r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15322
Expires: Mon, 05 Dec 2022 00:57:50 GMT
Date: Sun, 04 Dec 2022 20:42:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1830
Cache-Control: max-age=137959
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:28 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:01:47 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Sun, 04 Dec 2022 21:37:47 GMT
Date: Sun, 04 Dec 2022 20:42:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 20:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1339
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oTb0iI95QMmN5De3es8PAc/ABjrLGzieglul2ipI/YvTh7GOML/ra2rhXD6akxTJFUxPf9LOsBQ=
x-amz-request-id: 9RX10A6NCQP2XZ7P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 19:47:06 GMT
age: 3322
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bjmullwasuen.blogspot.com/2022/07/the-best-11-dinheiro-para-imprimir-e.html
172.217.21.161301 Moved Permanently 221 B URL HTTP/1.1 bjmullwasuen.blogspot.com/2022/07/the-best-11-dinheiro-para-imprimir-e.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9903d23aeac4e81d131dedeac8195631
7f57f17a2b83a56005c5135c1bc50cb708076c38
647648b85af3be2ecc42b527bccf835831629767112c812fb9d5f8c2399946d6
GET /2022/07/the-best-11-dinheiro-para-imprimir-e.html HTTP/1.1
Host: bjmullwasuen.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://bjmullwasuen.blogspot.com/2022/07/the-best-11-dinheiro-para-imprimir-e.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 04 Dec 2022 20:42:29 GMT
Expires: Sun, 04 Dec 2022 20:42:29 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 221
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 20:08:58 GMT
cache-control: public,max-age=3600
age: 2011
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1819
Cache-Control: max-age=132881
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:29 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:37:10 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bjmullwasuen.blogspot.com/2022/07/the-best-11-dinheiro-para-imprimir-e.html
172.217.21.161200 OK 36 kB URL HTTP/2 bjmullwasuen.blogspot.com/2022/07/the-best-11-dinheiro-para-imprimir-e.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (16630)
Hash 9f9874885fc1db09471fd2a288a69d18
86202c5d1c861172be8470084fbb9461cced29ff
40ae4a8ade2e4f832a3b1a12a3a4620a7baf2e081287803ae64fa94f770b510c
GET /2022/07/the-best-11-dinheiro-para-imprimir-e.html HTTP/1.1
Host: bjmullwasuen.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 20:42:29 GMT
date: Sun, 04 Dec 2022 20:42:29 GMT
cache-control: private, max-age=0
last-modified: Wed, 30 Nov 2022 12:49:13 GMT
etag: W/"9e917f881e77a3a47ca6e4476599e6b019472848f4181ef2c7ce19858e697696"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 35925
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15630253
expires: Fri, 24 Nov 2023 20:42:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHZDI3R%2B28UqD0daCpFqNvDOO8nySTDLNcjp0KtZQrIABtruQLdjlJgeqGgpMNqTGeySwmQZ092uAizkdg8gf5ZfNGElB2pS0P33HpGy9FavO4gVsuRd3Ue%2FBv0moAspqx96J6V0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77475e70dfaeb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hCLASlIHJ2GGfuqPP6IWow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NG1O7pG7ogWMDxrAv+tikJAin+Q=
i0.wp.com/i.pinimg.com/originals/b6/ff/19/b6ff196386af31a1ff8308bcdba081b8.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/originals/b6/ff/19/b6ff196386af31a1ff8308bcdba081b8.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/originals/b6/ff/19/b6ff196386af31a1ff8308bcdba081b8.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 20:42:29 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/originals/b6/ff/19/b6ff196386af31a1ff8308bcdba081b8.jpg
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/736x/c2/81/bc/c281bc70a0d0051a79210301460b1516.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/736x/c2/81/bc/c281bc70a0d0051a79210301460b1516.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/736x/c2/81/bc/c281bc70a0d0051a79210301460b1516.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 20:42:29 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/736x/c2/81/bc/c281bc70a0d0051a79210301460b1516.jpg
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/474x/86/88/40/868840cafb4b8d7191e050be75f3adb4.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/474x/86/88/40/868840cafb4b8d7191e050be75f3adb4.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/474x/86/88/40/868840cafb4b8d7191e050be75f3adb4.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 20:42:29 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/474x/86/88/40/868840cafb4b8d7191e050be75f3adb4.jpg
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/474x/a3/5e/98/a35e9890533c6377680442e49cb94aa8.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/474x/a3/5e/98/a35e9890533c6377680442e49cb94aa8.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/474x/a3/5e/98/a35e9890533c6377680442e49cb94aa8.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 20:42:29 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/474x/a3/5e/98/a35e9890533c6377680442e49cb94aa8.jpg
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/originals/99/8b/4d/998b4debef61086239afff8393938319.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/originals/99/8b/4d/998b4debef61086239afff8393938319.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/originals/99/8b/4d/998b4debef61086239afff8393938319.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/originals/99/8b/4d/998b4debef61086239afff8393938319.jpg
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i.pinimg.com/originals/a9/23/40/a92340f2c3c86329160ea505b7fda100.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.pinimg.com/originals/a9/23/40/a92340f2c3c86329160ea505b7fda100.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.pinimg.com/originals/a9/23/40/a92340f2c3c86329160ea505b7fda100.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: text/html
content-length: 138
location: https://i.pinimg.com/originals/a9/23/40/a92340f2c3c86329160ea505b7fda100.jpg
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/i0.wp.com/2.bp.blogspot.com/_sQJTByo1DYQ/St3GCf9ZcpI/AAAAAAAAAcI/jHXdteyuKy4/w1200-h630-p-k-no-nu/dinheiro-falso.jpg
192.0.77.2404 Not Found 537 B URL HTTP/2 i0.wp.com/i0.wp.com/2.bp.blogspot.com/_sQJTByo1DYQ/St3GCf9ZcpI/AAAAAAAAAcI/jHXdteyuKy4/w1200-h630-p-k-no-nu/dinheiro-falso.jpg
IP 192.0.77.2:0
Hash 15133588a3d75ac4420dff9d8164c1b3
44d793cecde0a0a0847786c3ea1cb666f1faf959
551a8e4a12d2545dc5b5f94b369c26ddeefae68d14be0511c18081c4d9dd2b7b
GET /i0.wp.com/2.bp.blogspot.com/_sQJTByo1DYQ/St3GCf9ZcpI/AAAAAAAAAcI/jHXdteyuKy4/w1200-h630-p-k-no-nu/dinheiro-falso.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 20:42:29 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 6
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 485941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:44:05 GMT
expires: Wed, 29 Nov 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 457105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/cf.shopee.com.br/file/984a766d62ba8114c225f47824498968
192.0.77.2200 OK 157 kB URL HTTP/2 i0.wp.com/cf.shopee.com.br/file/984a766d62ba8114c225f47824498968
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x720, components 3\012- data
Size 157 kB (157197 bytes)
Hash fa21bdf4220ce5930949679ccbbd9bf6
422588222453cd6bfd6d1a10fa82cc2b56bca90e
552fa2cf987535b79d52865b93a99735298675f31d28062176fd42cec34eae86
GET /cf.shopee.com.br/file/984a766d62ba8114c225f47824498968 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: image/jpeg
content-length: 157197
last-modified: Sun, 04 Dec 2022 20:42:30 GMT
expires: Wed, 04 Dec 2024 08:42:30 GMT
cache-control: public, max-age=63115200
link: <http://cf.shopee.com.br/file/984a766d62ba8114c225f47824498968>; rel="canonical"
x-content-type-options: nosniff
etag: "29eaba6a7892067d"
x-bytes-saved: 13312
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0081a01b0aeeb92ef91b4d1adb972c89
db595f7e7c62a39838cb5c9680a5a89572dab837
91a6a2cf1b2a2c2f33f8928b75f5c9e09410427023c3816feb05fbac48a21980
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91A6A2CF1B2A2C2F33F8928B75F5C9E09410427023C3816FEB05FBAC48A21980"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13434
Expires: Mon, 05 Dec 2022 00:26:24 GMT
Date: Sun, 04 Dec 2022 20:42:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c4320de82ce7b5d4150bc8016c3692b6
cfd3f2b419251593b082dce50badafb0d9115733
9ab35db840b13ac1c2e8a9c6f5ae8a43457bcd87c9d49b5b8598f92b473cf042
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AB35DB840B13AC1C2E8A9C6F5AE8A43457BCD87C9D49B5B8598F92B473CF042"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 02:42:30 GMT
Date: Sun, 04 Dec 2022 20:42:30 GMT
Connection: keep-alive
i0.wp.com/cf.shopee.com.br/file/b466a075be13a30d28549131bbd83eb3
192.0.77.2200 OK 108 kB URL HTTP/2 i0.wp.com/cf.shopee.com.br/file/b466a075be13a30d28549131bbd83eb3
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3\012- data
Size 108 kB (108223 bytes)
Hash 8692cb39afd711c4f37a58ac39fef186
de0e319e936608a996a9a21d4cb9cbb52ee90c7a
416f8d42668da01e17a9628ad0f464d4ae7637b63a6d1b4b464b306c3602cfb9
GET /cf.shopee.com.br/file/b466a075be13a30d28549131bbd83eb3 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: image/jpeg
content-length: 108223
last-modified: Sun, 04 Dec 2022 20:42:30 GMT
expires: Wed, 04 Dec 2024 08:42:30 GMT
cache-control: public, max-age=63115200
link: <http://cf.shopee.com.br/file/b466a075be13a30d28549131bbd83eb3>; rel="canonical"
x-content-type-options: nosniff
etag: "8744a6110fa87409"
x-bytes-saved: 32054
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/blogger.googleusercontent.com/img/a/AVvXsEg6sjytPFfF8NiHRICwaN2rx_SeceoGvjKcmdW-t9BZOO-zxKbNYf5R7FK628VyWNF2kOQSg9eAYK0FTmBC5V98FYYu-775-UI0fATaffsB5B2rH9CpN5_5_cowgUOdE5KId7IcoFei4Ib4XTkjC7P2kfogJPzlJyE2udL2gKv77ApTZKTlwjAh48zz=w452-h640
192.0.77.2200 OK 124 kB URL HTTP/2 i0.wp.com/blogger.googleusercontent.com/img/a/AVvXsEg6sjytPFfF8NiHRICwaN2rx_SeceoGvjKcmdW-t9BZOO-zxKbNYf5R7FK628VyWNF2kOQSg9eAYK0FTmBC5V98FYYu-775-UI0fATaffsB5B2rH9CpN5_5_cowgUOdE5KId7IcoFei4Ib4XTkjC7P2kfogJPzlJyE2udL2gKv77ApTZKTlwjAh48zz=w452-h640
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], progressive, precision 8, 452x639, components 3\012- data
Size 124 kB (123953 bytes)
Hash 06d22d66a107a1fe0c51fc65680c4c6a
70d6274c038a5533d203b88cf9d2e88fc05e9e94
52ad1e8f4c6f0f8565532ce7c5918fb163d727fe53b01e4312f7fb1600abbaa3
GET /blogger.googleusercontent.com/img/a/AVvXsEg6sjytPFfF8NiHRICwaN2rx_SeceoGvjKcmdW-t9BZOO-zxKbNYf5R7FK628VyWNF2kOQSg9eAYK0FTmBC5V98FYYu-775-UI0fATaffsB5B2rH9CpN5_5_cowgUOdE5KId7IcoFei4Ib4XTkjC7P2kfogJPzlJyE2udL2gKv77ApTZKTlwjAh48zz=w452-h640 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: image/jpeg
content-length: 123953
last-modified: Sun, 04 Dec 2022 20:42:30 GMT
expires: Wed, 04 Dec 2024 08:42:30 GMT
cache-control: public, max-age=63115200
link: <http://blogger.googleusercontent.com/img/a/AVvXsEg6sjytPFfF8NiHRICwaN2rx_SeceoGvjKcmdW-t9BZOO-zxKbNYf5R7FK628VyWNF2kOQSg9eAYK0FTmBC5V98FYYu-775-UI0fATaffsB5B2rH9CpN5_5_cowgUOdE5KId7IcoFei4Ib4XTkjC7P2kfogJPzlJyE2udL2gKv77ApTZKTlwjAh48zz=w452-h640>; rel="canonical"
x-content-type-options: nosniff
etag: "e7faf51ba8e9c4c0"
x-bytes-saved: 3977
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
173.233.137.36200 OK 9.3 kB URL HTTP/1.1 vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
IP 173.233.137.36:0
File type Unicode text, UTF-8 text, with very long lines (25082), with no line terminators
Hash a322051548ca141794e04a8273949ec3
50572480d0a5e83ac7a1c45849736107ebff557f
7343753fcf0925912a219f13418421009b95f71de6b094775de5f6af6835fc8b
Analyzer Verdict Alert fortinet Malware
GET /1d1eca97b1cca4833437b01078981d7d/invoke.js HTTP/1.1
Host: vg4u8rvq65t6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58d8280fc11325772ce34d0874c53ebc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
vg4u8rvq65t6.com/69/29/c1/6929c19bfe090c99ffe7d91526f90658.js
173.233.137.36200 OK 21 kB URL HTTP/1.1 vg4u8rvq65t6.com/69/29/c1/6929c19bfe090c99ffe7d91526f90658.js
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (60169), with no line terminators
Hash 2e55905b3f13b5231ddac6d355afc461
6d9afe512a5729aff93f72b402866eff920844bc
96288128ba288bd746b3330a477838f3b6366a94ed1661b712d0816b7dc091fa
Analyzer Verdict Alert fortinet Phishing
GET /69/29/c1/6929c19bfe090c99ffe7d91526f90658.js HTTP/1.1
Host: vg4u8rvq65t6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6dbb6a04b5ebe7d417d808ddff9f596c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i0.wp.com/http2.mlstatic.com/D_NQ_NP_865996-MLB31208605905_062019-O.jpg
192.0.77.2200 OK 36 kB URL HTTP/2 i0.wp.com/http2.mlstatic.com/D_NQ_NP_865996-MLB31208605905_062019-O.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 441x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a7093b7ce33577380c6f574b5b564aaa
a873354959d6ab00e0c369682d5a53fef3f3acb2
57923ffcdc59eff6c6c70de77745675581fd2049c0781e4223efc7ab4383d9ae
GET /http2.mlstatic.com/D_NQ_NP_865996-MLB31208605905_062019-O.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: image/webp
content-length: 35494
last-modified: Sun, 04 Dec 2022 20:42:30 GMT
expires: Wed, 04 Dec 2024 08:42:30 GMT
cache-control: public, max-age=63115200
link: <http://http2.mlstatic.com/D_NQ_NP_865996-MLB31208605905_062019-O.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ca40f592d37a58ee"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images-americanas.b2w.io/produtos/3591117584/imagens/nota-dinheiro-brincadeira-s-valor-comercial-200-00-reais-pct-c-100-cedulas/3591117592_1_large.jpg
192.0.77.2200 OK 135 kB URL HTTP/2 i0.wp.com/images-americanas.b2w.io/produtos/3591117584/imagens/nota-dinheiro-brincadeira-s-valor-comercial-200-00-reais-pct-c-100-cedulas/3591117592_1_large.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 135 kB (134670 bytes)
Hash 38640a81e9d572cef69b62198048b5ce
74b8b2c849e5f18620e6b7e75f80b9d66e5e4532
557211cd646d888f14023ac256c06c88905f47126e04f73107f06e872268828d
GET /images-americanas.b2w.io/produtos/3591117584/imagens/nota-dinheiro-brincadeira-s-valor-comercial-200-00-reais-pct-c-100-cedulas/3591117592_1_large.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: image/webp
content-length: 134670
last-modified: Sun, 04 Dec 2022 20:42:30 GMT
expires: Wed, 04 Dec 2024 08:42:30 GMT
cache-control: public, max-age=63115200
link: <http://images-americanas.b2w.io/produtos/3591117584/imagens/nota-dinheiro-brincadeira-s-valor-comercial-200-00-reais-pct-c-100-cedulas/3591117592_1_large.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "39baf1747754b905"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-cQugl5FMRuM/V1U_XbfQigI/AAAAAAAAEAU/_5Q9Hv4xAGo7Z_TUaGMyoch8vEPO1KnYgCLcB/h120/1.png
142.250.74.97200 OK 1.4 kB URL HTTP/2 lh3.googleusercontent.com/-cQugl5FMRuM/V1U_XbfQigI/AAAAAAAAEAU/_5Q9Hv4xAGo7Z_TUaGMyoch8vEPO1KnYgCLcB/h120/1.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash eb8259ca0e5b49a124e2d778f3a1e8b5
5ab388573215b61113cb08b3b694620222f53bc8
b795eae9a94449feb4caafa6a5af2990bb2ca0aa10593432dae1bfb8b17548a6
GET /-cQugl5FMRuM/V1U_XbfQigI/AAAAAAAAEAU/_5Q9Hv4xAGo7Z_TUaGMyoch8vEPO1KnYgCLcB/h120/1.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1402
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Tue, 08 Mar 2022 09:20:56 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103b"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-cPixj9X9VU4/V1U_mRajeVI/AAAAAAAAEDI/rLjaySYljNY7ldS5KBJYinqcz5JsQwLKACLcB/h120/7.png
142.250.74.97200 OK 1.6 kB URL HTTP/2 lh3.googleusercontent.com/-cPixj9X9VU4/V1U_mRajeVI/AAAAAAAAEDI/rLjaySYljNY7ldS5KBJYinqcz5JsQwLKACLcB/h120/7.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e54ee25263c51cc0ee9f968c5038fbc
047007296bb25f85d9901f398cef908053173f1c
9fcbfd32480f9ca06c264e000939b6f5df2a83b416d99b0ec2424f614be6c363
GET /-cPixj9X9VU4/V1U_mRajeVI/AAAAAAAAEDI/rLjaySYljNY7ldS5KBJYinqcz5JsQwLKACLcB/h120/7.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="7.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1565
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Wed, 17 Nov 2021 17:33:12 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-Sf533Lx2XDo/V1U_khMZ9eI/AAAAAAAAECg/WOgTOgQB3D4RSYHCj9hfLrlOURjA3XEawCLcB/h120/30.png
142.250.74.97200 OK 820 B URL HTTP/2 lh3.googleusercontent.com/-Sf533Lx2XDo/V1U_khMZ9eI/AAAAAAAAECg/WOgTOgQB3D4RSYHCj9hfLrlOURjA3XEawCLcB/h120/30.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 09b9eb1a6de560aa10c7f07a433dfdc2
37291fbf09ad156cab919124fb033466b6795637
1a746041ebbb98155c8aec4d7f1eb0e730a66673230fdcf46267c223efaf5c0e
GET /-Sf533Lx2XDo/V1U_khMZ9eI/AAAAAAAAECg/WOgTOgQB3D4RSYHCj9hfLrlOURjA3XEawCLcB/h120/30.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="30.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 820
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Sat, 13 Nov 2021 12:40:28 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-DOR5NAJ7fag/V1U_jLkDwhI/AAAAAAAAECE/elfZGm0x7FoChkEsbK_UMuxvyO2dx2gpwCLcB/h120/27.png
142.250.74.97200 OK 1.2 kB URL HTTP/2 lh3.googleusercontent.com/-DOR5NAJ7fag/V1U_jLkDwhI/AAAAAAAAECE/elfZGm0x7FoChkEsbK_UMuxvyO2dx2gpwCLcB/h120/27.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 04fce6948d4e48616966a0cddd6a5ba1
79b437846f3d4016403ef2095fdf66297fec3630
0fdb0ef1fabb1e65d2181f7048d23ff4f88411a2bcaec3fcaa8e37ee4f5a8eb2
GET /-DOR5NAJ7fag/V1U_jLkDwhI/AAAAAAAAECE/elfZGm0x7FoChkEsbK_UMuxvyO2dx2gpwCLcB/h120/27.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="27.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1243
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Sun, 14 Nov 2021 01:46:50 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/--Rzg7PE7FYQ/V1U_kpnrH0I/AAAAAAAAECo/XrBlEvaRaawUxgC-i_UC0uQf_0EEGwlfgCLcB/h120/31.png
142.250.74.97200 OK 1.7 kB URL HTTP/2 lh3.googleusercontent.com/--Rzg7PE7FYQ/V1U_kpnrH0I/AAAAAAAAECo/XrBlEvaRaawUxgC-i_UC0uQf_0EEGwlfgCLcB/h120/31.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 79c45213f728c6c78504f3315ec244f6
ff3016524abd06f858c249a7c4b5de9182de121d
33a15b2b54bf94d7ccabd99f726077e9eba83a51494fddd4431265a43a937251
GET /--Rzg7PE7FYQ/V1U_kpnrH0I/AAAAAAAAECo/XrBlEvaRaawUxgC-i_UC0uQf_0EEGwlfgCLcB/h120/31.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="31.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1669
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Tue, 08 Mar 2022 09:20:59 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-OIvn-XD877c/V1U_m0TggsI/AAAAAAAAEDU/dfIUcK-mvzwcuBYgE93WdXp8nUiaax-kwCLcB/h120/9.png
142.250.74.97200 OK 1.7 kB URL HTTP/2 lh3.googleusercontent.com/-OIvn-XD877c/V1U_m0TggsI/AAAAAAAAEDU/dfIUcK-mvzwcuBYgE93WdXp8nUiaax-kwCLcB/h120/9.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b139da5ca117d2880307fb0e4b6aad25
6ac3b45df2e8405590a8d48a154dde424a363b78
1f11bc6deabb04d3bf710357d8e2b8a87ec43d6957382d6a327cbcc4d5fab963
GET /-OIvn-XD877c/V1U_m0TggsI/AAAAAAAAEDU/dfIUcK-mvzwcuBYgE93WdXp8nUiaax-kwCLcB/h120/9.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="9.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1699
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Wed, 17 Nov 2021 06:23:01 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-RqDpqWecyMw/V1U_j-B12EI/AAAAAAAAECc/s7jdJHYiDQogwTJGmkwO7H4m2JR5qvB6ACLcB/h120/3.png
142.250.74.97200 OK 1.7 kB URL HTTP/2 lh3.googleusercontent.com/-RqDpqWecyMw/V1U_j-B12EI/AAAAAAAAECc/s7jdJHYiDQogwTJGmkwO7H4m2JR5qvB6ACLcB/h120/3.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7af7dd6ac946fe70f010a249e03240eb
aeabb821c6fd93b3d05ffdf5b1708437f7591d1c
45ac694ca077702f62466f3148861dd6ee084505cae4f1454a8e740b88bad5a3
GET /-RqDpqWecyMw/V1U_j-B12EI/AAAAAAAAECc/s7jdJHYiDQogwTJGmkwO7H4m2JR5qvB6ACLcB/h120/3.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="3.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1725
x-xss-protection: 0
date: Sun, 04 Dec 2022 20:42:30 GMT
expires: Wed, 30 Mar 2022 11:04:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v103c"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-XxQdOt_KU0Q/V1U_mKKhA8I/AAAAAAAAEDA/bvjgNnnHctg9ueVNu5NFxQ18wQh-hqykACLcB/h120/5.png
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/-XxQdOt_KU0Q/V1U_mKKhA8I/AAAAAAAAEDA/bvjgNnnHctg9ueVNu5NFxQ18wQh-hqykACLcB/h120/5.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e94ebfe6b92e2154b866df30f849069
cb5fbd4b625688d33d79d902e168604b75f103f2
da8c8135075cd6b213e7e72e431643d49ea0771b266fe40d270ea8c3546f10b5
GET /-XxQdOt_KU0Q/V1U_mKKhA8I/AAAAAAAAEDA/bvjgNnnHctg9ueVNu5NFxQ18wQh-hqykACLcB/h120/5.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="5.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1507
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Sun, 14 Nov 2021 01:34:17 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/www.bethesda.or.id/cni-content/uploads/modules/dokter/notfound.png
192.0.77.2200 OK 786 B URL HTTP/2 i0.wp.com/www.bethesda.or.id/cni-content/uploads/modules/dokter/notfound.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 333x333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e4e5fce2cf4d2dfed75361ef67be8e7
17e39dfe752d6da496eec5a38ca0854bb91a3580
d2a035c1365b924a497391a6e47c89b458f67df484187ec5770a6e6173f24e22
GET /www.bethesda.or.id/cni-content/uploads/modules/dokter/notfound.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: image/webp
content-length: 786
last-modified: Tue, 11 May 2021 05:14:18 GMT
expires: Thu, 11 May 2023 17:14:18 GMT
cache-control: public, max-age=63115200
link: <http://www.bethesda.or.id/cni-content/uploads/modules/dokter/notfound.png>; rel="canonical"
x-content-type-options: nosniff
etag: "7b0aba63bd431b2b"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-nQpusekLOCY/V1U_XmFH4LI/AAAAAAAAEAY/TXKngRHW9go5Qrh9wkZR5QFCAEPPvVeeACLcB/h120/2.png
142.250.74.97200 OK 1.3 kB URL HTTP/2 lh3.googleusercontent.com/-nQpusekLOCY/V1U_XmFH4LI/AAAAAAAAEAY/TXKngRHW9go5Qrh9wkZR5QFCAEPPvVeeACLcB/h120/2.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a355ff672fd2a396cc1875477c8adddd
2c8f282aeee84cc1eb7739828d0076176606a707
4041f5830498cf8473caedcf149004d122582f9e5431c792359871101ef931cc
GET /-nQpusekLOCY/V1U_XmFH4LI/AAAAAAAAEAY/TXKngRHW9go5Qrh9wkZR5QFCAEPPvVeeACLcB/h120/2.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="2.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1274
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Tue, 08 Mar 2022 09:20:56 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103b"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-LWEIDBVvX1c/V1U_lnGQezI/AAAAAAAAEC8/rjH9OARs2xEp48_v9Q4KaaBvwo6YMZ-ggCLcB/h120/4.png
142.250.74.97200 OK 1.3 kB URL HTTP/2 lh3.googleusercontent.com/-LWEIDBVvX1c/V1U_lnGQezI/AAAAAAAAEC8/rjH9OARs2xEp48_v9Q4KaaBvwo6YMZ-ggCLcB/h120/4.png
IP 142.250.74.97:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3394fe25e7480764d3439565daae2d58
0bf5446a652ecc2ba39d9639d6384c339b9ccbb1
a83cf8a84be366b4b8339b0b25b989df5e0ed9976967f32b4a66729c96aeb4ae
GET /-LWEIDBVvX1c/V1U_lnGQezI/AAAAAAAAEC8/rjH9OARs2xEp48_v9Q4KaaBvwo6YMZ-ggCLcB/h120/4.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="4.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1264
x-xss-protection: 0
date: Sun, 04 Dec 2022 18:53:09 GMT
expires: Wed, 02 Nov 2022 01:33:20 GMT
cache-control: public, max-age=86400, no-transform
age: 6561
etag: "v103c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ce48a4450bc9ac5b2d58787e83c002c7
a5d9e7f7227f496bcac66b6c4671cee438efa0dd
e3df452f4397b612584e550d519dc205d4826eb38a4232a5ea15cc7dd3108021
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3DF452F4397B612584E550D519DC205D4826EB38A4232A5EA15CC7DD3108021"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Mon, 05 Dec 2022 00:24:46 GMT
Date: Sun, 04 Dec 2022 20:42:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
142.250.74.174200 OK 99 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (679)
Hash a9a95fc3a85fc2904a0cffd12ff9b01c
b3db5cd9996da5ffa51fe22a57898a79abfe32df
2ef638f9e81beb63874104df180f7d1de54c01d6e22857f39e16c1581a3f3f7e
GET /s/player/dab28f34/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/4sj8plBAm-Q
Cookie: YSC=C3Vx9xejCCQ; VISITOR_INFO1_LIVE=FVqX1e0fm1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 276077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148083
Date: Sun, 04 Dec 2022 20:42:30 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 13:50:33 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fbwLkcH_7zpP2JtZlSDTVAAzOK3_IWDeetTxOjrLQ_KNUrn_BQV5YA==
Age: 1165
www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/4sj8plBAm-Q
Cookie: YSC=C3Vx9xejCCQ; VISITOR_INFO1_LIVE=FVqX1e0fm1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 276077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/escolinha.org/imagens/dinheirinho/dinheirinho-de-brinquedo-preto-e-branco.jpg
192.0.77.2200 OK 107 kB URL HTTP/2 i0.wp.com/escolinha.org/imagens/dinheirinho/dinheirinho-de-brinquedo-preto-e-branco.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 107 kB (107250 bytes)
Hash 8c18ccd617e7b768e259ea0db3c8b9ae
eb961137c7c544cf4a6887579dec3974ce0c3dcc
8a5493913023dcf1f25c18014e6a571fce4124715b39dd063f80ee98a18f5349
GET /escolinha.org/imagens/dinheirinho/dinheirinho-de-brinquedo-preto-e-branco.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:31 GMT
content-type: image/webp
content-length: 107250
last-modified: Sun, 04 Dec 2022 20:42:31 GMT
expires: Wed, 04 Dec 2024 08:42:31 GMT
cache-control: public, max-age=63115200
link: <http://escolinha.org/imagens/dinheirinho/dinheirinho-de-brinquedo-preto-e-branco.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4806bb5b86d50965"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 255268
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 83e5a9227a460cdcfee95d7086f865ca
8435a3c3d81df9ad772002b3c6826ca5a6dd1eb5
39814f2e138c8528e0f99464580e3da0d7ac32340180bffbef13b021e9098295
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjmullwasuen.blogspot.com
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bjmullwasuen.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=e1e42e8d-3aae-468b-895d-ab7c784c6eb3:1:1; expires=Wed, 01 Dec 2032 20:42:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148145
Date: Sun, 04 Dec 2022 20:42:31 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 13:51:36 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GgU9rjJUF2m6AKhKzBVa3RdLvFd8OCcBU_oTSno4pi1IOk33DqWLhQ==
Age: 1228
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 273708
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4116
Expires: Sun, 04 Dec 2022 21:51:07 GMT
Date: Sun, 04 Dec 2022 20:42:31 GMT
Connection: keep-alive
www.youtube.com/embed/4sj8plBAm-Q
142.250.74.174200 OK 27 kB URL HTTP/2 www.youtube.com/embed/4sj8plBAm-Q
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58643)
Hash 479501d8511579e01faaedb6ae65d16a
a22831e4473472b275f2a3558435f162edff0ae2
fcb7a6cd0f756bfb89978f363fa9aa0c31a3f59b34ff9bc4e2bdb806f12669d6
GET /embed/4sj8plBAm-Q HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Dec 2022 20:42:30 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=C3Vx9xejCCQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=FVqX1e0fm1g; Domain=.youtube.com; Expires=Fri, 02-Jun-2023 20:42:30 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+168; expires=Tue, 03-Dec-2024 20:42:30 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=2253&rd=2253&fd=976&bv=22.10.v.9&tmpl=70
173.233.137.36200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=2253&rd=2253&fd=976&bv=22.10.v.9&tmpl=70
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2253&rd=2253&fd=976&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 46da6b8816c19ebfaa6a69368ef1a0d9
7343d0b80de6089cc9726455386360a65c2cfce0
81a760b8a2101eedf4729382456634436e6e84c5b5e84b11267145a241b4a403
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjmullwasuen.blogspot.com
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bjmullwasuen.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=2f481e36-0367-461a-a00f-cbe7beff7772:1:1; expires=Wed, 01 Dec 2032 20:42:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 47750
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 82184
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:16:07 GMT
age: 48384
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 82710
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 82193
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i0.wp.com/images-shoptime.b2w.io/produtos/3844098790/imagens/nota-dinheiro-brincadeira-s-valor-comercial-10-00-reais-pct-c-25-cedulas/3844098790_1_large.jpg
192.0.77.2200 OK 138 kB URL HTTP/2 i0.wp.com/images-shoptime.b2w.io/produtos/3844098790/imagens/nota-dinheiro-brincadeira-s-valor-comercial-10-00-reais-pct-c-25-cedulas/3844098790_1_large.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 138 kB (138128 bytes)
Hash a8df8ef3c5bb9e4b4aceffedf8cda9e0
2d2a6c30b14cebc2032ef9fafa7d81ca39587c5c
80791d58f3d9be30f9f156e83413066425e3d880a9762be8bc427aa37e405df0
GET /images-shoptime.b2w.io/produtos/3844098790/imagens/nota-dinheiro-brincadeira-s-valor-comercial-10-00-reais-pct-c-25-cedulas/3844098790_1_large.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:31 GMT
content-type: image/webp
content-length: 138128
last-modified: Sun, 04 Dec 2022 20:42:31 GMT
expires: Wed, 04 Dec 2024 08:42:31 GMT
cache-control: public, max-age=63115200
link: <http://images-shoptime.b2w.io/produtos/3844098790/imagens/nota-dinheiro-brincadeira-s-valor-comercial-10-00-reais-pct-c-25-cedulas/3844098790_1_large.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cb8cf2fb07a155da"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3f87a2d54693a81fcc4fefed9dada3e3
ae5324e15040fca1d09758470f1d7d28b0e78a6e
94b86aebe278fa129c3247bc1a9ec91861fbeae871c84786e9025f49a2084651
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B86AEBE278FA129C3247BC1A9EC91861FBEAE871C84786E9025F49A2084651"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17547
Expires: Mon, 05 Dec 2022 01:34:58 GMT
Date: Sun, 04 Dec 2022 20:42:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6ddd743262cc2727e40e84514b13c68a
a9e579263bdb29ebc08ed46d9af5d8308f0bf6ea
e927bd50b4fad2320c331c115457c053cf542096113a7668afe3590e1635d911
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E927BD50B4FAD2320C331C115457C053CF542096113A7668AFE3590E1635D911"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15577
Expires: Mon, 05 Dec 2022 01:02:08 GMT
Date: Sun, 04 Dec 2022 20:42:31 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 04 Dec 2022 20:42:31 GMT
date: Sun, 04 Dec 2022 20:42:31 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 523954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
216.58.207.194302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 04 Dec 2022 20:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 20:36:04 GMT
expires: Sun, 04 Dec 2022 20:51:04 GMT
cache-control: public, max-age=900
age: 387
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/escolinha.org/imagens/dinheirinho/dinheirinho-para-imprimir.jpg
192.0.77.2200 OK 0 B URL HTTP/2 i0.wp.com/escolinha.org/imagens/dinheirinho/dinheirinho-para-imprimir.jpg
IP 192.0.77.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /escolinha.org/imagens/dinheirinho/dinheirinho-para-imprimir.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 20:42:31 GMT
content-type: image/webp
content-length: 140920
last-modified: Sun, 04 Dec 2022 20:42:31 GMT
expires: Wed, 04 Dec 2024 08:42:31 GMT
cache-control: public, max-age=63115200
link: <http://escolinha.org/imagens/dinheirinho/dinheirinho-para-imprimir.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "89ae26a7719f7d34"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
banquetunarmedgrater.com/advertisers.js
173.233.137.52200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:31 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4fa7b44bdb94a9277a6de85f7e5ae19e
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f4667801913af2c4c832a52f20dc63c6
81db0911785136407870560d9b1a21681b3e44b3
34165098695d13314e2562e0585740de707f03ff69b02e1ec2ff0a8cdc1a03f5
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 20:42:31 GMT
server: ESF
cache-control: private
content-length: 31117
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hopefullyapricot.com/ntv.json?key=1d1eca97b1cca4833437b01078981d7d&vstc=4
173.233.137.44200 OK 17 kB URL HTTP/1.1 hopefullyapricot.com/ntv.json?key=1d1eca97b1cca4833437b01078981d7d&vstc=4
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (17284), with no line terminators
Hash 6f47ada25c1b7f5238f4a97526b849bd
53ef9da73b695a9ecf62ed625ca62849f5d75b8e
39b940a2ead2c1f96d622c5b82f7978f9af4d59e14a7272ecd0152e812113a82
GET /ntv.json?key=1d1eca97b1cca4833437b01078981d7d&vstc=4 HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjmullwasuen.blogspot.com
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:31 GMT
Content-Type: application/json
Content-Length: 17284
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bjmullwasuen.blogspot.com
Access-Control-Allow-Origin: https://bjmullwasuen.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15865918; expires=Mon, 05 Dec 2022 20:42:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 20:42:31 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 20:42:31 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 05 Dec 2022 20:42:31 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 05 Dec 2022 20:42:31 GMT; secure; SameSite=None
nlec1d1eca97b1cca4833437b01078981d7d=[2229329,2229333,2229337,2019380]; expires=Sun, 04 Dec 2022 20:42:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c24ca2a0f70a4d46e3d4ac3ed24abc4
Strict-Transport-Security: max-age=0; includeSubdomains
yt3.ggpht.com/ytc/AMLnZu9N9ZAVPYT9Ln3mA07J5F1NbIqjpezYZ5VsD6JLZA=s68-c-k-c0x00ffffff-no-rj
142.250.74.65200 OK 4.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9N9ZAVPYT9Ln3mA07J5F1NbIqjpezYZ5VsD6JLZA=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 28a73d539aa8cf4d80913b0b09ce808c
39b7c55fcb057719de94eabbb8f9387250ce6d37
7533507b88d066f66448de5c90ec99ca00e5ff56825bb7cbc1219be6e2f50c4a
GET /ytc/AMLnZu9N9ZAVPYT9Ln3mA07J5F1NbIqjpezYZ5VsD6JLZA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4157
x-xss-protection: 0
date: Sun, 04 Dec 2022 20:42:32 GMT
expires: Sun, 13 Nov 2022 05:12:39 GMT
cache-control: public, max-age=86400, no-transform
etag: "v80"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/4sj8plBAm-Q/maxresdefault.webp
142.250.74.22200 OK 109 kB URL HTTP/2 i.ytimg.com/vi_webp/4sj8plBAm-Q/maxresdefault.webp
IP 142.250.74.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 109 kB (108752 bytes)
Hash 6054bf90ef81ead4e79f3851f2e4b5a5
f5b673f508bcca5b6486d09d5b6d9ed00e18e1da
fb9bc02973511e178d61d9cfc4865c52c66b7a31acf3fb390380724a62626e71
GET /vi_webp/4sj8plBAm-Q/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 108752
date: Sun, 04 Dec 2022 20:42:32 GMT
expires: Sun, 04 Dec 2022 22:42:32 GMT
cache-control: public, max-age=7200
etag: "1483712564"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
142.250.74.35200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
IP 142.250.74.35:0
File type ASCII text, with very long lines (52913), with no line terminators
Hash f4bb161deae4e93f1a82e52f82ea2af9
74cd72b02999ea35cde6dd6c1d58ca9aec94da07
3330fe65fd8dbe742211f1609fbfe70b3b94434ad5639223942d921f085ea589
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:53:03 GMT
expires: Tue, 28 Nov 2023 19:53:03 GMT
cache-control: public, max-age=31536000
age: 521369
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 408b9ba72dc83c47c6821c825897d586
39c533b3ecadd39dcc4be7e5d6b1a5fece62de8b
3b1904ae01a75c6c530b0d4e952f53b823b8ebc3bd4eaf62794dac74999d6b23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B1904AE01A75C6C530B0D4E952F53B823B8EBC3BD4EAF62794DAC74999D6B23"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16385
Expires: Mon, 05 Dec 2022 01:15:37 GMT
Date: Sun, 04 Dec 2022 20:42:32 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:40:54 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 507150419
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
i.pinimg.com/474x/86/88/40/868840cafb4b8d7191e050be75f3adb4.jpg
104.84.152.162200 OK 43 kB URL HTTP/2 i.pinimg.com/474x/86/88/40/868840cafb4b8d7191e050be75f3adb4.jpg
IP 104.84.152.162:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 360x488, components 3\012- data
Hash ae1784d10d589e0f6b90018a1a402623
919ea7c3723784ffcc44511421b43238fb123458
7ed827b2f0cfc27ceed8dbb9be808334f5e7ad877160d0a3bd3e26e3dc45d07d
GET /474x/86/88/40/868840cafb4b8d7191e050be75f3adb4.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bjmullwasuen.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "ae1784d10d589e0f6b90018a1a402623"
accept-ranges: bytes
content-type: image/jpeg
content-length: 42578
akamai-grn: 0.9e985468.1670186552.2c5b40f6
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
i.pinimg.com/originals/a9/23/40/a92340f2c3c86329160ea505b7fda100.jpg
104.84.152.162200 OK 27 kB URL HTTP/2 i.pinimg.com/originals/a9/23/40/a92340f2c3c86329160ea505b7fda100.jpg
IP 104.84.152.162:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 619x464, components 3\012- data
Hash be6074c80d4d385524ad1aaceff90732
c731bef0aa0f3bb29da2cbec3885775bc3a5d9a6
fadcf0d3c57d490f28168123139b56df26f9536cd66895a126b065a9ec8aec30
GET /originals/a9/23/40/a92340f2c3c86329160ea505b7fda100.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bjmullwasuen.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "be6074c80d4d385524ad1aaceff90732"
accept-ranges: bytes
content-type: image/jpeg
content-length: 27184
x-edgeconnect-midmile-rtt: 1
x-edgeconnect-origin-mex-latency: 50
akamai-grn: 0.9e985468.1670186552.2c5b40fc
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
i.pinimg.com/736x/c2/81/bc/c281bc70a0d0051a79210301460b1516.jpg
104.84.152.162200 OK 47 kB URL HTTP/2 i.pinimg.com/736x/c2/81/bc/c281bc70a0d0051a79210301460b1516.jpg
IP 104.84.152.162:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash 3ca6b1aebf74664208819357d317344d
7409694090eeb902ea0b6d4fd8952ce80d09f564
88f4bc8060843318461ca860233843483d5524929d0a21d56cd7158a582e462a
GET /736x/c2/81/bc/c281bc70a0d0051a79210301460b1516.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bjmullwasuen.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3ca6b1aebf74664208819357d317344d"
accept-ranges: bytes
content-type: image/jpeg
content-length: 47319
alt-svc: h3=":443"; ma=600
akamai-grn: 0.9e985468.1670186552.2c5b40ee
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
i.pinimg.com/474x/a3/5e/98/a35e9890533c6377680442e49cb94aa8.jpg
104.84.152.162200 OK 40 kB URL HTTP/2 i.pinimg.com/474x/a3/5e/98/a35e9890533c6377680442e49cb94aa8.jpg
IP 104.84.152.162:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 360x488, components 3\012- data
Hash 37f0e6ae69a74130a9312c076c14960b
b4d35c6ea29c2502eebe8493bade0dde17d4661b
631266a26aaf8e3bf5198b614c82a7e02c2e20947020d208e2511543b7130bff
GET /474x/a3/5e/98/a35e9890533c6377680442e49cb94aa8.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bjmullwasuen.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "37f0e6ae69a74130a9312c076c14960b"
accept-ranges: bytes
content-type: image/jpeg
content-length: 40215
x-edgeconnect-midmile-rtt: 57, 57
x-edgeconnect-origin-mex-latency: 55, 55
akamai-grn: 0.9e985468.1670186552.2c5b40fd
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 04 Dec 2022 20:42:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 497762696b3f6f95d671b94bb349300a
c0af86b35a01a0059f60f2b98f0df13488c171e2
c131224533c338162489f72a1a542b38128ba371fa2c2448c0efaa8c857f7f6b
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1259
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 20:42:32 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:40:09 GMT
expires: Sat, 10 Dec 2022 14:40:09 GMT
cache-control: public, max-age=604800
age: 108143
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4277085&@f16&@g1&@h1&@i1&@j1670186549823&@k0&@l1&@mThe%20Best%2011%20Dinheiro%20Para%20Imprimir%20E%20Brincar%20-%20bjmullwasuen&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-93667664&@b3:1670186550&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbjmullwasuen.blogspot.com%2F2022%2F07%2Fthe-best-11-dinheiro-para-imprimir-e.html&@w
149.56.240.129200 OK 44 B URL HTTP/1.1 s4.histats.com/stats/0.php?4277085&@f16&@g1&@h1&@i1&@j1670186549823&@k0&@l1&@mThe%20Best%2011%20Dinheiro%20Para%20Imprimir%20E%20Brincar%20-%20bjmullwasuen&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-93667664&@b3:1670186550&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbjmullwasuen.blogspot.com%2F2022%2F07%2Fthe-best-11-dinheiro-para-imprimir-e.html&@w
IP 149.56.240.129:0
File type ASCII text, with no line terminators
Hash 8cd4366326b660fec519f9158b355ce3
f889c2c3035db9a995d708ecff4565c00d356f39
e4c4eedfb4ac12a2c7c2502d8a2c19acb0a3c1339f2c0f62f114f9071c131949
GET /stats/0.php?4277085&@f16&@g1&@h1&@i1&@j1670186549823&@k0&@l1&@mThe%20Best%2011%20Dinheiro%20Para%20Imprimir%20E%20Brincar%20-%20bjmullwasuen&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-93667664&@b3:1670186550&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbjmullwasuen.blogspot.com%2F2022%2F07%2Fthe-best-11-dinheiro-para-imprimir-e.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 20:42:32 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 44
Connection: close
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXkeF9eCqe9CLDIKgIJPu%2BbEz46KLcY0EY5L9RdBb%2FepJmequpqp7epJTcEH2IszBg3qQzjfJBnUR9yoIMhFkCYo7lyUH8x94UVg8Ss8OjD6o995X3zt836v6ZC87JT4yerL%2BvtlRWtOFVs2vvrKhYmFyV129Xg38mn%2BxuqHiC82L1UGZbP%2F1wG%2FV%2FFer70q%2BZRbqfuD7gR9Ul5SVoRksTFmo5E43qHX9WrNeC1pNDOz%2Fscs8OOpB9E%2FJs1Bi8vjmvbtQfIw4%2Bv6ydFupSV57J8o0TY1FXxzeiLdik8eI5m1oPYTx4Wwaxk0I%2BfwMTHw4cwDT3y8dgKkJ8R4EYPHhTCZY%2F%2BCRUqYhYzDxFPL%2BGFKPoegY3NyEEvcJwAVW1xBHt1eNzen2I5aW7IRUHv4NlU9I5Y%2FziKPvFrUaVK8ZnaXKxA6DsIAajKF6YyTZEdIdDyo%2FAk8%2FhhK%2FkYWHK4ij%2FTWnDZQopu6VGkOFY2g5BHUesvIoD1noIUs8ROKkSlvd0PfbIQsbjU6Tc95ocN7qXBAt0Wh2Qh8ZL%2BUNkSZDcD0Et7tI7C621BA2%2Bwlus4ATHlw6Id6VXfRFgVwS5I4gpwS5IshTgrxfHAjt6q64LbTLWDCr9VltFCOT9vbogUl7MiZ7ySl5ZrqXv55%2FE1vypBqIQHLabbOAc9rsNBrNRpv5gd%2FudDuBaAs4VUC5M1OrO2pCzj%2F5IRI1IWe%2BehqMHsHpI3B1DjQLQPNRu%2B6Dbo6aHR878Q%2FUKhkqGqcmSho1pk3PJSatcRNBmAJJWkG67e3pU%2FLCVNVLlSuQ%2FPjSL2ffSEYPzoLbAokt8JH6maCnb42umpzsXzW5I3fXklRFaoeWL3ktpal87Jv35HZurFi%2B7IZfv8VLomzvXJcuXaGxUHHPkW8XlRDSLhnLJflx2W1Itp65zcXMxlmysv720nKUWOmcMvEYVN1f%2BwdcTUjl5eemf%2FTcr39C2TFsViDKjsksoMwReLILl8zVO0Ng9XyGJR7yrBjZOptfakWg5RxTVsD9B7N5v%2BduoWcroOlNxFGBvi3Q1wWoHsJlZ0dpYo8v3fuijC%2FBdGXEtK3sM231Z9PVlulGmT6YkBd%2Fb8Kpk6pshX4o%2FbpkYZeFbeqLbtjsMtoNZJu1aIDUTfinT7T%2FBQAA%2F%2F8BAAD%2F%2Fy0tNJCKBAAA
173.233.137.44200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXkeF9eCqe9CLDIKgIJPu%2BbEz46KLcY0EY5L9RdBb%2FepJmequpqp7epJTcEH2IszBg3qQzjfJBnUR9yoIMhFkCYo7lyUH8x94UVg8Ss8OjD6o995X3zt836v6ZC87JT4yerL%2BvtlRWtOFVs2vvrKhYmFyV129Xg38mn%2BxuqHiC82L1UGZbP%2F1wG%2FV%2FFer70q%2BZRbqfuD7gR9Ul5SVoRksTFmo5E43qHX9WrNeC1pNDOz%2Fscs8OOpB9E%2FJs1Bi8vjmvbtQfIw4%2Bv6ydFupSV57J8o0TY1FXxzeiLdik8eI5m1oPYTx4Wwaxk0I%2BfwMTHw4cwDT3y8dgKkJ8R4EYPHhTCZY%2F%2BCRUqYhYzDxFPL%2BGFKPoegY3NyEEvcJwAVW1xBHt1eNzen2I5aW7IRUHv4NlU9I5Y%2FziKPvFrUaVK8ZnaXKxA6DsIAajKF6YyTZEdIdDyo%2FAk8%2FhhK%2FkYWHK4ij%2FTWnDZQopu6VGkOFY2g5BHUesvIoD1noIUs8ROKkSlvd0PfbIQsbjU6Tc95ocN7qXBAt0Wh2Qh8ZL%2BUNkSZDcD0Et7tI7C621BA2%2Bwlus4ATHlw6Id6VXfRFgVwS5I4gpwS5IshTgrxfHAjt6q64LbTLWDCr9VltFCOT9vbogUl7MiZ7ySl5ZrqXv55%2FE1vypBqIQHLabbOAc9rsNBrNRpv5gd%2FudDuBaAs4VUC5M1OrO2pCzj%2F5IRI1IWe%2BehqMHsHpI3B1DjQLQPNRu%2B6Dbo6aHR878Q%2FUKhkqGqcmSho1pk3PJSatcRNBmAJJWkG67e3pU%2FLCVNVLlSuQ%2FPjSL2ffSEYPzoLbAokt8JH6maCnb42umpzsXzW5I3fXklRFaoeWL3ktpal87Jv35HZurFi%2B7IZfv8VLomzvXJcuXaGxUHHPkW8XlRDSLhnLJflx2W1Itp65zcXMxlmysv720nKUWOmcMvEYVN1f%2BwdcTUjl5eemf%2FTcr39C2TFsViDKjsksoMwReLILl8zVO0Ng9XyGJR7yrBjZOptfakWg5RxTVsD9B7N5v%2BduoWcroOlNxFGBvi3Q1wWoHsJlZ0dpYo8v3fuijC%2FBdGXEtK3sM231Z9PVlulGmT6YkBd%2Fb8Kpk6pshX4o%2FbpkYZeFbeqLbtjsMtoNZJu1aIDUTfinT7T%2FBQAA%2F%2F8BAAD%2F%2Fy0tNJCKBAAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuXkeF9eCqe9CLDIKgIJPu%2BbEz46KLcY0EY5L9RdBb%2FepJmequpqp7epJTcEH2IszBg3qQzjfJBnUR9yoIMhFkCYo7lyUH8x94UVg8Ss8OjD6o995X3zt836v6ZC87JT4yerL%2BvtlRWtOFVs2vvrKhYmFyV129Xg38mn%2BxuqHiC82L1UGZbP%2F1wG%2FV%2FFer70q%2BZRbqfuD7gR9Ul5SVoRksTFmo5E43qHX9WrNeC1pNDOz%2Fscs8OOpB9E%2FJs1Bi8vjmvbtQfIw4%2Bv6ydFupSV57J8o0TY1FXxzeiLdik8eI5m1oPYTx4Wwaxk0I%2BfwMTHw4cwDT3y8dgKkJ8R4EYPHhTCZY%2F%2BCRUqYhYzDxFPL%2BGFKPoegY3NyEEvcJwAVW1xBHt1eNzen2I5aW7IRUHv4NlU9I5Y%2FziKPvFrUaVK8ZnaXKxA6DsIAajKF6YyTZEdIdDyo%2FAk8%2FhhK%2FkYWHK4ij%2FTWnDZQopu6VGkOFY2g5BHUesvIoD1noIUs8ROKkSlvd0PfbIQsbjU6Tc95ocN7qXBAt0Wh2Qh8ZL%2BUNkSZDcD0Et7tI7C621BA2%2Bwlus4ATHlw6Id6VXfRFgVwS5I4gpwS5IshTgrxfHAjt6q64LbTLWDCr9VltFCOT9vbogUl7MiZ7ySl5ZrqXv55%2FE1vypBqIQHLabbOAc9rsNBrNRpv5gd%2FudDuBaAs4VUC5M1OrO2pCzj%2F5IRI1IWe%2BehqMHsHpI3B1DjQLQPNRu%2B6Dbo6aHR878Q%2FUKhkqGqcmSho1pk3PJSatcRNBmAJJWkG67e3pU%2FLCVNVLlSuQ%2FPjSL2ffSEYPzoLbAokt8JH6maCnb42umpzsXzW5I3fXklRFaoeWL3ktpal87Jv35HZurFi%2B7IZfv8VLomzvXJcuXaGxUHHPkW8XlRDSLhnLJflx2W1Itp65zcXMxlmysv720nKUWOmcMvEYVN1f%2BwdcTUjl5eemf%2FTcr39C2TFsViDKjsksoMwReLILl8zVO0Ng9XyGJR7yrBjZOptfakWg5RxTVsD9B7N5v%2BduoWcroOlNxFGBvi3Q1wWoHsJlZ0dpYo8v3fuijC%2FBdGXEtK3sM231Z9PVlulGmT6YkBd%2Fb8Kpk6pshX4o%2FbpkYZeFbeqLbtjsMtoNZJu1aIDUTfinT7T%2FBQAA%2F%2F8BAAD%2F%2Fy0tNJCKBAAA HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229329,2229333,2229337,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a39571a6ac976443549d2ce0ea0072af
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 921edf4719d00fc9e787f0163dad9917
d174b6498bf23f64df69f917124059bec7a46b3e
ca7f94b946a5920f873661c61d48722c96c0e453363551045b3f788f35c9c885
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA7F94B946A5920F873661C61D48722C96C0E453363551045B3F788F35C9C885"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19656
Expires: Mon, 05 Dec 2022 02:10:08 GMT
Date: Sun, 04 Dec 2022 20:42:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 921edf4719d00fc9e787f0163dad9917
d174b6498bf23f64df69f917124059bec7a46b3e
ca7f94b946a5920f873661c61d48722c96c0e453363551045b3f788f35c9c885
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA7F94B946A5920F873661C61D48722C96C0E453363551045B3F788F35C9C885"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19656
Expires: Mon, 05 Dec 2022 02:10:08 GMT
Date: Sun, 04 Dec 2022 20:42:32 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:32 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Tue, 06 Dec 2022 20:42:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujqNCBH%2FuQS8yCIKKTLrnx86Miy7GNRKMSfYXQW%2F1qydlqruaqu7pSU7BBdmLMAcP6kE63yQb1EXcqyDIRJAlIGYuSw7mj1BYPMpMBsZ9UO%2B9r753%2BL5X9fledkZ8ZPR0%2FSOzo7SmC42KX35tQ8XC5K68eqMc%2BBX%2FUnlDxRfrl8q9cbLdtwK%2FUfFfL38g%2BZZZqPqB7wd%2BUF5SVoamtzBhoZK77aDS9iv1aiVo1NGzj2KXeXDUg%2BiekeehxOjxzfv3oPgQcfTTFem2UpO8%2BX6UaZoai644vBlvxSaPEc3a0HoI48PpNIwbEfLVHEx8OHUA090fOwBTI%2BI9CMDiw6lMsO7BuVKmIWMw8RTy7hBSD6HoENzcghInBOACq2uIozurxuZ0%2B5ylY3ZESg%2F%2FgcpHpPTXBcTRj4ta9crXjc5SZWKHXlhA9YZQnSGS7AjpjgeVH4Gnn0GJP8jCwxXE0f6a0wZKFBP3Sg2hwiG07IM6D9n4KA9Z6CFLPETitEwb7dD3myELa7VWnXNeq3HeaF0UDVGrt0IfGR%2FL6yNN%2BuC6D253kdhdbKk%2BbPYr3GYBJzy4dES8q7voigK5JMgdQU4JckWQpwR5tzgQ2lVdcUdol7FgWqvTWisGJu3s0QOTdmRM9pIz8txkL3%2B%2F%2BA625Gk5EIHktN1kAee03qrV6rUm8wO%2F2Wq3AtEUcKqAcnMTqztqRC48%2BQkSNSJz3z4DRo%2Fg9BG4ehY0C0DzQbPqg24O6i0fO%2FHP1CoZKhqnJkpqFaZNxyUmrXATQZgCSVpCuu3t6TPy0kTVy3%2FWIfnx5d%2Fn304GD%2BbBbYHEFvhU%2FUbQ0bcH10xO9q%2BZ3JF7a0mqIrVDxy95PaWpfOz7D%2BV2bqxYvuL6373Lx8S4vXtDunSFxkLFHUd%2BWFRCSLtkLJfkl2W3Idl65jYXMxtnycr6e0vLUWKlc8rEQ1B1svYvuBqR0qsvTP7o0ydvQNkhbFYgyo7JNKDMEXiyC5fM1DtDYPVshiUl5FkxsFU2u9SKQMsZpqyA%2Bx9ms37P3UbHlkDTW4ijAl1boKsLUN2Hy%2BYHaWKPL9%2F%2FehzfgOnSgGlb2mfa6i9H5JXS1XG6OU4fn2%2FaqdOybIR%2BKP2qZGGbhU3qi3ZYbzPaDmSTNWiA1I34F080%2FwMAAP%2F%2FAQAA%2F%2F%2F1iGNNigQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujqNCBH%2FuQS8yCIKKTLrnx86Miy7GNRKMSfYXQW%2F1qydlqruaqu7pSU7BBdmLMAcP6kE63yQb1EXcqyDIRJAlIGYuSw7mj1BYPMpMBsZ9UO%2B9r753%2BL5X9fledkZ8ZPR0%2FSOzo7SmC42KX35tQ8XC5K68eqMc%2BBX%2FUnlDxRfrl8q9cbLdtwK%2FUfFfL38g%2BZZZqPqB7wd%2BUF5SVoamtzBhoZK77aDS9iv1aiVo1NGzj2KXeXDUg%2BiekeehxOjxzfv3oPgQcfTTFem2UpO8%2BX6UaZoai644vBlvxSaPEc3a0HoI48PpNIwbEfLVHEx8OHUA090fOwBTI%2BI9CMDiw6lMsO7BuVKmIWMw8RTy7hBSD6HoENzcghInBOACq2uIozurxuZ0%2B5ylY3ZESg%2F%2FgcpHpPTXBcTRj4ta9crXjc5SZWKHXlhA9YZQnSGS7AjpjgeVH4Gnn0GJP8jCwxXE0f6a0wZKFBP3Sg2hwiG07IM6D9n4KA9Z6CFLPETitEwb7dD3myELa7VWnXNeq3HeaF0UDVGrt0IfGR%2FL6yNN%2BuC6D253kdhdbKk%2BbPYr3GYBJzy4dES8q7voigK5JMgdQU4JckWQpwR5tzgQ2lVdcUdol7FgWqvTWisGJu3s0QOTdmRM9pIz8txkL3%2B%2F%2BA625Gk5EIHktN1kAee03qrV6rUm8wO%2F2Wq3AtEUcKqAcnMTqztqRC48%2BQkSNSJz3z4DRo%2Fg9BG4ehY0C0DzQbPqg24O6i0fO%2FHP1CoZKhqnJkpqFaZNxyUmrXATQZgCSVpCuu3t6TPy0kTVy3%2FWIfnx5d%2Fn304GD%2BbBbYHEFvhU%2FUbQ0bcH10xO9q%2BZ3JF7a0mqIrVDxy95PaWpfOz7D%2BV2bqxYvuL6373Lx8S4vXtDunSFxkLFHUd%2BWFRCSLtkLJfkl2W3Idl65jYXMxtnycr6e0vLUWKlc8rEQ1B1svYvuBqR0qsvTP7o0ydvQNkhbFYgyo7JNKDMEXiyC5fM1DtDYPVshiUl5FkxsFU2u9SKQMsZpqyA%2Bx9ms37P3UbHlkDTW4ijAl1boKsLUN2Hy%2BYHaWKPL9%2F%2FehzfgOnSgGlb2mfa6i9H5JXS1XG6OU4fn2%2FaqdOybIR%2BKP2qZGGbhU3qi3ZYbzPaDmSTNWiA1I34F080%2FwMAAP%2F%2FAQAA%2F%2F%2F1iGNNigQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujqNCBH%2FuQS8yCIKKTLrnx86Miy7GNRKMSfYXQW%2F1qydlqruaqu7pSU7BBdmLMAcP6kE63yQb1EXcqyDIRJAlIGYuSw7mj1BYPMpMBsZ9UO%2B9r753%2BL5X9fledkZ8ZPR0%2FSOzo7SmC42KX35tQ8XC5K68eqMc%2BBX%2FUnlDxRfrl8q9cbLdtwK%2FUfFfL38g%2BZZZqPqB7wd%2BUF5SVoamtzBhoZK77aDS9iv1aiVo1NGzj2KXeXDUg%2BiekeehxOjxzfv3oPgQcfTTFem2UpO8%2BX6UaZoai644vBlvxSaPEc3a0HoI48PpNIwbEfLVHEx8OHUA090fOwBTI%2BI9CMDiw6lMsO7BuVKmIWMw8RTy7hBSD6HoENzcghInBOACq2uIozurxuZ0%2B5ylY3ZESg%2F%2FgcpHpPTXBcTRj4ta9crXjc5SZWKHXlhA9YZQnSGS7AjpjgeVH4Gnn0GJP8jCwxXE0f6a0wZKFBP3Sg2hwiG07IM6D9n4KA9Z6CFLPETitEwb7dD3myELa7VWnXNeq3HeaF0UDVGrt0IfGR%2FL6yNN%2BuC6D253kdhdbKk%2BbPYr3GYBJzy4dES8q7voigK5JMgdQU4JckWQpwR5tzgQ2lVdcUdol7FgWqvTWisGJu3s0QOTdmRM9pIz8txkL3%2B%2F%2BA625Gk5EIHktN1kAee03qrV6rUm8wO%2F2Wq3AtEUcKqAcnMTqztqRC48%2BQkSNSJz3z4DRo%2Fg9BG4ehY0C0DzQbPqg24O6i0fO%2FHP1CoZKhqnJkpqFaZNxyUmrXATQZgCSVpCuu3t6TPy0kTVy3%2FWIfnx5d%2Fn304GD%2BbBbYHEFvhU%2FUbQ0bcH10xO9q%2BZ3JF7a0mqIrVDxy95PaWpfOz7D%2BV2bqxYvuL6373Lx8S4vXtDunSFxkLFHUd%2BWFRCSLtkLJfkl2W3Idl65jYXMxtnycr6e0vLUWKlc8rEQ1B1svYvuBqR0qsvTP7o0ydvQNkhbFYgyo7JNKDMEXiyC5fM1DtDYPVshiUl5FkxsFU2u9SKQMsZpqyA%2Bx9ms37P3UbHlkDTW4ijAl1boKsLUN2Hy%2BYHaWKPL9%2F%2FehzfgOnSgGlb2mfa6i9H5JXS1XG6OU4fn2%2FaqdOybIR%2BKP2qZGGbhU3qi3ZYbzPaDmSTNWiA1I34F080%2FwMAAP%2F%2FAQAA%2F%2F%2F1iGNNigQAAA%3D%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229329,2229333,2229337,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e26dbf3eb1edc26560d6968ad7b26f8c
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.9200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:32 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Tue, 06 Dec 2022 20:42:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:32 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Tue, 06 Dec 2022 20:42:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:32 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Tue, 06 Dec 2022 20:42:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3fT1gPrroHvcggCAoy6Z6PnRkXXYxrJBiT7BdBb%2FXVkzLVXU1V9%2FQkp%2BCC7EWYgwf1IJ1nkg3qIu5VEGQiyBIUdy5LDuZfEBQWj9KzA6Mv1PtRz3t4nqfq473slPjI6Mn6e2ZHaU0XWjW%2F%2BvKGioXJXXX1RjXwa%2F6l6oaKLzYvVQdlsv3XAr9V81%2BpviP5llmo%2B4HvB35QXVJWhmawMEWhkrvdoNb1a816LWg1MbD%2FnV3mwVEPon9KnoESk%2F9t3r8HxceIo%2B%2BuSLeVmuTVt6NM09RY9MXhzXgrNnmMaN6G1kMYH862YdyEkM%2FOwMSHMwUw%2Ff1SAZiaEO9hABYfzmiC9Q8eM2UaMgYTTyLvjyH1GIqOwc0tKPGAAFxgdQ1xdGfV2JxuP0ZpiU5I5dFfUPmEVH6%2FgDj6dlGrQfW60VmqTOwwCAuowRiqN0aSHSHd8aDyI%2FD0IyjxK1l4tII42l9z2kCJYqpeqTFUOIaWQ1DnISuP8pCFHrLEQyROqrTVDX2%2FHbKw0eg0OeeNBuetzkXREo1mJ%2FSR8ZLeEGkyBNdDcLuLxO5iSw1hsx%2FhNgs44cGlE%2BJd3UVfFMglQe4IckqQK4I8Jcj7xYHQru6KO0K7jAWzWp%2FVRjEyaW%2BPHpi0J2Oyl5ySp6e%2B%2FPncG9iSJ9VABJLTbpsFnNNmp9FoNtrMD%2Fx2p9sJRFvAqQLKnZlK3VETcuGJD5CoCTnz5VNg9AhOH4Gr86BZAJqP2nUfdHPU7PjYib%2BnVslQ0Tg1UdKoMW16LjFpjZsIwhRI0grSbW9Pn5Lnp6xerLwPyY8v%2F3zu9WT08By4LZDYAh%2Bqnwh6%2BvbomsnJ%2FjWTO3JvLUlVpHZo%2BZLXU5rKs1%2B%2FK7dzY8XyFTf86k1eAmV794Z06QqNhYp7jnyzqISQdslYLskPy25DsvXMbS5mNs6SlfW3lpajxErnlInHoOrB2t%2FgakIqLz07%2FaPnf%2FkDyo5hswJRdkxmAWWOwJNduGTO3hkCq%2Bc7LDmLPCtGts7ml1oRaDmfKSvg%2FjWzeb%2FnbqNnK6DpLcRRgb4t0NcFqB7CZedGaWKPL9%2F%2FvIwvwHRlxLSt7DNt9aeltVfLdHNq8oS88FsTTp1UZSv0Q%2BnXJQu7LGxTX3TDZpfRbiDbrEUDpG7CP%2Fl%2F%2Bx8AAAD%2F%2FwEAAP%2F%2FxobsEooEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3fT1gPrroHvcggCAoy6Z6PnRkXXYxrJBiT7BdBb%2FXVkzLVXU1V9%2FQkp%2BCC7EWYgwf1IJ1nkg3qIu5VEGQiyBIUdy5LDuZfEBQWj9KzA6Mv1PtRz3t4nqfq473slPjI6Mn6e2ZHaU0XWjW%2F%2BvKGioXJXXX1RjXwa%2F6l6oaKLzYvVQdlsv3XAr9V81%2BpviP5llmo%2B4HvB35QXVJWhmawMEWhkrvdoNb1a816LWg1MbD%2FnV3mwVEPon9KnoESk%2F9t3r8HxceIo%2B%2BuSLeVmuTVt6NM09RY9MXhzXgrNnmMaN6G1kMYH862YdyEkM%2FOwMSHMwUw%2Ff1SAZiaEO9hABYfzmiC9Q8eM2UaMgYTTyLvjyH1GIqOwc0tKPGAAFxgdQ1xdGfV2JxuP0ZpiU5I5dFfUPmEVH6%2FgDj6dlGrQfW60VmqTOwwCAuowRiqN0aSHSHd8aDyI%2FD0IyjxK1l4tII42l9z2kCJYqpeqTFUOIaWQ1DnISuP8pCFHrLEQyROqrTVDX2%2FHbKw0eg0OeeNBuetzkXREo1mJ%2FSR8ZLeEGkyBNdDcLuLxO5iSw1hsx%2FhNgs44cGlE%2BJd3UVfFMglQe4IckqQK4I8Jcj7xYHQru6KO0K7jAWzWp%2FVRjEyaW%2BPHpi0J2Oyl5ySp6e%2B%2FPncG9iSJ9VABJLTbpsFnNNmp9FoNtrMD%2Fx2p9sJRFvAqQLKnZlK3VETcuGJD5CoCTnz5VNg9AhOH4Gr86BZAJqP2nUfdHPU7PjYib%2BnVslQ0Tg1UdKoMW16LjFpjZsIwhRI0grSbW9Pn5Lnp6xerLwPyY8v%2F3zu9WT08By4LZDYAh%2Bqnwh6%2BvbomsnJ%2FjWTO3JvLUlVpHZo%2BZLXU5rKs1%2B%2FK7dzY8XyFTf86k1eAmV794Z06QqNhYp7jnyzqISQdslYLskPy25DsvXMbS5mNs6SlfW3lpajxErnlInHoOrB2t%2FgakIqLz07%2FaPnf%2FkDyo5hswJRdkxmAWWOwJNduGTO3hkCq%2Bc7LDmLPCtGts7ml1oRaDmfKSvg%2FjWzeb%2FnbqNnK6DpLcRRgb4t0NcFqB7CZedGaWKPL9%2F%2FvIwvwHRlxLSt7DNt9aeltVfLdHNq8oS88FsTTp1UZSv0Q%2BnXJQu7LGxTX3TDZpfRbiDbrEUDpG7CP%2Fl%2F%2Bx8AAAD%2F%2FwEAAP%2F%2FxobsEooEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3fT1gPrroHvcggCAoy6Z6PnRkXXYxrJBiT7BdBb%2FXVkzLVXU1V9%2FQkp%2BCC7EWYgwf1IJ1nkg3qIu5VEGQiyBIUdy5LDuZfEBQWj9KzA6Mv1PtRz3t4nqfq473slPjI6Mn6e2ZHaU0XWjW%2F%2BvKGioXJXXX1RjXwa%2F6l6oaKLzYvVQdlsv3XAr9V81%2BpviP5llmo%2B4HvB35QXVJWhmawMEWhkrvdoNb1a816LWg1MbD%2FnV3mwVEPon9KnoESk%2F9t3r8HxceIo%2B%2BuSLeVmuTVt6NM09RY9MXhzXgrNnmMaN6G1kMYH862YdyEkM%2FOwMSHMwUw%2Ff1SAZiaEO9hABYfzmiC9Q8eM2UaMgYTTyLvjyH1GIqOwc0tKPGAAFxgdQ1xdGfV2JxuP0ZpiU5I5dFfUPmEVH6%2FgDj6dlGrQfW60VmqTOwwCAuowRiqN0aSHSHd8aDyI%2FD0IyjxK1l4tII42l9z2kCJYqpeqTFUOIaWQ1DnISuP8pCFHrLEQyROqrTVDX2%2FHbKw0eg0OeeNBuetzkXREo1mJ%2FSR8ZLeEGkyBNdDcLuLxO5iSw1hsx%2FhNgs44cGlE%2BJd3UVfFMglQe4IckqQK4I8Jcj7xYHQru6KO0K7jAWzWp%2FVRjEyaW%2BPHpi0J2Oyl5ySp6e%2B%2FPncG9iSJ9VABJLTbpsFnNNmp9FoNtrMD%2Fx2p9sJRFvAqQLKnZlK3VETcuGJD5CoCTnz5VNg9AhOH4Gr86BZAJqP2nUfdHPU7PjYib%2BnVslQ0Tg1UdKoMW16LjFpjZsIwhRI0grSbW9Pn5Lnp6xerLwPyY8v%2F3zu9WT08By4LZDYAh%2Bqnwh6%2BvbomsnJ%2FjWTO3JvLUlVpHZo%2BZLXU5rKs1%2B%2FK7dzY8XyFTf86k1eAmV794Z06QqNhYp7jnyzqISQdslYLskPy25DsvXMbS5mNs6SlfW3lpajxErnlInHoOrB2t%2FgakIqLz07%2FaPnf%2FkDyo5hswJRdkxmAWWOwJNduGTO3hkCq%2Bc7LDmLPCtGts7ml1oRaDmfKSvg%2FjWzeb%2FnbqNnK6DpLcRRgb4t0NcFqB7CZedGaWKPL9%2F%2FvIwvwHRlxLSt7DNt9aeltVfLdHNq8oS88FsTTp1UZSv0Q%2BnXJQu7LGxTX3TDZpfRbiDbrEUDpG7CP%2Fl%2F%2Bx8AAAD%2F%2FwEAAP%2F%2FxobsEooEAAA%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229329,2229333,2229337,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be7783efe59ecc6d76ccaa89792902aa
Strict-Transport-Security: max-age=0; includeSubdomains
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BCuvBVfegFxkEQUEm3fOxM%2BOiwbhGgjHJfhH0Vl89KVPd1VR1T09yCi7IXoQ5eFAP0nkm2aAu4h4VBJkIsgTFncuSg%2FkTPCgsHqVnB6Iv9PvRzwv1PE%2FVR3vZKfGR0ZP1d82O0prOt2p%2B9aUNFQuTu%2Brq9Wrg1%2FxL1Q0VX2xeqg7KZPuvBn6r5r9cfVvyLTNf9wPfD%2FyguqSsDM1gfopCJXe6Qa3r15r1WtBqYmD%2FO7vMg6MeRP%2BUPA0lJv%2FfvHcXio8RR99elm4rNckrb0WZpqmx6IvDG%2FFWbPIY0VkbWg9hfDjbhnETQj6dg4kPZwpg%2BvulAjA1Id6DACw%2BnNEE6x88Yso0ZAwmnkDeH0PqMRQdg5ubUOI%2BAbjA6hri6PaqsTndfoTSEp2QysO%2FoPIJqfx%2BAXH0zaJWg%2Bo1o7NUmdhhEBZQgzFUb4wkO0K640HlR%2BDph1DiVzL%2FcAVxtL%2FmtIESxVS9UmOocAwth6DOQ1Z%2BykMWesgSD5E4qdJWN%2FT9dsjCRqPT5Jw3Gpy3OhdFSzSandBHxkt6Q6TJEFwPwe0uEruLLTWEzX6E2yzghAeXToh3ZRd9USCXBLkjyClBrgjylCDvFwdCu7orbgvtMhbMan1WG8XIpL09emDSnozJXnJKnpr68uezr2NLnlQDEUhOu20WcE6bnUaj2WgzP%2FDbnW4nEG0BpwooNzeVuqMm5MLj7yNREzL3xZNg9AhOH4Gr86BZAJqP2nUfdHPU7PjYib%2BnVslQ0Tg1UdKoMW16LjFpjZsIwhRI0grSbW9Pn5LnpqxeqNyA5McLP597LRk9OAduCyS2wAfqJ4KevjW6anKyf9XkjtxdS1IVqR1a3uS1lKbyf1%2B9I7dzY8XyZTf88g1eAmV757p06QqNhYp7jny9qISQdslYLskPy25DsvXMbS5mNs6SlfU3l5ajxErnlInHoOr%2B2t%2FgakIqLz4zfaPnf%2FkDyo5hswJRdkxmAWWOwJNduOR44bvPyvgczhBYfbbDkjnkWTGydXb2UysCLc9mygq4f83srN9zt9CzFdD0JuKoQN8W6OsCVA%2FhsnOjNLHHC%2FdmhzNdGTFtK%2FtMW%2F1Jae2Vqb9lem9Cnv%2BtCadOqrIV%2BqH065KFXRa2qS%2B6YbPLaDeQbdaiAVI34R8%2F1v4HAAD%2F%2FwEAAP%2F%2FG3zL8ooEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BCuvBVfegFxkEQUEm3fOxM%2BOiwbhGgjHJfhH0Vl89KVPd1VR1T09yCi7IXoQ5eFAP0nkm2aAu4h4VBJkIsgTFncuSg%2FkTPCgsHqVnB6Iv9PvRzwv1PE%2FVR3vZKfGR0ZP1d82O0prOt2p%2B9aUNFQuTu%2Brq9Wrg1%2FxL1Q0VX2xeqg7KZPuvBn6r5r9cfVvyLTNf9wPfD%2FyguqSsDM1gfopCJXe6Qa3r15r1WtBqYmD%2FO7vMg6MeRP%2BUPA0lJv%2FfvHcXio8RR99elm4rNckrb0WZpqmx6IvDG%2FFWbPIY0VkbWg9hfDjbhnETQj6dg4kPZwpg%2BvulAjA1Id6DACw%2BnNEE6x88Yso0ZAwmnkDeH0PqMRQdg5ubUOI%2BAbjA6hri6PaqsTndfoTSEp2QysO%2FoPIJqfx%2BAXH0zaJWg%2Bo1o7NUmdhhEBZQgzFUb4wkO0K640HlR%2BDph1DiVzL%2FcAVxtL%2FmtIESxVS9UmOocAwth6DOQ1Z%2BykMWesgSD5E4qdJWN%2FT9dsjCRqPT5Jw3Gpy3OhdFSzSandBHxkt6Q6TJEFwPwe0uEruLLTWEzX6E2yzghAeXToh3ZRd9USCXBLkjyClBrgjylCDvFwdCu7orbgvtMhbMan1WG8XIpL09emDSnozJXnJKnpr68uezr2NLnlQDEUhOu20WcE6bnUaj2WgzP%2FDbnW4nEG0BpwooNzeVuqMm5MLj7yNREzL3xZNg9AhOH4Gr86BZAJqP2nUfdHPU7PjYib%2BnVslQ0Tg1UdKoMW16LjFpjZsIwhRI0grSbW9Pn5LnpqxeqNyA5McLP597LRk9OAduCyS2wAfqJ4KevjW6anKyf9XkjtxdS1IVqR1a3uS1lKbyf1%2B9I7dzY8XyZTf88g1eAmV757p06QqNhYp7jny9qISQdslYLskPy25DsvXMbS5mNs6SlfU3l5ajxErnlInHoOr%2B2t%2FgakIqLz4zfaPnf%2FkDyo5hswJRdkxmAWWOwJNduOR44bvPyvgczhBYfbbDkjnkWTGydXb2UysCLc9mygq4f83srN9zt9CzFdD0JuKoQN8W6OsCVA%2FhsnOjNLHHC%2FdmhzNdGTFtK%2FtMW%2F1Jae2Vqb9lem9Cnv%2BtCadOqrIV%2BqH065KFXRa2qS%2B6YbPLaDeQbdaiAVI34R8%2F1v4HAAD%2F%2FwEAAP%2F%2FG3zL8ooEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BCuvBVfegFxkEQUEm3fOxM%2BOiwbhGgjHJfhH0Vl89KVPd1VR1T09yCi7IXoQ5eFAP0nkm2aAu4h4VBJkIsgTFncuSg%2FkTPCgsHqVnB6Iv9PvRzwv1PE%2FVR3vZKfGR0ZP1d82O0prOt2p%2B9aUNFQuTu%2Brq9Wrg1%2FxL1Q0VX2xeqg7KZPuvBn6r5r9cfVvyLTNf9wPfD%2FyguqSsDM1gfopCJXe6Qa3r15r1WtBqYmD%2FO7vMg6MeRP%2BUPA0lJv%2FfvHcXio8RR99elm4rNckrb0WZpqmx6IvDG%2FFWbPIY0VkbWg9hfDjbhnETQj6dg4kPZwpg%2BvulAjA1Id6DACw%2BnNEE6x88Yso0ZAwmnkDeH0PqMRQdg5ubUOI%2BAbjA6hri6PaqsTndfoTSEp2QysO%2FoPIJqfx%2BAXH0zaJWg%2Bo1o7NUmdhhEBZQgzFUb4wkO0K640HlR%2BDph1DiVzL%2FcAVxtL%2FmtIESxVS9UmOocAwth6DOQ1Z%2BykMWesgSD5E4qdJWN%2FT9dsjCRqPT5Jw3Gpy3OhdFSzSandBHxkt6Q6TJEFwPwe0uEruLLTWEzX6E2yzghAeXToh3ZRd9USCXBLkjyClBrgjylCDvFwdCu7orbgvtMhbMan1WG8XIpL09emDSnozJXnJKnpr68uezr2NLnlQDEUhOu20WcE6bnUaj2WgzP%2FDbnW4nEG0BpwooNzeVuqMm5MLj7yNREzL3xZNg9AhOH4Gr86BZAJqP2nUfdHPU7PjYib%2BnVslQ0Tg1UdKoMW16LjFpjZsIwhRI0grSbW9Pn5LnpqxeqNyA5McLP597LRk9OAduCyS2wAfqJ4KevjW6anKyf9XkjtxdS1IVqR1a3uS1lKbyf1%2B9I7dzY8XyZTf88g1eAmV757p06QqNhYp7jny9qISQdslYLskPy25DsvXMbS5mNs6SlfU3l5ajxErnlInHoOr%2B2t%2FgakIqLz4zfaPnf%2FkDyo5hswJRdkxmAWWOwJNduOR44bvPyvgczhBYfbbDkjnkWTGydXb2UysCLc9mygq4f83srN9zt9CzFdD0JuKoQN8W6OsCVA%2FhsnOjNLHHC%2FdmhzNdGTFtK%2FtMW%2F1Jae2Vqb9lem9Cnv%2BtCadOqrIV%2BqH065KFXRa2qS%2B6YbPLaDeQbdaiAVI34R8%2F1v4HAAD%2F%2FwEAAP%2F%2FG3zL8ooEAAA%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Cookie: u_pl=15865918; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec1d1eca97b1cca4833437b01078981d7d=[2229329,2229333,2229337,2019380]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81b18b4300826b66effff74bb207b066
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1d7ae9cb4d3ada56f3c875f55b37a3e1
296e23579403d85854df89b45e91dde802a91617
b86bdf54353e0459f9acb777656d5928b8d04aece9f060a8ecf4961548f7c490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1425
Cache-Control: max-age=143286
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 20:42:33 GMT
Etag: "638c8d5e-117"
Expires: Tue, 06 Dec 2022 12:30:39 GMT
Last-Modified: Sun, 04 Dec 2022 12:06:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
173.233.137.36200 OK 9.3 kB URL HTTP/1.1 vg4u8rvq65t6.com/1d1eca97b1cca4833437b01078981d7d/invoke.js
IP 173.233.137.36:0
File type Unicode text, UTF-8 text, with very long lines (25086), with no line terminators
Hash 6bfe1de0aa6e74f310cc786dd4f09da6
29295cadc732b6dac188e5595ebc3f7be2b8d8b2
cf88766d624846ebf8c0a8e9aeb1ef126c30c8295607e447cab49b723b167268
Analyzer Verdict Alert fortinet Malware
GET /1d1eca97b1cca4833437b01078981d7d/invoke.js HTTP/1.1
Host: vg4u8rvq65t6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f44a6326a1c1ce6197090903145fb75c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
use.fontawesome.com/releases/v5.8.2/css/all.css
172.64.132.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.2/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54998)
Hash 269465eb2aafdf0848c8d2413ee2100d
bbe0e0a5f4f2f1ed14dc06d64386d049c0afa4b1
d296feea2c0ef595cedcbb85c9c476fcfe76dcee4ff97d1165e65fde28856937
GET /releases/v5.8.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 20:42:33 GMT
content-type: text/css
x-amz-id-2: OUhyQEJ5B1WrzEMPio0YBW+W9rmluowRdghuyLYMb93aNEX7MTVeyHutEa9gf9HeYAtfbK02lqM=
x-amz-request-id: F0PQ58ST6Z2H1861
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 718247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgCfdeeMUiWoseL9%2BMkhKfL1inUITHwWA7zsQnFoF6kyAG%2BPFpLavhDamcCNXdLkeQ6FolcODIkDdF3eMnwGpQkdxG2PvKCjykESV8uuV4RYh%2BgKm%2FdEMYPdz6JzOJKvi7vcg6t%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77475e848fba7327-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjmullwasuen.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 288792
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjmullwasuen.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 350023
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.35200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjmullwasuen.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 350023
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0985bfae2e8165c55b7db5ac6524fb95
0f2a697fca76786ad13a0fe5fe8c40d0b6a053d8
9837a2c6f478422bea371ebb35061b71e7bd2c3589c31e2a52e73fcc992a4968
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9837A2C6F478422BEA371EBB35061B71E7BD2C3589C31E2A52E73FCC992A4968"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5607
Expires: Sun, 04 Dec 2022 22:16:00 GMT
Date: Sun, 04 Dec 2022 20:42:33 GMT
Connection: keep-alive
volunteerboutique.com/pixel/nvwbdp?key=1d1eca97b1cca4833437b01078981d7d
173.233.137.36200 OK 0 B URL HTTP/1.1 volunteerboutique.com/pixel/nvwbdp?key=1d1eca97b1cca4833437b01078981d7d
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/nvwbdp?key=1d1eca97b1cca4833437b01078981d7d HTTP/1.1
Host: volunteerboutique.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 20:42:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js
IP 142.250.74.174:0
GET /s/player/dab28f34/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/4sj8plBAm-Q
Cookie: YSC=C3Vx9xejCCQ; VISITOR_INFO1_LIVE=FVqX1e0fm1g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 593839
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:09:00 GMT
expires: Fri, 01 Dec 2023 16:09:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 275611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.pinimg.com/originals/b6/ff/19/b6ff196386af31a1ff8308bcdba081b8.jpg
104.84.152.162200 OK 0 B URL HTTP/2 i.pinimg.com/originals/b6/ff/19/b6ff196386af31a1ff8308bcdba081b8.jpg
IP 104.84.152.162:0
ASN #20940 Akamai International B.V.
GET /originals/b6/ff/19/b6ff196386af31a1ff8308bcdba081b8.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bjmullwasuen.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "ceecb1cd7947fbe32422adb0039f3e52"
accept-ranges: bytes
content-type: image/jpeg
content-length: 70515
akamai-grn: 0.9e985468.1670186552.2c5b40ef
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
i.pinimg.com/originals/99/8b/4d/998b4debef61086239afff8393938319.jpg
104.84.152.162200 OK 0 B URL HTTP/2 i.pinimg.com/originals/99/8b/4d/998b4debef61086239afff8393938319.jpg
IP 104.84.152.162:0
ASN #20940 Akamai International B.V.
GET /originals/99/8b/4d/998b4debef61086239afff8393938319.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bjmullwasuen.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "b2424b820f7dd57a7eabb3e4db7532cd"
accept-ranges: bytes
content-type: image/jpeg
content-length: 85557
x-edgeconnect-midmile-rtt: 52
x-edgeconnect-origin-mex-latency: 79
akamai-grn: 0.9e985468.1670186552.2c5b40fe
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
i0.wp.com/i0.wp.com/2.bp.blogspot.com/_sQJTByo1DYQ/St3GCf9ZcpI/AAAAAAAAAcI/jHXdteyuKy4/w1200-h630-p-k-no-nu/dinheiro-falso.jpg
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/i0.wp.com/2.bp.blogspot.com/_sQJTByo1DYQ/St3GCf9ZcpI/AAAAAAAAAcI/jHXdteyuKy4/w1200-h630-p-k-no-nu/dinheiro-falso.jpg
IP 192.0.77.2:0
GET /i0.wp.com/2.bp.blogspot.com/_sQJTByo1DYQ/St3GCf9ZcpI/AAAAAAAAAcI/jHXdteyuKy4/w1200-h630-p-k-no-nu/dinheiro-falso.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjmullwasuen.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 20:42:30 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 6
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 523955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/www-player.css
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/dab28f34/www-player.css
IP 142.250.74.174:0
GET /s/player/dab28f34/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/4sj8plBAm-Q
Cookie: YSC=C3Vx9xejCCQ; VISITOR_INFO1_LIVE=FVqX1e0fm1g
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49849
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/css
age: 276077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2