r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7989fc4a69327c765a7e4e68f46c169b
1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b
b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12524
Expires: Thu, 09 Mar 2023 10:51:32 GMT
Date: Thu, 09 Mar 2023 07:22:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4616
Expires: Thu, 09 Mar 2023 08:39:44 GMT
Date: Thu, 09 Mar 2023 07:22:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Mar 2023 07:13:42 GMT
content-type: application/json
age: 546
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8901ec6f89f9452d6335be4dd3c3821
aca9da9cfc93413247952e224ac69d684f51d3ac
560f8228fedc912e05b84af1d19fcefca3fec82415180df5d18c5b2a3f533a68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560F8228FEDC912E05B84AF1D19FCEFCA3FEC82415180DF5D18C5B2A3F533A68"
Last-Modified: Tue, 07 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5929
Expires: Thu, 09 Mar 2023 09:01:37 GMT
Date: Thu, 09 Mar 2023 07:22:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: REyhRckhle/3cBMvtpFhWVdg0fbBggrFlgyY0YKAGnCQ4juoYToMgH1JN5GtI9nAk30/QShHoSE=
x-amz-request-id: TX4HQHMNX5TW1YJ8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Mar 2023 07:18:19 GMT
age: 269
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 07:22:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Last-Modified, Retry-After, Expires, Pragma, Content-Length, Cache-Control, Alert, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Mar 2023 07:03:42 GMT
age: 1146
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
crochemaravilhadearte.blogspot.com/2013/
172.217.21.161200 OK 12 kB URL HTTP/1.1 crochemaravilhadearte.blogspot.com/2013/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1569)
Hash 54feae7ff3cfcb298b4d4ed74eaa7b16
6228da79c56de744daa4aa7567cdad7059dda5fe
ad91f6716fb331d75dace13863ef006fee1abd8f2237eb15989bf175fd489a5b
Analyzer Verdict Alert fortinet Malware
GET /2013/ HTTP/1.1
Host: crochemaravilhadearte.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 09 Mar 2023 07:22:48 GMT
Date: Thu, 09 Mar 2023 07:22:48 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 22 Nov 2022 15:13:13 GMT
ETag: W/"248a380370f4433607d4b866380743381df3cdaba7f8a5afd78096d983c468af"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 12014
Server: GSE
crochemaravilhadearte.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 crochemaravilhadearte.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: crochemaravilhadearte.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/2013/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 09 Mar 2023 07:22:48 GMT
Expires: Thu, 16 Mar 2023 07:22:48 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 08 Mar 2023 23:14:17 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e40f37168f4abba1e0efa6ca4de1e709
731d36cf841f1b889d9dca71abf406a186325aed
a9d8a1030ec5e70745f085f90e35a4b8832956ff20bd6719f3dbe6dd7291fc05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9D8A1030EC5E70745F085F90E35A4B8832956FF20BD6719F3DBE6DD7291FC05"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6216
Expires: Thu, 09 Mar 2023 09:06:24 GMT
Date: Thu, 09 Mar 2023 07:22:48 GMT
Connection: keep-alive
blogutils.net/olct/online.php?site=crochemaravilhadearte.blo&interval=600
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 blogutils.net/olct/online.php?site=crochemaravilhadearte.blo&interval=600
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /olct/online.php?site=crochemaravilhadearte.blo&interval=600 HTTP/1.1
Host: blogutils.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Mar 2023 07:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Mar 2023 08:22:48 GMT
Location: https://blogutils.net/olct/online.php?site=crochemaravilhadearte.blo&interval=600
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC%2BUd7ozWJQ7gsF%2FBahW4lCtvBOWOlF3t9lReEqN0zhMtfLOamUYyUs1qE7GGL%2BkaiJtibahEPfdL4cxgCIbsl%2B9Sty733GBbTc9WSMDHmvw5cIRZHONGEZGy2%2BHiLRf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5191a68b56b4fa-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc863d188541acc9ef6bbafd9a289574
e2ddcd5715734eb3fa24a7b7713c72215087e9f0
ff0a0e3c2021fcdf4fa3db8ec969ef99389dab55228d4d4a1bf606acf86837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f5e546ff57fa4b0d67bf1f80db754ee
13fa98f1cf5d76cd41ed9ea49935497045e1d879
ac2ff8e83b9a658006bf8b43f4b2c4174a6cdb9083f41ef8a7635b851d46caaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc863d188541acc9ef6bbafd9a289574
e2ddcd5715734eb3fa24a7b7713c72215087e9f0
ff0a0e3c2021fcdf4fa3db8ec969ef99389dab55228d4d4a1bf606acf86837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc863d188541acc9ef6bbafd9a289574
e2ddcd5715734eb3fa24a7b7713c72215087e9f0
ff0a0e3c2021fcdf4fa3db8ec969ef99389dab55228d4d4a1bf606acf86837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Mar 2023 14:09:23 GMT
expires: Sat, 02 Mar 2024 14:09:23 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 03 Mar 2023 13:53:23 GMT
content-type: text/css
vary: Accept-Encoding
age: 494005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
216.58.207.238200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (1429)
Hash 2e9e150d66328b6b6a88e285fc282762
22b038643bd45f842349cc7a4a7075cc0f074725
30d9bc41eb379b7b441031e0df6d0742df42ca92be34697f729b8eca83dc9d54
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21022
date: Thu, 09 Mar 2023 07:22:48 GMT
expires: Thu, 09 Mar 2023 07:22:48 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5ebb85d0c8d0a403"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/229057146-widgets.js
142.250.74.41200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/229057146-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 9db6609bc210fd386326b4a48dc8610b
d77ff3643f87bc9f979d18e1fa16fb879cf22877
baf8607ece3c676bdbdd5f07fe6f23deadc92dcf1827f2284be8d6d1c51101b5
GET /static/v1/widgets/229057146-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56899
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Mar 2023 02:06:40 GMT
expires: Thu, 07 Mar 2024 02:06:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Mar 2023 10:54:37 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 105368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.41200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 19:58:21 GMT
expires: Thu, 09 Mar 2023 19:58:21 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 Mar 2023 20:55:42 GMT
content-type: image/gif
age: 559467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_email.gif
142.250.74.41200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Mar 2023 07:12:24 GMT
expires: Fri, 10 Mar 2023 07:12:24 GMT
cache-control: public, max-age=604800
last-modified: Thu, 02 Mar 2023 23:54:20 GMT
content-type: image/gif
age: 519024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=pt&w=160&h=60&title=&border=&output=js
142.250.74.33404 Not Found 117 B URL HTTP/1.1 www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=pt&w=160&h=60&title=&border=&output=js
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 50e010e6df7baa397fb4070b6553cff8
fe7f8b322f493e27d54136a1d3d562d8c2afbab7
e69da6f4387d34867cfdf001ad4ede46f8e78ddd3d4cceb1535b7cf6f3c84932
GET /ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=pt&w=160&h=60&title=&border=&output=js HTTP/1.1
Host: www.gmodules.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 09 Mar 2023 07:22:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 117
Server: GSE
1.bp.blogspot.com/_ROcpGoohzN8/TSNm2W6imhI/AAAAAAAABFM/2qnEwO-O0Ls/S220-s80/sh.jpg
142.250.74.129200 OK 2.2 kB URL HTTP/1.1 1.bp.blogspot.com/_ROcpGoohzN8/TSNm2W6imhI/AAAAAAAABFM/2qnEwO-O0Ls/S220-s80/sh.jpg
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x80, components 3\012- data
Hash 2142ae0e132e8c819fc79eb147460f8a
aef4567a5ec68616917500e87c14fafd9e059a48
6c9c3916298762be0cfac2a4440b5dbc51cdd21a4d3d4d29905f897aa6c2d1ed
GET /_ROcpGoohzN8/TSNm2W6imhI/AAAAAAAABFM/2qnEwO-O0Ls/S220-s80/sh.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v453"
Expires: Fri, 10 Mar 2023 07:22:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sh.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 09 Mar 2023 07:22:48 GMT
Server: fife
Content-Length: 2214
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc863d188541acc9ef6bbafd9a289574
e2ddcd5715734eb3fa24a7b7713c72215087e9f0
ff0a0e3c2021fcdf4fa3db8ec969ef99389dab55228d4d4a1bf606acf86837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogutils.net/olct/online.php?site=crochemaravilhadearte.blo&interval=600
188.114.96.1200 OK 731 B URL HTTP/2 blogutils.net/olct/online.php?site=crochemaravilhadearte.blo&interval=600
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (646)
Hash 79a4e5772231a86c0e3649a5b801f47b
8ce58ba27496d9bded4e7bb2606e8d8d150ff336
95ac6b7f4c5fa84f7b09b4b25d767c4ac39c5437cf20eb6e36f15f0826027fb7
GET /olct/online.php?site=crochemaravilhadearte.blo&interval=600 HTTP/1.1
Host: blogutils.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://crochemaravilhadearte.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 07:22:48 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1Lrhtf4IB6MaE7dlwXITujvJysGEKo%2FK023aRDsmptDsldmScLFU9kHFQrbpaUJj1sDo2sThu8mV%2B0%2BdBqBk3EAERpM5WfPHf3PZ8j%2BQoFxJQJyEfLqhZXa%2BgQxHsrw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a5191a6fd821c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs
216.58.207.238200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs
IP 216.58.207.238:0
File type ASCII text, with very long lines (1445)
Hash e8ba0e75a21e8131676aeabb448ab32b
a4e9c288bfe50835fd9354b40c6ef670b88a0a13
696d24c2350d7d8ca017aa7d070a0470afd2b9959c46c9f4e6a1d762aaf92706
GET /_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 61020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Mar 2023 12:49:19 GMT
expires: Wed, 06 Mar 2024 12:49:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 153209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 08 Mar 2023 11:40:45 GMT
Expires: Wed, 22 Mar 2023 11:40:45 GMT
Cache-Control: public, max-age=1209600
Age: 70923
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=pt&w=160&h=60&title=&border=&output=js
142.250.74.33404 Not Found 117 B URL HTTP/1.1 www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=pt&w=160&h=60&title=&border=&output=js
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 50e010e6df7baa397fb4070b6553cff8
fe7f8b322f493e27d54136a1d3d562d8c2afbab7
e69da6f4387d34867cfdf001ad4ede46f8e78ddd3d4cceb1535b7cf6f3c84932
GET /ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=pt&w=160&h=60&title=&border=&output=js HTTP/1.1
Host: www.gmodules.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 09 Mar 2023 07:22:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 117
Server: GSE
www.blogger.com/img/logo-16.png
142.250.74.41200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 142.250.74.41:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Mar 2023 01:33:53 GMT
Expires: Fri, 10 Mar 2023 01:33:53 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 02 Mar 2023 22:52:33 GMT
Content-Type: image/png
Age: 539335
push.services.mozilla.com/
34.214.49.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.49.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gfEnbTBjjBLHjoU/BEWjhg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YCEM7hV06/10kxY04c3+t0nRj3o=
1.bp.blogspot.com/-W8GUbOtKb-Q/UoJfq92QS_I/AAAAAAAACBI/2d0fh5fy3pc/s320/sorteio+2.jpg
142.250.74.129200 OK 26 kB URL HTTP/1.1 1.bp.blogspot.com/-W8GUbOtKb-Q/UoJfq92QS_I/AAAAAAAACBI/2d0fh5fy3pc/s320/sorteio+2.jpg
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x320, components 3\012- data
Hash a97b293b07ffff90ed294429b3ea493e
c6a96645cb58d87ef43ab75161a8b5115a4b20f2
4b1f19d1714ce587bddd64b08bec987c10ab3d16674f030c09bf50868fee884f
GET /-W8GUbOtKb-Q/UoJfq92QS_I/AAAAAAAACBI/2d0fh5fy3pc/s320/sorteio+2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v836"
Expires: Fri, 10 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sorteio 2.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 09 Mar 2023 07:22:49 GMT
Server: fife
Content-Length: 26517
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdf7bce34fa8c0b45a95d5386895c2db
d09fbc571a80fc50474c18a6214843a22bf64607
10fd371cb7cdf0f5dbb31ac0f564d3c9307cbadf9c6811864e7169977bf4733c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-z7N_zcoBGKA/UknRVuYhveI/AAAAAAAAB-M/MXkWhp0LeKE/s1600/sorteio.jpg
142.250.74.129200 OK 28 kB URL HTTP/1.1 3.bp.blogspot.com/-z7N_zcoBGKA/UknRVuYhveI/AAAAAAAAB-M/MXkWhp0LeKE/s1600/sorteio.jpg
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 310x306, components 3\012- data
Hash 12ce0cb8def998ac488f8fbe73cc0424
02802950ca700aef5d9d665f57fbd959da3b32ba
7809f917e4789beffb0e8767444cbdaa39b172d47bb4a7d2256d5e783dc8e18e
GET /-z7N_zcoBGKA/UknRVuYhveI/AAAAAAAAB-M/MXkWhp0LeKE/s1600/sorteio.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v7e4"
Expires: Fri, 10 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sorteio.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 09 Mar 2023 07:22:49 GMT
Server: fife
Content-Length: 28291
X-XSS-Protection: 0
1.bp.blogspot.com/-jyUKBEeCvK4/UoJe5Kpf9oI/AAAAAAAACBA/EUql33C4g5w/s320/sorteio.jpg
142.250.74.129200 OK 37 kB URL HTTP/1.1 1.bp.blogspot.com/-jyUKBEeCvK4/UoJe5Kpf9oI/AAAAAAAACBA/EUql33C4g5w/s320/sorteio.jpg
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 320x216, components 3\012- data
Hash fcb681e2dbc1f1210e02b445b2d057f9
77ca7af420d4d382ab2851cedb7645789ba33670
f68b17da85147d1adc75c5ea67458cb0f408b352cc4590d374a080a80d7ccef1
GET /-jyUKBEeCvK4/UoJe5Kpf9oI/AAAAAAAACBA/EUql33C4g5w/s320/sorteio.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v811"
Expires: Fri, 10 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sorteio.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 09 Mar 2023 07:22:49 GMT
Server: fife
Content-Length: 36865
X-XSS-Protection: 0
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D4686076466628068962%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDU1NjYiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByM0NDU1NjZCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://crochemaravilhadearte.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D4686076466628068962%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDU1NjYiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByM0NDU1NjZCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://crochemaravilhadearte.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 473 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D4686076466628068962%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDU1NjYiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByM0NDU1NjZCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://crochemaravilhadearte.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D4686076466628068962%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDU1NjYiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByM0NDU1NjZCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://crochemaravilhadearte.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (513)
Hash 788d354fcb2ccab855c3471ef9a521d6
6cff814c7743ca823df0ecf2b28514273e6981ff
f74154de9178e8277907f4fe3e2d5ad210fa875857c35bbb92dcabd1d623f462
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D4686076466628068962%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDU1NjYiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByM0NDU1NjZCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://crochemaravilhadearte.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D4686076466628068962%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDU1NjYiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByM0NDU1NjZCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://crochemaravilhadearte.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://crochemaravilhadearte.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Mar 2023 07:22:49 GMT
location: https://www.blogger.com/followers.g?blogID=4686076466628068962&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDU1NjYiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByM0NDU1NjZCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fcrochemaravilhadearte.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oupypiulh58.O%2Fd%3D1%2Frs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Bhz9YualYbAAmMDmMhVdlQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 473
server: GSE
set-cookie: __Host-GAPS=1:F-0jKH7azq5O9fUmpjyzBy7lzi3pGw:xuWxDnVEI-IzPKHK;Path=/;Expires=Sat, 08-Mar-2025 07:22:49 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-oiiYKHshsaI/TuZCd53Ue9I/AAAAAAAAB2s/f7WTPP-kFyM/s1600/8.jpg
142.250.74.129200 OK 64 kB URL HTTP/1.1 4.bp.blogspot.com/-oiiYKHshsaI/TuZCd53Ue9I/AAAAAAAAB2s/f7WTPP-kFyM/s1600/8.jpg
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 477x602, components 3\012- data
Hash 59bb29b7a37b8a2a41dd917dd581de36
24343f8720189fadd9c82374c6d68cb7cda9d8d2
8252a9a597573b0619cb52bcc1e3ca59ee2d435008373ac20cba5fa431659c2e
GET /-oiiYKHshsaI/TuZCd53Ue9I/AAAAAAAAB2s/f7WTPP-kFyM/s1600/8.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v76b"
Expires: Fri, 10 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="8.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 09 Mar 2023 07:22:49 GMT
Server: fife
Content-Length: 64124
X-XSS-Protection: 0
images.paraorkut.com/img/katrix/maozinha.gif
103.224.182.251200 OK 0 B URL HTTP/1.1 images.paraorkut.com/img/katrix/maozinha.gif
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/katrix/maozinha.gif HTTP/1.1
Host: images.paraorkut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
date: Thu, 09 Mar 2023 07:22:49 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1678346569.8564469; expires=Sun, 06-Mar-2033 07:22:49 GMT; Max-Age=315360000
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
www.blogger.com/buttons/blogger-simple-blue.gif
142.250.74.41200 OK 818 B URL HTTP/2 www.blogger.com/buttons/blogger-simple-blue.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 88 x 30\012- data
Hash b6ee5d33497f4073a751d13982a6d54a
8f01829147ccb51d823600b4142ad6fa73a26546
22d34ce7d322f7c41361980afbec745334fe2dc0366b6fdf861ff49ac2f05117
GET /buttons/blogger-simple-blue.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Mar 2024 07:22:49 GMT
date: Thu, 09 Mar 2023 07:22:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Mar 2023 07:48:04 GMT
content-type: image/gif
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 818
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=4686076466628068962&zx=939da6dd-0aa7-44c9-8027-d1fe4bcb6048
142.250.74.41200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=4686076466628068962&zx=939da6dd-0aa7-44c9-8027-d1fe4bcb6048
IP 142.250.74.41:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=4686076466628068962&zx=939da6dd-0aa7-44c9-8027-d1fe4bcb6048 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Mar 2023 07:22:49 GMT
last-modified: Thu, 09 Mar 2023 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
images.paraorkut.com/img/katrix1/adorosua_797333848_7017.gif
103.224.182.251200 OK 0 B URL HTTP/1.1 images.paraorkut.com/img/katrix1/adorosua_797333848_7017.gif
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/katrix1/adorosua_797333848_7017.gif HTTP/1.1
Host: images.paraorkut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 200 OK
date: Thu, 09 Mar 2023 07:22:49 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1678346569.5685201; expires=Sun, 06-Mar-2033 07:22:49 GMT; Max-Age=315360000
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a2b94ee282f02783c1d367bbf5c951d
641d991f77a9039c1602bcb27025fdc1e11aaa76
091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a2b94ee282f02783c1d367bbf5c951d
641d991f77a9039c1602bcb27025fdc1e11aaa76
091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a/default-user=s45-c
142.250.74.97200 OK 316 B URL HTTP/2 lh3.googleusercontent.com/a/default-user=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
GET /a/default-user=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 316
x-xss-protection: 0
date: Thu, 09 Mar 2023 06:27:40 GMT
expires: Wed, 01 Mar 2023 06:24:33 GMT
cache-control: public, max-age=86400, no-transform
age: 3309
etag: "v0"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5Tadht3dNgllAbt8hcJo7lBRzKuFn3DM80kFqbi1g=s45-c
142.250.74.97200 OK 1.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5Tadht3dNgllAbt8hcJo7lBRzKuFn3DM80kFqbi1g=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 76b9d797d1afecd10bf9b3203a4dfff5
2eba7ad62e21c450413ddf7a01ebc084747fa187
3ac2bb9d349d4be3da28fd2be2b5ee2f5151902b94e35d5d85864989ea15cd95
GET /a-/ACB-R5Tadht3dNgllAbt8hcJo7lBRzKuFn3DM80kFqbi1g=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1613
x-xss-protection: 0
date: Thu, 09 Mar 2023 06:02:49 GMT
expires: Sun, 05 Mar 2023 21:19:58 GMT
cache-control: public, max-age=86400, no-transform
age: 4800
etag: "v2b4"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a2b94ee282f02783c1d367bbf5c951d
641d991f77a9039c1602bcb27025fdc1e11aaa76
091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a2b94ee282f02783c1d367bbf5c951d
641d991f77a9039c1602bcb27025fdc1e11aaa76
091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a2b94ee282f02783c1d367bbf5c951d
641d991f77a9039c1602bcb27025fdc1e11aaa76
091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/ACB-R5TbXh2OTw75qH0SdqspMN0esYNckQp-fEbqGYPJjTc=s45-c
142.250.74.97200 OK 1.7 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5TbXh2OTw75qH0SdqspMN0esYNckQp-fEbqGYPJjTc=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash a3763037efd1c4b8e4385c7878731ad6
561e3c3f0a90c5169c851e21a35f45d899d76794
70f62b4889a02d62d3c3b15f226aa07fa9de2a9b7feec33d6502523b52f3fd23
GET /a-/ACB-R5TbXh2OTw75qH0SdqspMN0esYNckQp-fEbqGYPJjTc=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "va12d"
expires: Fri, 10 Mar 2023 07:22:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:49 GMT
server: fife
content-length: 1670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5S1XygUYsHlftGye4p0PYwanxI8oERc39x5Fsc1TA=s45-c
142.250.74.97200 OK 3.4 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5S1XygUYsHlftGye4p0PYwanxI8oERc39x5Fsc1TA=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 370ca9b25346d8b357763bb78073b67c
bfbf2ce411ec31e65a0d955243cd5ddcc94d892d
bbbe8fe2d060885bcb732991cb23820503a9b3a4eea846b842c63a45827818c6
GET /a-/ACB-R5S1XygUYsHlftGye4p0PYwanxI8oERc39x5Fsc1TA=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3356
x-xss-protection: 0
date: Thu, 09 Mar 2023 06:25:54 GMT
expires: Thu, 23 Feb 2023 01:24:07 GMT
cache-control: public, max-age=86400, no-transform
age: 3415
etag: "v1e3"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5R7Qtn68u9845CJbxlnE_SFJntkI8GL-g8lzPQjzeg=s45-c
142.250.74.97200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5R7Qtn68u9845CJbxlnE_SFJntkI8GL-g8lzPQjzeg=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 213f3d302f49c3bf20b5796bbd338125
b480f82682ac2b48e34c9d8a46de631015d2c647
0438a90af9c538bd7ccb4071518b07169978506f481d11cd1df65a4dcc90d162
GET /a-/ACB-R5R7Qtn68u9845CJbxlnE_SFJntkI8GL-g8lzPQjzeg=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1947
x-xss-protection: 0
date: Thu, 09 Mar 2023 07:22:49 GMT
expires: Thu, 02 Mar 2023 14:16:29 GMT
cache-control: public, max-age=86400, no-transform
etag: "v61b7"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a2b94ee282f02783c1d367bbf5c951d
641d991f77a9039c1602bcb27025fdc1e11aaa76
091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 07:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/ACB-R5S8LeR4HZkXpEhYj7l5EjOavCfac5bggYJKD1DxeeQ=s45-c
142.250.74.97200 OK 2.4 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5S8LeR4HZkXpEhYj7l5EjOavCfac5bggYJKD1DxeeQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 21a6637258dd54bb5e54e221e651e6ff
21bdd7dd1f8b0095e6772aac1c8b54340822c533
3e8e48ecb0be41590e194b7926fec243fc5b73a5a306029ac1dd3326a62376ca
GET /a-/ACB-R5S8LeR4HZkXpEhYj7l5EjOavCfac5bggYJKD1DxeeQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v70e8"
expires: Fri, 10 Mar 2023 07:22:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:49 GMT
server: fife
content-length: 2442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5RWYwi09nxcblgmUdmUEDwgkBs9Qk6QmREfVdVJuQ=s45-c
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5RWYwi09nxcblgmUdmUEDwgkBs9Qk6QmREfVdVJuQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google, copyright=COPYRIGHT, 2011], baseline, precision 8, 45x45, components 3\012- data
Hash 8753c3e0cc76ab95b3c58da7d08a7a82
581cfbe28d45a2365f77e139f2420c69d0793dc1
501abd24fea4f6f1dc5a62603887bb613e107910cf287705ba514c02691b2576
GET /a-/ACB-R5RWYwi09nxcblgmUdmUEDwgkBs9Qk6QmREfVdVJuQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vcc"
expires: Fri, 10 Mar 2023 07:22:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:50 GMT
server: fife
content-length: 2204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5RZyGcdRXFkq3HbW1hC6HyP08uRb2uRcq5tKhUFWQ=s45-c
142.250.74.97200 OK 2.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5RZyGcdRXFkq3HbW1hC6HyP08uRb2uRcq5tKhUFWQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 59d49e4cb5e7ce622a68785c1866ca53
0f57a1ea8b50967deb8475e01eda5ff94379a8eb
a0c4ffeb3daeceb34fbb53ee3ee4239b99bb2522ca737942e60c42f99cee8736
GET /a-/ACB-R5RZyGcdRXFkq3HbW1hC6HyP08uRb2uRcq5tKhUFWQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v81"
expires: Fri, 10 Mar 2023 07:22:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:50 GMT
server: fife
content-length: 2615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5QlJBQGNUzUaTnbEZ2XePTuOGvYTHF4vRHO8n49KQ=s45-c
142.250.74.97200 OK 1.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5QlJBQGNUzUaTnbEZ2XePTuOGvYTHF4vRHO8n49KQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash f2bfbd28a3cabbae9945d5f3dbbf733d
a87d113674de301b3d44815cc73c480e5c5c6279
52aed094cc3acac576b4fee1184576e5ad3a2502b014a047a97b1d61c7627f52
GET /a-/ACB-R5QlJBQGNUzUaTnbEZ2XePTuOGvYTHF4vRHO8n49KQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v10b8"
expires: Fri, 10 Mar 2023 07:22:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:50 GMT
server: fife
content-length: 1584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5T-va_L2afXnFkITO3ZGsnw3hYp6qLFz7zKIlDG=s45-c
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5T-va_L2afXnFkITO3ZGsnw3hYp6qLFz7zKIlDG=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 4f934375f61ffa27a069c4d8f5500d10
8e23e417a259f8e6e90f34059df1f4e682e18262
d4946615427371299dde14cb0943c00b7ef163f4e0748e9fd5fdaab6ca502c59
GET /a-/ACB-R5T-va_L2afXnFkITO3ZGsnw3hYp6qLFz7zKIlDG=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v54"
expires: Fri, 10 Mar 2023 07:22:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:50 GMT
server: fife
content-length: 1492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5TQIVCPUsTnx1NA_Ew1i0iSQKJnMaeJufhqDvgqDA=s45-c
142.250.74.97200 OK 2.4 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5TQIVCPUsTnx1NA_Ew1i0iSQKJnMaeJufhqDvgqDA=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 082469e74fc8a11ab88edba64022f9dc
f1600e8e0c00a01e2cfc08b930df2ca9153105a4
da5d9b3596b0c08082f25407d3a9368f6136b786487884014b21fd4da3c9b0f2
GET /a-/ACB-R5TQIVCPUsTnx1NA_Ew1i0iSQKJnMaeJufhqDvgqDA=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb4"
expires: Fri, 10 Mar 2023 07:22:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:50 GMT
server: fife
content-length: 2400
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5953
Expires: Thu, 09 Mar 2023 09:02:03 GMT
Date: Thu, 09 Mar 2023 07:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5953
Expires: Thu, 09 Mar 2023 09:02:03 GMT
Date: Thu, 09 Mar 2023 07:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5953
Expires: Thu, 09 Mar 2023 09:02:03 GMT
Date: Thu, 09 Mar 2023 07:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5953
Expires: Thu, 09 Mar 2023 09:02:03 GMT
Date: Thu, 09 Mar 2023 07:22:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f251f5-acf0-4b4d-b332-663948096581.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f251f5-acf0-4b4d-b332-663948096581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bee21e24a8563f58779bdc1dd5f09d40
97f1a22ca2e5621bf4d6a6d5af5459f71aadfe09
681cf2c408b6de05f18388da19c691c5e4a28f5a82b04c0e788517b89906d89a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f251f5-acf0-4b4d-b332-663948096581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9137
x-amzn-requestid: 60310831-d0a3-45bd-ad95-e9d69a1d1655
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BS73FE2GIAMFb5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6404402d-688806cf010e1c6806a0972e;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 07:09:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: bdK7Q5qtex4DkacsjuTzb6WMnCPFZuwyk3OxxzS9Bf7uJzLL37f9UA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 11:19:42 GMT
age: 72188
etag: "97f1a22ca2e5621bf4d6a6d5af5459f71aadfe09"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95416040-f22d-4b55-8d14-dbdc51efbbc9.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95416040-f22d-4b55-8d14-dbdc51efbbc9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d6f469a5b447bf4ef84e2c4ce48ee69
1831c09061c7602753977468e4db6ded49664ead
a223dce82659d07359897cae17e7f836c10efaec5fbb72aebba4563fafbe6144
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95416040-f22d-4b55-8d14-dbdc51efbbc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9639
x-amzn-requestid: 3ba97053-0162-445a-b2e4-0ba87f23f917
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMVb6HYboAMF9fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64019c4b-498ace350d3d37d071a42b5c;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 07:05:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: E7w3PM-2SsD62u9imnPDUNK3WqEwOT5FDTFxrBdVjUMZdCE4STt4tw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 16:59:13 GMT
age: 51817
etag: "1831c09061c7602753977468e4db6ded49664ead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67e27efd23f4d42e2f93102e05955859
3ebc9abd817182d697acfd947000f106914b9098
5d1a4a50802f50798d120468ba28f157cbe1cf8547f66ac3d6b3a138c6d25a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14298
x-amzn-requestid: b11be846-5ff7-442c-a0e3-7876f696d1c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMVaDHsFoAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64019c40-6503274d0b174c1e0d7a8c6e;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 07:05:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HlfjvVuC_eLZJ_HYVKLxy_qwnFFQJkfVm3UKa8ajIUb6alnnZd1XqA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 16:59:13 GMT
age: 51817
etag: "3ebc9abd817182d697acfd947000f106914b9098"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd029abcba5db74cecb02bad1a036c43
bc714ee0389e279919dde08149be61c4dc9ab0a7
10ae90728b38f7aeba134961a7b80c68c213a09eeef618ef3d66f3305b19834e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4770
x-amzn-requestid: 963dae3d-8336-4a5b-8b25-c3617f946d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BUZkWFhLIAMF6FQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6404d61b-1b705b460f7539f97c3dd7e5;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 17:49:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: HM56vjzUqmaOjBHUlhgopx3n5qjLe3x6v-AleC5P9ZRCJt5ndUZSsw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 22:35:48 GMT
age: 31622
etag: "bc714ee0389e279919dde08149be61c4dc9ab0a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 636ad724875a1b8f978d351d851af52d
61075cafcbfe1c763ab0b1c79540d42e7ae63942
382228b2396099885438936cd087a9bfa2d272160475859123f8a7ec7f5f34c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7206
x-amzn-requestid: bc793a8e-f967-4a1b-81d2-be45c56bd93b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BPorOF-CIAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6402ee47-3e38c6af4234bd164a429258;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 07:07:51 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Xb2s4bB3o_N7MZTbTBeHvSP-1P_LdQiXcRKYiaZ-s9JAomhrUYyqUg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 20:05:39 GMT
age: 40631
etag: "61075cafcbfe1c763ab0b1c79540d42e7ae63942"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACB-R5QZOIgA7zw8lui2w3JMSgGv2y58-3i5uZQrqAwWSg=s45-c
142.250.74.97200 OK 2.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACB-R5QZOIgA7zw8lui2w3JMSgGv2y58-3i5uZQrqAwWSg=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 5a9174b9a1361bb3883208ddc7d38685
bd9dee3ce0f9e1ebfcdb0d495ddb6f964b380ed1
eeee8b684978705ceb1d0b7cf11b27926eecfd5efe9db3d6c74cd77dd8730a0c
GET /a-/ACB-R5QZOIgA7zw8lui2w3JMSgGv2y58-3i5uZQrqAwWSg=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5ec"
expires: Fri, 10 Mar 2023 07:22:50 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:22:50 GMT
server: fife
content-length: 2454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46cbec1f-fbf7-461c-90ac-cc819d929109.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46cbec1f-fbf7-461c-90ac-cc819d929109.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb83e8e17585c3bffd4f5cc805090e7d
40ccc2a777a89f6c33ec4daffcddd21299472971
40bbc718adc11a3a6d6238e3990c6684f3834296141e3163d8ffecea46852958
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46cbec1f-fbf7-461c-90ac-cc819d929109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4995
x-amzn-requestid: 045078d2-7791-47fe-9e00-229a03528d74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO1vG9HoAMFyxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591be-73e4a521649e1ef317078153;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: brMvT9KHh2evJnlbTW5Wokx79TkLtK1eZS0IEiD40L2iBIEQA2HL2w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 08:07:31 GMT
age: 83719
etag: "40ccc2a777a89f6c33ec4daffcddd21299472971"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.contagotas.com.br/contador.php?p=17804
186.202.153.12404 Not Found 1.2 kB URL HTTP/1.1 www.contagotas.com.br/contador.php?p=17804
IP 186.202.153.12:0
ASN #27715 Locaweb Servicos de Internet SA
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aea29059d0bb0192fb4077be2ac74684
ec9241edc0e89f25f8cf7cc094e3a625477b22f7
1fd2a861e2181df1329ac37aec8a2743a2d5552c0fdb5a14f2474ac4ecaaec81
Analyzer Verdict Alert fortinet Malware
GET /contador.php?p=17804 HTTP/1.1
Host: www.contagotas.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/
HTTP/1.1 404 Not Found
Date: Thu, 09 Mar 2023 07:22:50 GMT
Server: Apache
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Content-Type: text/html; charset=iso-8859-1
Content-Language: en
Cache-Control: No-Cache
Pragma: no-cache
X-Varnish: 19873550
Age: 0
Via: 1.1 varnish-v4
Content-Length: 1205
Connection: keep-alive
crochemaravilhadearte.blogspot.com/favicon.ico
172.217.21.161200 OK 412 B URL HTTP/1.1 crochemaravilhadearte.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: crochemaravilhadearte.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crochemaravilhadearte.blogspot.com/2013/
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Thu, 09 Mar 2023 07:22:50 GMT
Date: Thu, 09 Mar 2023 07:22:50 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 22 Nov 2022 15:13:13 GMT
ETag: W/"248a380370f4433607d4b866380743381df3cdaba7f8a5afd78096d983c468af"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE