS%2BddnYnO48VulULUnl0d9QeUkqf5xHEt9d0WpQvWZ05pVJHAbdAmowgepNkGZH8MNzUPkRuP8cSvxKFh9tIIn3N502UKKYza7UBKo7gZYjUBcgm34qQNYNkKUBYnFS5VEUtUPBadhZ5rwh2pK1RBjRdjeiUdjqIOPTeCP4dASuR%2BB2F6ndxbYawWY%2Fw20VcCKA8yUJ3ttFXxTIJUHuCHJKkCuC3BPk%2FeJAaFd3xS2hXcais14%2F641ibHxvjx4Y35MJ2UtPybPTvQSV53%2FHtjyp0mbY7NYbjboQrNMWUZvW27Td5mGjJTudegtOFVDu3GzUoSrJC8OPkKqSVH44BqNHcPoIXC2AZi%2BD5uN2PQTdGjc7IYbJXb8lXUytr%2BXU8y0IUyD1FfidYE%2BfkhdnF2pc%2FxOSH1%2F8hF0q%2F7r9D7gtkNoCn6r7BD19c3zV5GT%2Fqskd%2BX4z9SpWQzq93jVPvVz45l25kxsr1lfd6PabfCpM4Z33pfMbNBEq6Tny7YoSQto1Y7kkP62765JdydzWSmaTLN248tbaepxa6ZwyyQRUlYQ8OAZXJXnqx4PZw3zpi8%2Bg7AQ2KxBnx%2BSsoMwReLoLl87zO7MAq%2BcelgbIs2Js62z%2BUysCLeecsgLuf5zN8Z67iZ59BdTfQBIX6NsCfV2A6hFctjD2qT2%2B%2BFtjVmA6GDNtg32mrf768XKdOqk2QtFmsivbTDaXml3JBVtaYiHvctYQnQ6HdyV%2F5pev%2FgUAAP%2F%2FAQAA%2F%2F8oBygsYwQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r5mF4EalIgrKLBVk8t7MZGZiF8UYI8G0qa1SN6L310yuue%2Fdx733zZvMQoJF6cLF%2BB%2B8nEkaqqUourXIpFAhIPTpJgvzNyhCVy5kpsGxHzy%2Bc945i%2FN93%2F1yLzslITJ6snrJDJXWdHGpFlZf%2FTCKLlQ3VJINqoNO6%2BNW80LV9t9YbtXC16rvSL5tFuthFIZRGFXXlJVdM1icilDpneWothzWmvVatNTEwD7JXRbA0QCif0qegxJl5X5wHopPkMTfrUq37U36%2Bttxpqk3Fn1x%2BEGynZg8QTyHXRugmxyeuWHcw7V7MMnBLC5M%2Fz8jUyUJHtwDSw7PQoL192c5mYZMwMTTyPsTSD2BohNwcwNKPCQAF7i8iSS%2BddnYnO48VulULUnl0d9QeUkqf5xHEt9d0WpQvWZ05pVJHAbdAmowgepNkGZH8MNzUPkRuP8cSvxKFh9tIIn3N502UKKYza7UBKo7gZYjUBcgm34qQNYNkKUBYnFS5VEUtUPBadhZ5rwh2pK1RBjRdjeiUdjqIOPTeCP4dASuR%2BB2F6ndxbYawWY%2Fw20VcCKA8yUJ3ttFXxTIJUHuCHJKkCuC3BPk%2FeJAaFd3xS2hXcais14%2F641ibHxvjx4Y35MJ2UtPybPTvQSV53%2FHtjyp0mbY7NYbjboQrNMWUZvW27Td5mGjJTudegtOFVDu3GzUoSrJC8OPkKqSVH44BqNHcPoIXC2AZi%2BD5uN2PQTdGjc7IYbJXb8lXUytr%2BXU8y0IUyD1FfidYE%2BfkhdnF2pc%2FxOSH1%2F8hF0q%2F7r9D7gtkNoCn6r7BD19c3zV5GT%2Fqskd%2BX4z9SpWQzq93jVPvVz45l25kxsr1lfd6PabfCpM4Z33pfMbNBEq6Tny7YoSQto1Y7kkP62765JdydzWSmaTLN248tbaepxa6ZwyyQRUlYQ8OAZXJXnqx4PZw3zpi8%2Bg7AQ2KxBnx%2BSsoMwReLoLl87zO7MAq%2BcelgbIs2Js62z%2BUysCLeecsgLuf5zN8Z67iZ59BdTfQBIX6NsCfV2A6hFctjD2qT2%2B%2BFtjVmA6GDNtg32mrf768XKdOqk2QtFmsivbTDaXml3JBVtaYiHvctYQnQ6HdyV%2F5pev%2FgUAAP%2F%2FAQAA%2F%2F8oBygsYwQAAA%3D%3D HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Cookie: u_pl=17044948; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca404f2332ddb87d17a27a77c036e8826=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f984f98058743a9a53577d4c16bc18c
Strict-Transport-Security: max-age=0; includeSubdomains
falconisleclip.com/pixel/sbs?c=1
192.243.61.225200 OK 0 B URL HTTP/1.1 falconisleclip.com/pixel/sbs?c=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Cookie: u_pl=17044948; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca404f2332ddb87d17a27a77c036e8826=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 14:58:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
snapwidget.com/embed/956730
104.26.8.123200 OK 0 B URL HTTP/2 snapwidget.com/embed/956730
IP 104.26.8.123:0
GET /embed/956730 HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=300
expires: Thu, 01 Sep 2022 15:00:17 GMT
x-robots-tag: all
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 14:56:16 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkXVFU5xoj5JW2z0ec08AlcBaqq7MhAhZBl27ibSSkd5t0HTmUJ37v1sjCMv%2FKcGymz%2FLkwwvHjhfmKkdNJ5Ak3eg7XDwAfDJAYDSnNvPrduQmNFgAl6rK0frIeZZftz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfa6a4e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
104.26.8.123200 OK 0 B URL HTTP/2 snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css
IP 104.26.8.123:0
GET /stylesheets/embed.style.min.307799cd3bc5b2ee.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=15975
etag: W/"62f0b6a9-3e67"
last-modified: Mon, 08 Aug 2022 07:09:29 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 716819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPMHCDmGxKxrwj7tvyatNJxRumFVLmimkmDFELWqCjcln3hrONk89mk8XSdzN9HdpsqITv%2F5NkRKuXJlakl24JuQJLiJMBUPtGEOcxo%2FyoO5w1b9YsNetUFCLxOSaEuA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfbfc240b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
snapwidget.com/stylesheets/embed.grid.min.4069f6f840f9102b.css
104.26.8.123200 OK 0 B URL HTTP/2 snapwidget.com/stylesheets/embed.grid.min.4069f6f840f9102b.css
IP 104.26.8.123:0
GET /stylesheets/embed.grid.min.4069f6f840f9102b.css HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/css
cf-bgj: minify
etag: W/"63034249-899"
last-modified: Mon, 22 Aug 2022 08:46:01 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 716798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlTGwFjSvCtDfOK6Bin8ztXYFkmFXetvSUrvmzAbkvc4AdtVaWqGlQygr27HPVZGTyls2VZJfi4W2yvmuqEIqiDrbPXywINP35VZWLhYcycj5ilMLAWphfEQBkCqa5c%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfbfc280b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
snapwidget.com/js/embed.main.min.b61fafc5de1ae792.js
104.26.8.123200 OK 0 B URL HTTP/2 snapwidget.com/js/embed.main.min.b61fafc5de1ae792.js
IP 104.26.8.123:0
GET /js/embed.main.min.b61fafc5de1ae792.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"63034249-b2e"
last-modified: Mon, 22 Aug 2022 08:46:01 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 249931
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ywphw5w9lk2frVi82fqB9faLuKyPwE2wKlxivnsH0MT%2Bx3jFeznB%2Fbn73NbvomJoNDQmw%2B1kjTlStUzVfdsKCN0b0uInILFwvExknQ5vDsPU7xJK%2BJpJWjV0WhQwSkrV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 743edcfbfc300b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
104.21.51.177200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP 104.21.51.177:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:21 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2523243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHHxpdEdUTTsL1DS0MUuKXp2Gkai3FnfQcXHv0xhMGyfJP7VqXgU6F8dl05%2FoY5KA7JvpgWLYsBuoQZ3fl2093Un4SyUN9Hb44FwYXEqcEdx2dRlAbdHbSK0btPcDK7EPlQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd121dbc1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 7491051
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 743edcf8894d0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/7633942688732970368?po=1684704121640106461&hl=en&skin=contempo&blogspotRpcToken=2438876
216.58.207.201200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/7633942688732970368?po=1684704121640106461&hl=en&skin=contempo&blogspotRpcToken=2438876
IP 216.58.207.201:0
GET /comment/frame/7633942688732970368?po=1684704121640106461&hl=en&skin=contempo&blogspotRpcToken=2438876 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Sep 2022 14:58:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-8nqR_YSK31x7rWaJylZegA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=IDeawCHrGUSUK2CZh4R_f5NsL0WDUVNor0LptjO97Xv1dSzF-6H1858aalKPaIw5YqaxkLm9dCgK_AT9a5nNn9Gy1P43_7YeAMDCfLXZgJY8jvyNDPT-bJc1r7z6tLw6QrX5_Ym9_rhKn61UcCHgqkvUAc1x8K_KjFlaBj2nCCY; expires=Fri, 03-Mar-2023 14:58:17 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snapwidget.com/cdn-cgi/rum?
104.26.8.123200 OK 0 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP 104.26.8.123:0
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 397
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:18 GMT
content-type: text/plain
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 743edd036cf80b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
snapwidget.com/cdn-cgi/rum?
104.26.8.123200 OK 0 B URL HTTP/2 snapwidget.com/cdn-cgi/rum?
IP 104.26.8.123:0
POST /cdn-cgi/rum? HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VQICUlZUGwcFV1BRAA==
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE0NTMwNyIsImFwIjoiNDUzMTUwIiwiaWQiOiIyZjNmMWVhZjc2Y2ExMzY2IiwidHIiOiJlODE2YmJhZjFiZjFiN2I0OWEzMjliNjQ2MDQ4ZTgzMCIsInRpIjoxNjYyMDQ0Mjk3NTg0fX0=
traceparent: 00-e816bbaf1bf1b7b49a329b646048e830-2f3f1eaf76ca1366-01
tracestate: 145307@nr=0-1-145307-453150-2f3f1eaf76ca1366----1662044297584
content-type: application/json
Content-Length: 3432
Origin: https://snapwidget.com
Connection: keep-alive
Referer: https://snapwidget.com/embed/956730
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:17 GMT
content-type: text/plain
access-control-allow-origin: https://snapwidget.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 743edcfdce5c0b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
104.26.6.19200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
IP 104.26.6.19:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:20 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgj%2BzR0KJu7YJH7nVOSxGLuPR6yN0d3puLCj21EbwxtV53yZonxYDSV8lMrwuxbyq8q7YXydw%2FSndHD2uGFKsmYPkPJ3iN1%2FM%2Ba8CGM%2FwDhDHh3YX1YGoT3qrVS9%2BqN26p5rWwk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd0cad5a1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
104.21.51.177200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP 104.21.51.177:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://856manuelmendezheadline.blogspot.com
Connection: keep-alive
Referer: https://856manuelmendezheadline.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:58:21 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ey%2BB%2BGdlkpAtolWKd6U1OyVlvRq0pUxe%2FlpD5E0lgfjCMbqNzy2J7N6Qr1fGy1ENp3weJaY3kOsi7y2YSEIcrm%2FGOPBXX%2BLh8fMnwHCnLLvoZDb32fo5z%2FLpIwAZyd45%2Bs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743edd110ca01c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2